Confusing example code for demonstrating off-by-one errors.

[mayank-ramnani]

SecureCodingDojo/codereview101/snipMemory6.cpp

Lines 1 to 9 in 080b0d6

	int len = 0, total = 0;
	while(1){
	fgets(buff1, MAX_SIZE, stdin);
	int len = strnlen(buff1, MAX_SIZE);
	total += len;
	if(total < MAX_SIZE) strncat(buff2, buff1, len);
	else break;
	}

Both the snippets (vulnerable and non-vulnerable one) have various flaws:

1. Variable shadowing (int len is declared twice)
2. Business logic faults: The last string that is read in is completely discarded. Characters that can fit in the buffer should be appended, and the rest should be discarded instead of discarding the whole thing.