diff --git a/src/util.c b/src/util.c
index ec497bea6768da6673eebe5d35c00b43e68e4012..45704e7c64ee0fe0e23f3de19b89fbe263c4b3d7 100644
--- a/src/util.c
+++ b/src/util.c
@@ -66,24 +66,40 @@ download_resp(FILE *out, struct gemini_response resp, const char *path,
char *url)
{
char path_buf[PATH_MAX];
+ int n = 0;
assert(path);
switch (path[0]) {
case '\0':
- strncpy(path_buf, "./", 3);
+ strcpy(path_buf, "./");
break;
- case '~':;
- int n = snprintf(path_buf, PATH_MAX, "%s/%s", getenv("HOME"), &path[1]);
- assert((size_t)n < PATH_MAX);
+ case '~':
+ n = snprintf(path_buf, PATH_MAX, "%s/%s", getenv("HOME"), &path[1]);
+ if (n > PATH_MAX) {
+ fprintf(stderr,
+ "Path %s exceeds limit of %d bytes and has been truncated\n",
+ path_buf, PATH_MAX);
+ return 1;
+ }
break;
default:
- strncpy(path_buf, path, PATH_MAX);
+ if (strlen(path) > PATH_MAX) {
+ fprintf(stderr, "Path %s exceeds limit of %d bytes\n",
+ path, PATH_MAX);
+ return 1;
+ }
+ strcpy(path_buf, path);
}
char path_res[PATH_MAX];
if (path_buf[strlen(path_buf)-1] == '/') {
- int n = snprintf(path_res, PATH_MAX, "%s%s", path_buf, basename(url));
- assert((size_t)n < PATH_MAX);
+ n = snprintf(path_res, PATH_MAX, "%s%s", path_buf, basename(url));
+ if (n > PATH_MAX) {
+ fprintf(stderr,
+ "Path %s exceeds limit of %d bytes and has been truncated\n",
+ path_res, PATH_MAX);
+ return 1;
+ }
} else {
- strncpy(path_res, path_buf, PATH_MAX);
+ strcpy(path_res, path_buf);
}
FILE *f = fopen(path_res, "w");
if (f == NULL) {