Fix off by one error in strtcpy.

The strtcpy function could overrun its output buffer.

diff --git a/src/util.c b/src/util.c
index b89a2b5b756f589634040455a351f6d8b221083d..bbef995ec1ca6b76d7ace189570b1293fafc4e65 100644 (file)
--- a/src/util.c
+++ b/src/util.c
@@ -262,7 +262,7 @@ char *
 strtcpy(char *dest, const char *src, size_t len)
 {
     char *d = dest;
-    while (len-- && *src != '\0')
+    while (--len && *src != '\0')
         *d++ = *src++;
     *d = '\0';
     return dest;