From a49f951c8607ba30b779e5f10a1f27d3f03450a7 Mon Sep 17 00:00:00 2001
From: YAMAMOTO Takashi <yamamoto@midokura.com>
Date: Thu, 28 May 2020 17:24:54 +0900
Subject: [PATCH] netlib_parsehttpurl: Fix pathlen check

---
 netutils/netlib/netlib_parsehttpurl.c | 15 +++++++++++++--
 1 file changed, 13 insertions(+), 2 deletions(-)

diff --git a/netutils/netlib/netlib_parsehttpurl.c b/netutils/netlib/netlib_parsehttpurl.c
index f3235decc..06039ac0c 100644
--- a/netutils/netlib/netlib_parsehttpurl.c
+++ b/netutils/netlib/netlib_parsehttpurl.c
@@ -68,6 +68,7 @@ int netlib_parsehttpurl(FAR const char *url, FAR uint16_t *port,
   FAR char *dest;
   int bytesleft;
   int ret = OK;
+  size_t pathlen;
 
   /* A valid HTTP URL must begin with http:// if it does not, we will assume
    * that it is a file name only, but still return an error.  wget() depends
@@ -154,7 +155,17 @@ int netlib_parsehttpurl(FAR const char *url, FAR uint16_t *port,
 
   /* The copy the rest of the file name to the user buffer */
 
-  strncpy(dest, src, bytesleft);
-  filename[namelen-1] = '\0';
+  pathlen = strlen(src);
+  if (bytesleft >= pathlen + 1)
+    {
+      memcpy(dest, src, pathlen);
+      dest[pathlen] = '\0';
+    }
+  else
+    {
+      dest[0] = '\0';
+      ret = -E2BIG;
+    }
+
   return ret;
 }