bson_strnlen returns strnlen if available, otherwise a custom implementation of strnlen. Ever since it was first written, bson_strnlen's custom implementation has returned a value 1 greater than strnlen.
Furthermore, due to a misspelled ifdef (CDRIVER-1041), bson_strnlen always uses its custom implementation instead of using strnlen when available.
This was undetected because:
1. bson_strnlen is not directly tested
2. It was only used in _mongoc_ssl_check_cert to check if a hostname has internal nils: bson_strnlen (name, name_length). Since the max length was already calculated, the off-by-one error had no effect.
3. I mistakenly used standard strnlen instead of bson_strnlen in new cursor code (also reported in CDRIVER-1041).