basic_radius_auth: nul-terminate strings

Alterations in rev.12444 to the command line paramcopying overlooked the
absence of nul-termination by strncpy(). Ensure the strings are terminated.

 Detected by Coverity Scan. Issue 743276

diff --git a/helpers/basic_auth/RADIUS/basic_radius_auth.cc b/helpers/basic_auth/RADIUS/basic_radius_auth.cc
index d9a4f3520cc6195b7abf5b45abd7159a81834661..0672a1e644feb11109f7b65b1bd15bc3dc59d78e 100644 (file)
--- a/helpers/basic_auth/RADIUS/basic_radius_auth.cc
+++ b/helpers/basic_auth/RADIUS/basic_radius_auth.cc
@@ -494,16 +494,20 @@ main(int argc, char **argv)
             cfname = optarg;
             break;
         case 'h':
-            strncpy(server, optarg, sizeof(server));
+            strncpy(server, optarg, sizeof(server)-1);
+            server[sizeof(server)-1] = '\0';
             break;
         case 'p':
-            strncpy(svc_name, optarg, sizeof(svc_name));
+            strncpy(svc_name, optarg, sizeof(svc_name)-1);
+            svc_name[sizeof(svc_name)-1] = '\0';
             break;
         case 'w':
-            strncpy(secretkey, optarg, sizeof(secretkey));
+            strncpy(secretkey, optarg, sizeof(secretkey)-1);
+            secretkey[sizeof(secretkey)-1] = '\0';
             break;
         case 'i':
-            strncpy(identifier, optarg, sizeof(identifier));
+            strncpy(identifier, optarg, sizeof(identifier)-1);
+            identifier[sizeof(identifier)-1] = '\0';
             break;
         case 't':
             retries = atoi(optarg);