Fix possible buffer overrun due to incorrect strncat length argument

Fix possible buffer overrun due to incorrect strncat length argument

The strncat usage assumed that the length argument to strncat
indicates the length of the destination buffer. That is how strlcat
works. The length argument for strncat instead describes the maximum
number of characters to copy from the source buffer.

To make the call sites work correctly when we want to avoid
overflowing the destination buffer, we need to subtract also the
current length of the destination buffer string.

This also cures possible overflow issues with any of the strncat use
sites.

Signed-off-by: Timo Kokkonen <timo.t.kokkonen@iki.fi>