dighost.c: idn_output_filter has off by one error

4413#ifdef HAVE_LIBIDN2
4414static isc_result_t
4415idn_output_filter(isc_buffer_t *buffer, unsigned int used_org) {
4416        char src[MXNAME], *dst;
4417        size_t srclen, dstlen;
4418
4419        /*
4420         * Copy name from 'buffer' to 'src' and terminate it with NULL.
4421         */
4422        srclen = isc_buffer_usedlength(buffer) - used_org;
    	1. Condition srclen > 1024UL /* sizeof (src) */, taking false branch.
    	2. cond_at_most: Checking srclen > 1024UL implies that srclen may be up to 1024 on the false branch.
4423        if (srclen > sizeof(src)) {
4424                warn("Input name too long to perform IDN conversion");
4425                return (ISC_R_SUCCESS);
4426        }
4427        memmove(src, (char *)isc_buffer_base(buffer) + used_org, srclen);
    	
CID 281493 (#1 of 1): Out-of-bounds write (OVERRUN)
3. overrun-local: Overrunning array src of 1024 bytes at byte offset 1024 using index srclen (which evaluates to 1024).
4428        src[srclen] = '\0';

Note: MXNAME is 1024 which is larger than the presentation format of any domain name.