From 2ac8b7eb5e1d39aa26af26dd6e864b51bf05390d Mon Sep 17 00:00:00 2001
From: Olaf Seibert <rhialto@falu.nl>
Date: Wed, 20 Jan 2021 20:40:12 +0100
Subject: [PATCH] Replace dodgy strncpy() with better range-checked variant.

---
 assemble.c | 10 ++++++++--
 1 file changed, 8 insertions(+), 2 deletions(-)

diff --git a/assemble.c b/assemble.c
index 25545b2..1b69dbb 100644
--- a/assemble.c
+++ b/assemble.c
@@ -616,8 +616,14 @@ static int assemble(
                                 macstr = new_buffer_stream(macbuf, label);
                                 buffer_free(macbuf);
                             } else {
-                                strncpy(macfile, label, sizeof(macfile));
-                                strncat(macfile, ".MAC", sizeof(macfile) - strlen(macfile) - 1);
+                                char *bufend = &macfile[sizeof(macfile)],
+                                     *end;
+                                end = stpncpy(macfile, label, sizeof(macfile) - 5);
+                                if (end >= bufend - 5) {
+                                    report(stack->top, ".MCALL: name too long: '%s'\n", label);
+                                    return 0;
+                                }
+                                stpncpy(end, ".MAC", bufend - end);
                                 my_searchenv(macfile, "MCALL", hitfile, sizeof(hitfile));
                                 if (hitfile[0])
                                     macstr = new_file_stream(hitfile);