Replace 2 strcat()s with strlen() and memcpy() in dl_dlopen.xs.

In the #if defined(DLOPEN_WONT_DO_RELATIVE_PATHS) block, there were two uses
of strcat() that that the OpenBSD linker spotted and grumbled about.

It can't see that the code was clear enough to be "obviously no bugs".
However, I can see that with 2 successive calls to strcat() there's one more
O(1) scan of the string length than there needs to be. So refactoring to
eliminate strcat() also removes avoidable inefficiencies.

Fortunately, this code isn't in a block that the MS compiler will ever see.
So it won't be suggesting that memcpy_s() is obviously more secure than
memcpy() (because two lengths are better than one).

1 files changed, 5 insertions, 4 deletions

diff --git a/ext/DynaLoader/dl_dlopen.xs b/ext/DynaLoader/dl_dlopen.xs
index 3dce1ef844..d4fea890f8 100644
--- a/ext/DynaLoader/dl_dlopen.xs
+++ b/ext/DynaLoader/dl_dlopen.xs
@@ -171,10 +171,11 @@ dl_load_file(filename, flags=0)
 #if defined(DLOPEN_WONT_DO_RELATIVE_PATHS)
     char pathbuf[PATH_MAX + 2];
     if (*filename != '/' && strchr(filename, '/')) {
-	if (getcwd(pathbuf, PATH_MAX - strlen(filename))) {
-	    strcat(pathbuf, "/");
-	    strcat(pathbuf, filename);
-	    filename = pathbuf;
+        const size_t filename_len = strlen(filename);
+        if (getcwd(pathbuf, PATH_MAX - filename_len)) {
+            const size_t path_len = strlen(pathbuf);
+            pathbuf[path_len] = '/';
+            filename = (char *) memcpy(pathbuf + path_len + 1, filename, filename_len + 1);
 	}
     }
 #endif