make sure we don't run over the end of 'name' in unix_convert()

Thanks to Andrew Bartlett for spotting this.
(This used to be commit b4c210ccb05e71a8ddf1c25d028452dd5cd93c72)

1 files changed, 6 insertions, 2 deletions

diff --git a/source3/lib/util_str.c b/source3/lib/util_str.c
index 3c34df6f33..17c7cc29fe 100644
--- a/source3/lib/util_str.c
+++ b/source3/lib/util_str.c
@@ -479,11 +479,15 @@ char *safe_strcat(char *dest, const char *src, size_t maxlength)
 	
 	src_len = strlen(src);
 	dest_len = strlen(dest);
-	
+
 	if (src_len + dest_len > maxlength) {
 		DEBUG(0,("ERROR: string overflow by %d in safe_strcat [%.50s]\n",
 			 (int)(src_len + dest_len - maxlength), src));
-		src_len = maxlength - dest_len;
+		if (maxlength > dest_len) {
+			memcpy(&dest[dest_len], src, maxlength - dest_len);
+		}
+		dest[maxlength] = 0;
+		return NULL;
 	}
 	
 	memcpy(&dest[dest_len], src, src_len);