From 534da43d0881c48d01ec1f49262867a00d86b9f5 Mon Sep 17 00:00:00 2001
From: Renaud Fivet <renaud.fivet@gmail.com>
Date: Tue, 6 Jan 2015 17:55:11 +0800
Subject: [PATCH] Insure strings created by &lef and &mid are properly
 terminated.

---
 eval.c | 25 ++++++++++++++++++++-----
 1 file changed, 20 insertions(+), 5 deletions(-)

diff --git a/eval.c b/eval.c
index 18d4f0d..0007a43 100644
--- a/eval.c
+++ b/eval.c
@@ -362,14 +362,29 @@ char *gtfun(char *fname)
 	case UFCAT:
 		strcpy(result, arg1);
 		return strcat(result, arg2);
-	case UFLEFT:
-		return strncpy(result, arg1, atoi(arg2));
+	case UFLEFT: {
+		int sz ;
+		
+		sz = atoi( arg2) ;
+		if( sz >= sizeof result)
+			sz = sizeof result - 1 ;
+		strncpy( result, arg1, sz) ;
+		result[ sz] = 0 ;
+		return result ;
+	}
 	case UFRIGHT:
 		return (strcpy(result,
 			       &arg1[(strlen(arg1) - atoi(arg2))]));
-	case UFMID:
-		return (strncpy(result, &arg1[atoi(arg2) - 1],
-				atoi(arg3)));
+	case UFMID: {
+		int sz ;
+		
+		sz = atoi( arg3) ;
+		if( sz >= sizeof result)
+			sz = sizeof result - 1 ;
+		strncpy( result, &arg1[ atoi( arg2) - 1], sz) ;
+		result[ sz] = 0 ;
+		return result ;
+	}
 	case UFNOT:
 		return ltos(stol(arg1) == FALSE);
 	case UFEQUAL: