Comment # 12 on bug 1214249 from Michael Matz

The patch is wrong.  The third argument to strlcpy is supposed to contain the
size
of the _destination_ buffer (pointer to that in first argument).  As such it
has
no inherent relations to the source string at all.  Clearly the author of that
code
wanted to prevent buffer overruns, otherwise he hadn't used strlcpy, so it's
better
to fix that for good.

You could for instance use this pattern to do the right thing:

char buf[MAXPATHLEN], *bufend = buf + MAXPATHLEN, *y = buf;
... stuff that manipulates y ...
strlcpy (y, input, bufend - y);