[gssdp] gssdp-client: Fix potential strncpy() buffer overflow

[Philip Withnall <pwithnall src gnome org>]

commit 67769db4e4bfd8c834d377427139545dc5046fdd
Author: Philip Withnall <philip withnall collabora co uk>
Date:   Wed Apr 6 12:43:17 2016 +0100

    gssdp-client: Fix potential strncpy() buffer overflow
    
    strncpy() does not append a nul terminator if the input string is at
    least as long as the output buffer length — so you must always reserve
    space in the output buffer for a nul terminator. The req structure was
    previously memset() to zero, so a nul terminator is present in arp_dev
    already.
    
    Spotted by Coverity (CID: 143731).
    
    https://bugzilla.gnome.org/show_bug.cgi?id=764677

 libgssdp/gssdp-client.c |    2 +-
 1 files changed, 1 insertions(+), 1 deletions(-)
---
diff --git a/libgssdp/gssdp-client.c b/libgssdp/gssdp-client.c
index 16b9c94..3c1f677 100644
--- a/libgssdp/gssdp-client.c
+++ b/libgssdp/gssdp-client.c
@@ -1947,7 +1947,7 @@ arp_lookup (GSSDPClient *client, const char *ip_address)
 
         strncpy (req.arp_dev,
                  client->priv->device.iface_name,
-                 sizeof (req.arp_dev));
+                 sizeof (req.arp_dev) - 1 /* nul terminator */);
         socket = gssdp_socket_source_get_socket (client->priv->search_socket);
 
         if (ioctl (g_socket_get_fd (socket), SIOCGARP, (caddr_t) &req) < 0) {