This rule finds malloc that use a strlen for the size but to not take the zero terminator into consideration, and strcat/strncat calls that are done on buffers that do not have the sufficient size to contain the new string.

The indicated expression will cause a buffer overflow due to a buffer that is of insufficient size to contain the data being copied. Buffer overflows can result to anything from a segfault to a security vulnerability (particularly if the array is on stack-allocated memory).

Increase the size of the buffer being allocated.

CWE-131: Incorrect Calculation of Buffer Size

I. Gerg. An Overview and Example of the Buffer-Overflow Exploit. IANewsletter vol 7 no 4. 2005.

M. Donaldson. Inside the Buffer Overflow Attack: Mechanism, Method & Prevention. SANS Institute InfoSec Reading Room. 2002.