Fixed a buffer overflow issue

The allocated array has one byte less than the required length. Allocating the size one byte larger fixes the issue.
contribution was originally from teng.hong@nxp.com

Change-Id: I3aa2e6b995fd18e30649a34f201646082aab44ee
related-to-bug: 6347465

Author: James Dong

media/jni/mediaeditor/VideoEditorMain.cpp

@@ -2623,16 +2623,21 @@ videoEditor_init(
             M4OSA_Char* tmpString =
                 (M4OSA_Char *)videoEditJava_getString(&initialized, pEnv, tempPath,
                 NULL, M4OSA_NULL);
+            M4OSA_UInt32 length = strlen((const char *)tmpString);
+            // Malloc additional 2 bytes for beginning and tail separator.
+            M4OSA_UInt32 pathLength = length + 2;
+
             pContext->initParams.pTempPath = (M4OSA_Char *)
-                 M4OSA_32bitAlignedMalloc(strlen((const char *)tmpString) + 1, 0x0,
-                                                 (M4OSA_Char *)"tempPath");
+                 M4OSA_32bitAlignedMalloc(pathLength, 0x0, (M4OSA_Char *)"tempPath");
+
             //initialize the first char. so that strcat works.
             M4OSA_Char *ptmpChar = (M4OSA_Char*)pContext->initParams.pTempPath;
             ptmpChar[0] = 0x00;
             strncat((char *)pContext->initParams.pTempPath, (const char *)tmpString,
-                (size_t)strlen((const char *)tmpString));
+                length);
             strncat((char *)pContext->initParams.pTempPath, (const char *)"/", (size_t)1);
             free(tmpString);
+            tmpString = NULL;
             pContext->mIsUpdateOverlay = false;
             pContext->mOverlayFileName = NULL;
             pContext->decoders = NULL;