Golioth Firmware SDK version 0.19.1 prior to 0.22.0 contains an out-of-bounds read due to improper null termination of a blockwise transfer path. blockwise_transfer_init() accepts a path whose length equals CONFIG_GOLIOTH_COAP_MAX_PATH_LEN and copies it using strncpy() without guaranteeing a trailing NUL byte, leaving ctx->path unterminated. A later strlen() on this buffer can read past the end of the allocation, resulting in a crash/denial of service.