Heap corruption when renaming stash

Heap corruption caused by strcpy writing past the end of allocated memory ('\0' character).

Lines 546 to 547 in e047248

    
           stash->name = (char *)malloc(len);//D2FogMemAlloc(len,__FILE__,__LINE__,0); 
        
           strcpy(stash->name, name);

PlugY/PlugY/InfinityStash.cpp

Lines 270 to 273 in e047248

    
           if (strlen((char *)&data[curSize])) 
        
           	ptStash->name = (char*)malloc(strlen((char *)&data[curSize]));//D2AllocMem(PCGame->memoryPool, strlen((char *)&data[curSize]),__FILE__,__LINE__,0); 
        
           if (ptStash->name) 
        
           	strcpy(ptStash->name, (char *)&data[curSize]);

	stash->name = (char *)malloc(len);//D2FogMemAlloc(len,__FILE__,__LINE__,0);
	strcpy(stash->name, name);

	if (strlen((char *)&data[curSize]))
	ptStash->name = (char)malloc(strlen((char )&data[curSize]));//D2AllocMem(PCGame->memoryPool, strlen((char *)&data[curSize]),__FILE__,__LINE__,0);
	if (ptStash->name)
	strcpy(ptStash->name, (char *)&data[curSize]);