buffer-overflow tag

Please explain why this code is vulnerable to buffer overflow

int func(char* str){ char buffer[100]; unsigned short len = strlen(str); if(len >= 100) { return (-1); } strncpy(buffer,str,strlen(str)); return 0;}It's a school assignment. They want us to write ...