Fix potential buffer overrun in error message handling.

Reported by Lætitia.

doc/xml/release.xml

@@ -14,6 +14,16 @@
     <release-list>
         <release date="XXXX-XX-XX" version="2.03dev" title="UNDER DEVELOPMENT">
             <release-core-list>
+                <release-bug-list>
+                    <release-item>
+                        <release-item-contributor-list>
+                            <release-item-ideator id="loxo.lætitia"/>
+                        </release-item-contributor-list>
+
+                        <p>Fix potential buffer overrun in error message handling.</p>
+                    </release-item>
+                </release-bug-list>
+
                 <release-improvement-list>
                     <release-item>
                         <release-item-contributor-list>

src/common/error.c

@@ -387,7 +387,9 @@ errorInternalThrow(const ErrorType *errorType, const char *fileName, const char
     errorContext.error.fileLine = fileLine;
 
     // Assign message to the error
-    strcpy(messageBuffer, message);
+    strncpy(messageBuffer, message, sizeof(messageBuffer));
+    messageBuffer[sizeof(messageBuffer) - 1] = 0;
+
     errorContext.error.message = (const char *)messageBuffer;
 
     // Generate the stack trace for the error

test/src/module/common/errorTest.c

@@ -122,7 +122,10 @@ testRun()
                         assert(errorTryDepth() == 4);
                         tryDone = true;
 
-                        THROW(AssertError, BOGUS_STR);
+                        char bigMessage[sizeof(messageBuffer) * 32];
+                        memset(bigMessage, 'A', sizeof(bigMessage));
+
+                        THROW(AssertError, bigMessage);
                     }
                     TRY_END();
                 }
@@ -151,6 +154,7 @@ testRun()
         {
             assert(errorTryDepth() == 1);
             assert(errorContext.tryList[1].state == errorStateCatch);
+            assert(strlen(errorMessage()) == sizeof(messageBuffer) - 1);
 
             catchDone = true;
         }