What are you talking about? There is no sizeof(dest) with strndup()--it's newly allocated memory sized appropriately so there's no chance of an overwrite.
While we're on the subject, what is the point of strndup()? Keeping people from running you out of memory with big long strings? They'll just find other ways to do the same thing (by repeatedly feeding you strings of threshold length).