https://bugzilla.suse.com/show_bug.cgi?id=1214249 https://bugzilla.suse.com/show_bug.cgi?id=1214249#c12 Michael Matz <matz@suse.com> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |matz@suse.com --- Comment #12 from Michael Matz <matz@suse.com> --- The patch is wrong. The third argument to strlcpy is supposed to contain the size of the _destination_ buffer (pointer to that in first argument). As such it has no inherent relations to the source string at all. Clearly the author of that code wanted to prevent buffer overruns, otherwise he hadn't used strlcpy, so it's better to fix that for good. You could for instance use this pattern to do the right thing: char buf[MAXPATHLEN], *bufend = buf + MAXPATHLEN, *y = buf; ... stuff that manipulates y ... strlcpy (y, input, bufend - y); -- You are receiving this mail because: You are on the CC list for the bug.