avoids risk of strncat buffer overflow

src/iec61850/server/impl/ied_server.c

@@ -1371,7 +1371,7 @@ IedServer_getFunctionalConstrainedData(IedServer self, DataObject* dataObject, F
     }
 
     strncpy(domainName, self->model->name, 64);
-    strncat(domainName, ld->name, 64);
+    strncat(domainName, ld->name, 64 - strlen(domainName));
 
     MmsDomain* domain = MmsDevice_getDomain(self->mmsDevice, domainName);
 

src/iec61850/server/model/model.c

@@ -114,7 +114,7 @@ IedModel_lookupDataSet(IedModel* self, const char* dataSetReference  /* e.g. ied
 
 	    domainName[modelNameLen] = 0;
 
-	    strncat(domainName, dataSet->logicalDeviceName, 64);
+	    strncat(domainName, dataSet->logicalDeviceName, 64 - modelNameLen);
 
 		if (strncmp(domainName, dataSetReference, ldNameLen) == 0) {
 			if (strcmp(dataSet->name, separator + 1) == 0) {
@@ -138,7 +138,7 @@ IedModel_getDevice(IedModel* self, const char* deviceName)
         char domainName[65];
 
         strncpy(domainName, self->name, 64);
-        strncat(domainName, device->name, 64);
+        strncat(domainName, device->name, 64 - strlen(domainName));
 
         if (strcmp(domainName, deviceName) == 0)
             return device;