Index: usr.sbin/sysinst/util.c
===================================================================
RCS file: /cvsroot/src/usr.sbin/sysinst/util.c,v
retrieving revision 1.32
diff -p -u -r1.32 util.c
--- usr.sbin/sysinst/util.c	27 Aug 2019 14:11:00 -0000	1.32
+++ usr.sbin/sysinst/util.c	4 Oct 2019 11:07:55 -0000
@@ -170,7 +170,8 @@ int have_raid, have_vnd, have_cgd, have_
  */
 
 static int check_for(unsigned int mode, const char *pathname);
-static int get_iso9660_volname(int dev, int sess, char *volname);
+static int get_iso9660_volname(int dev, int sess, char *volname,
+		size_t volnamelen);
 static int get_available_cds(void);
 static int binary_available(const char *prog);
 
@@ -376,7 +377,7 @@ get_via_floppy(void)
  * Get the volume name of a ISO9660 file system
  */
 static int
-get_iso9660_volname(int dev, int sess, char *volname)
+get_iso9660_volname(int dev, int sess, char *volname, size_t volnamelen)
 {
 	int blkno, error, last;
 	char buf[ISO_BLKSIZE];
@@ -393,8 +394,9 @@ get_iso9660_volname(int dev, int sess, c
 		if (isonum_711((const unsigned char *)&vd->type)
 		     == ISO_VD_PRIMARY) {
 			pd = (struct iso_primary_descriptor*)buf;
-			strncpy(volname, pd->volume_id, sizeof pd->volume_id);
-			last = sizeof pd->volume_id-1;
+			strncpy(volname, pd->volume_id, volnamelen - 1);
+			volname[volnamelen - 1] = '\0';
+			last = volnamelen - 1;
 			while (last >= 0
 			    && (volname[last] == ' ' || volname[last] == 0))
 				last--;
@@ -455,7 +457,8 @@ get_available_cds_helper(void *arg, cons
 			dev = open(dname, O_RDONLY, 0);
 			if (dev == -1)
 				continue;
-			error = get_iso9660_volname(dev, sess, volname);
+			error = get_iso9660_volname(dev, sess, volname,
+			    sizeof volname);
 			close(dev);
 			if (error)
 				continue;