Clamp open file name size.

chrome/common/win_util.cc

Index: chrome/common/win_util.cc
===================================================================
--- chrome/common/win_util.cc	(revision 1800)
+++ chrome/common/win_util.cc	(working copy)
@@ -395,12 +395,16 @@
 
   // Initially populated by the file component of 'suggested_name', this buffer
   // will be written into by Windows when the user is done with the dialog box.
-  wchar_t file_name[MAX_PATH+1];
   std::wstring file_part = file_util::GetFilenameFromPath(suggested_name);
-  memcpy(file_name,
-         file_part.c_str(),
-         (file_part.length()+1) * sizeof(wchar_t));
 
+  // This will clamp the number of characters copied from the supplied path
+  // to the value of MAX_PATH.
+  size_t name_size = std::min(file_part.length() + 1,
+                              static_cast<size_t>(MAX_PATH));
+  wchar_t file_name[MAX_PATH];
+  memcpy(file_name, file_part.c_str(), name_size * sizeof(wchar_t));
+  file_name[MAX_PATH - 1] = '\0';
+
   OPENFILENAME save_as;
   // We must do this otherwise the ofn's FlagsEx may be initialized to random
   // junk in release builds which can cause the Places Bar not to show up!