Be explicit about truncation to silence warning.

Newer GCCs do not like truncation and emit a warning.  We don't want to
disable truncation warnings (-Wnostringop-truncation), as in some cases
these warnings can point to a security flaw.

Using strcat instead of strncat is fine, since *both* equally overflow
the destination buffer if not used carefully.

See https://developers.redhat.com/blog/2018/05/24/detecting-string-truncation-with-gcc-8/

diff --git a/src/util/network.c b/src/util/network.c
index a100be37534b261a18a563119af8b7ab409422c1..c236292b74d4617930191ec8822a08b2649f72b3 100644 (file)
--- a/src/util/network.c
+++ b/src/util/network.c
@@ -141,7 +141,8 @@ GNUNET_NETWORK_shorten_unixpath (char *unixpath)
     *end = '\0';
   }
   GNUNET_CRYPTO_hash_to_enc (&sh, &ae);
-  strncat (unixpath, (char *) ae.encoding, 16);
+  ae.encoding[16] = '\0';
+  strcat (unixpath, (char *) ae.encoding);
   return unixpath;
 }