Sync to OpenBSD:

Clarify that if strlcat() does not find a NUL within siz byte it
will not NUL terminate either.

Document boundary condition when size < strlen(dst).

"of", not "on" (from Henric Jungheim)

Obtained from:	OpenBSD
MFC After:	1 week

1 files changed, 23 insertions, 2 deletions

diff --git a/lib/libc/string/strlcpy.3 b/lib/libc/string/strlcpy.3
index f22c897..14cf18d 100644
--- a/lib/libc/string/strlcpy.3
+++ b/lib/libc/string/strlcpy.3
@@ -121,6 +121,27 @@ the length of
 .Fa src .
 While this may seem somewhat confusing it was done to make
 truncation detection simple.
+.Pp
+Note however, that if
+.Fn strlcat
+traverses
+.Fa size
+characters without finding a NUL, the length of the string is considered
+to be
+.Fa size
+and the destination string will not be NUL-terminated (since there was
+no space for the NUL).
+This keeps
+.Fn strlcat
+from running off the end of a string.
+In practice this should not happen (as it means that either
+.Fa size
+is incorrect or that
+.Fa dst
+is not a proper
+.Dq C
+string).
+The check exists to prevent potential security problems in incorrect code.
 .Sh EXAMPLES
 The following code fragment illustrates the simple case:
 .Bd -literal -offset indent
@@ -146,9 +167,9 @@ if (strlcat(pname, file, sizeof(pname)) >= sizeof(pname))
 .Ed
 .Pp
 Since we know how many characters we copied the first time, we can
-speed things up a bit by using a copy instead on an append:
+speed things up a bit by using a copy instead of an append:
 .Bd -literal -offset indent
-char *dir, *file, pname[MAXPATHNAMELEN];
+char *dir, *file, pname[MAXPATHLEN];
 size_t n;
 
 \&...