While investigating a recent NetBSD bug report (related but turned out to be not an issue), I noticed a use of FILENAME_MAX in tzload() which seems a little wrong. With FILENAME_MAX being sufficient to hold the longest valid pathname, including terminating NUL, it is not necessary to allocate an additional character for the separating slash between `p' and `name'; if that character was consumed by the concatenation, the resulting string would no longer be a valid pathname due to its excessive length. I've also taken the liberty to rearrange the component addition below which seems to have had part in causing our original submitter's misunderstanding, but that's merely cosmetics. Just nitpicking, - Klaus *** localtime.c 15 Dec 2003 15:13:53 -0000 1.1.1.9 --- localtime.c 20 Dec 2003 20:09:07 -0000 *************** *** 284,302 **** ** "FILENAME_MAX expands to an integral constant expression ** that is the size needed for an array of char large enough ** to hold the longest file name string that the implementation ** guarantees can be opened." */ ! char fullname[FILENAME_MAX + 1]; if (name[0] == ':') ++name; doaccess = name[0] == '/'; if (!doaccess) { if ((p = TZDIR) == NULL) return -1; ! if ((strlen(p) + strlen(name) + 1) >= sizeof fullname) return -1; (void) strcpy(fullname, p); (void) strcat(fullname, "/"); (void) strcat(fullname, name); /* --- 284,302 ---- ** "FILENAME_MAX expands to an integral constant expression ** that is the size needed for an array of char large enough ** to hold the longest file name string that the implementation ** guarantees can be opened." */ ! char fullname[FILENAME_MAX]; if (name[0] == ':') ++name; doaccess = name[0] == '/'; if (!doaccess) { if ((p = TZDIR) == NULL) return -1; ! if ((strlen(p) + 1 + strlen(name)) >= sizeof fullname) return -1; (void) strcpy(fullname, p); (void) strcat(fullname, "/"); (void) strcat(fullname, name); /*