From 3820ba88dc320f7504d1602952f0ae8b32fd6418 Mon Sep 17 00:00:00 2001
From: Thomas Kolb <thomas@tkolb.de>
Date: Sat, 17 Dec 2016 01:10:09 +0100
Subject: [PATCH] Fixed 1-byte overflow in safe_append

---
 src/util.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/src/util.c b/src/util.c
index 665eca5..6d0d65c 100644
--- a/src/util.c
+++ b/src/util.c
@@ -66,10 +66,10 @@ void urlencode(const char *str, char *result) {
 char* safe_append(char *target, size_t *targetsize, const char *src) {
   size_t targetlen = strlen(target);
   size_t srclen = strlen(src);
-  size_t newsize = targetlen + 2*srclen + 1;
+  size_t newsize = 2*targetlen + srclen + 1;
 
   // check if reallocation is necessary
-  if((targetlen + srclen) > *targetsize) {
+  if((targetlen + srclen) >= *targetsize) {
     LOG(LVL_DEBUG, "safe_append: reallocating target string: %lu -> %lu characters", *targetsize, newsize);
 
     target = realloc(target, newsize * sizeof(char));