Resolve potential buffer overflow warning

Compiler warning generated because the value of the size argument in
'strncat' is too large.

Also, IF check was not accounting for DELIMTER size, which
could cause overflow.

Change-Id: Iee3724bb08d8254f7a99f84ec1571eeeb5974d22
Signed-off-by: Charlie Lenahan <charlie.lenahan@intel.com>
Reviewed-on: https://gerrit.iotivity.org/gerrit/678
Tested-by: jenkins-iotivity <jenkins-iotivity@opendaylight.org>
Reviewed-by: Mandeep Shetty <mandeep.shetty@intel.com>
Reviewed-by: Erich Keane <erich.keane@intel.com>

diff --git a/resource/csdk/stack/src/oicgroup.c b/resource/csdk/stack/src/oicgroup.c
index ae72f14..946b094 100644 (file)
--- a/resource/csdk/stack/src/oicgroup.c
+++ b/resource/csdk/stack/src/oicgroup.c
@@ -484,12 +484,12 @@ OCStackResult BuildStringFromActionSet(OCActionSet* actionset, char** desc)
 
     OCAction *action = actionset->head;
 
-    if (remaining >= strlen(actionset->actionsetName) + 1)
+    if (remaining >= strlen(actionset->actionsetName) + (sizeof(ACTION_DELIMITER)-1) )
     {
-        strncat(temp, actionset->actionsetName, sizeof(temp));
+        strncat(temp, actionset->actionsetName, remaining);
         remaining -= strlen(actionset->actionsetName);
         strcat(temp, ACTION_DELIMITER);
-        remaining--;
+        remaining -= (sizeof(ACTION_DELIMITER)-1);
     }
     else
     {