The patch from SR#1109241 looks fine at a cursory look, it tracks the bytes left in the destination buffer for the second strlcpy call. (FWIW, the initial patch in SR#1104626 was the one that was wrong, but it's now lost in the mist of time :) ) So, I think it's all fine now, regarding this bug report here.