From 5c4867198e8191ceedc7633fbdc020b9c0fd8782 Mon Sep 17 00:00:00 2001
From: Shahram Najm <masn@ecmwf.int>
Date: Fri, 3 Mar 2023 13:18:42 +0000
Subject: [PATCH] Mitigating strncpy truncation

---
 src/grib_accessor_class_codeflag.cc | 5 ++++-
 src/grib_context.cc                 | 1 +
 2 files changed, 5 insertions(+), 1 deletion(-)

diff --git a/src/grib_accessor_class_codeflag.cc b/src/grib_accessor_class_codeflag.cc
index f3ced0315..f0bf6c0c7 100644
--- a/src/grib_accessor_class_codeflag.cc
+++ b/src/grib_accessor_class_codeflag.cc
@@ -168,7 +168,10 @@ static int grib_get_codeflag(grib_accessor* a, long code, char* codename)
     int err  = 0;
 
     err = grib_recompose_name(grib_handle_of_accessor(a), NULL, self->tablename, fname, 1);
-    if (err) strncpy(fname, self->tablename, 1023);
+    if (err) {
+        strncpy(fname, self->tablename, sizeof(fname)-1);
+        fname[sizeof(fname)-1] = '\0';
+    }
 
     if ((filename = grib_context_full_defs_path(a->context, fname)) == NULL) {
         grib_context_log(a->context, GRIB_LOG_WARNING, "Cannot open flag table %s", filename);
diff --git a/src/grib_context.cc b/src/grib_context.cc
index c2c49aa92..e046428b4 100644
--- a/src/grib_context.cc
+++ b/src/grib_context.cc
@@ -643,6 +643,7 @@ static int init_definition_files_dir(grib_context* c)
 
     /* Note: strtok_r modifies its first argument so we copy */
     strncpy(path, c->grib_definition_files_path, ECC_PATH_MAXLEN-1);
+    path[ ECC_PATH_MAXLEN - 1 ] = '\0';
 
     GRIB_MUTEX_INIT_ONCE(&once, &init);
     GRIB_MUTEX_LOCK(&mutex_c);