From 186ad1234b14e9e4a31a9c0f2c032ac92e3a46f1 Mon Sep 17 00:00:00 2001
From: William Wilgus <wilgus.william@gmail.com>
Date: Mon, 30 Dec 2024 19:16:46 -0500
Subject: [PATCH] [BugFix] pathfuncs.c path_append_ex basepath_max might cause
 buffer ovfl

strlcpy returns the length of the string that would have been copied
had there been sufficient space basepath_max might still be
larger than buf_size yet smaller than len
which would result in a null terminator being written past buf[buf_size-1]

Change-Id: I43e8ba9f72ea35bfe4f759ecd102c2e4bd26eb75
---
 firmware/common/pathfuncs.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/firmware/common/pathfuncs.c b/firmware/common/pathfuncs.c
index ba815e3307..b2aadfb5fe 100644
--- a/firmware/common/pathfuncs.c
+++ b/firmware/common/pathfuncs.c
@@ -570,7 +570,7 @@ size_t path_append_ex(char *buf, const char *basepath, size_t basepath_max,
         if (basepath_max < len) /*if needed truncate basepath to basepath_max */
         {
             len = basepath_max;
-            buf[basepath_max] = '\0';
+            buf[MIN(bufsize - 1, basepath_max)] = '\0';
         }
     }