mallocstrncpy() unsurprisingly has the same pitfall as strncpy(), namely it null terminates strings EXCEPT if the string has n non-nulll characters. This is somewhat defensible in strncpy()'s case because it is useful for packed character fields that are not null terminated but mallocstrncpy() is always allocating a new buffer so it's never the case that the next byte might be a different field.
One could argue the current behaviour might be useful but in reality adding another byte to the malloc size and forcing null termination has very little cost AND all of the callers of mallocstrncpy() already do this outside the function except one.
Try: grep -A2 mallocstrncpy **/*.c
I propose changing mallocstrncpy() to add the extra byte and set the null then remove that extra code from each of the callers.
I also propose renaming the function to mallocstrndup() since it now has the semantics of strndup()+free() instead of malloc()+strncpy()+free()
What do you think?
-Mike
mallocstrndup.patch