From 08949637d5de258af40acd7130cae50fc539c7d9 Mon Sep 17 00:00:00 2001
From: Daniel Stenberg <daniel@haxx.se>
Date: Wed, 9 Oct 2024 15:45:32 +0200
Subject: [PATCH] tool_getparam: replace two uses of strncpy(), ban strncpy

strncpy() is rarely the right choice

Closes #15212
---
 src/.checksrc       | 1 +
 src/tool_getparam.c | 4 ++--
 2 files changed, 3 insertions(+), 2 deletions(-)

diff --git a/src/.checksrc b/src/.checksrc
index 946367c499..df9b1f0795 100644
--- a/src/.checksrc
+++ b/src/.checksrc
@@ -1 +1,2 @@
 enable STDERR
+enable STRNCPY
diff --git a/src/tool_getparam.c b/src/tool_getparam.c
index 9a5de1e731..7b6aea70a9 100644
--- a/src/tool_getparam.c
+++ b/src/tool_getparam.c
@@ -390,7 +390,7 @@ void parse_cert_parameter(const char *cert_parameter,
   param_place = cert_parameter;
   while(*param_place) {
     span = strcspn(param_place, ":\\");
-    strncpy(certname_place, param_place, span);
+    memcpy(certname_place, param_place, span);
     param_place += span;
     certname_place += span;
     /* we just ate all the non-special chars. now we are on either a special
@@ -944,7 +944,7 @@ static ParameterError set_rate(struct GlobalConfig *global,
   if(numlen > sizeof(number) -1)
     return PARAM_NUMBER_TOO_LARGE;
 
-  strncpy(number, nextarg, numlen);
+  memcpy(number, nextarg, numlen);
   number[numlen] = 0;
   err = str2unum(&denominator, number);
   if(err)
-- 
2.47.3