From 53cb2c8096b46f14805fa4658d08c83002bc6eb6 Mon Sep 17 00:00:00 2001
From: Amos Jeffries <squid3@treenet.co.nz>
Date: Thu, 15 Nov 2012 21:35:29 -0700
Subject: [PATCH] basic_radius_auth: nul-terminate strings

Alterations in rev.12444 to the command line paramcopying overlooked the
absence of nul-termination by strncpy(). Ensure the strings are terminated.

 Detected by Coverity Scan. Issue 743276
---
 helpers/basic_auth/RADIUS/basic_radius_auth.cc | 12 ++++++++----
 1 file changed, 8 insertions(+), 4 deletions(-)

diff --git a/helpers/basic_auth/RADIUS/basic_radius_auth.cc b/helpers/basic_auth/RADIUS/basic_radius_auth.cc
index d9a4f3520c..0672a1e644 100644
--- a/helpers/basic_auth/RADIUS/basic_radius_auth.cc
+++ b/helpers/basic_auth/RADIUS/basic_radius_auth.cc
@@ -494,16 +494,20 @@ main(int argc, char **argv)
             cfname = optarg;
             break;
         case 'h':
-            strncpy(server, optarg, sizeof(server));
+            strncpy(server, optarg, sizeof(server)-1);
+            server[sizeof(server)-1] = '\0';
             break;
         case 'p':
-            strncpy(svc_name, optarg, sizeof(svc_name));
+            strncpy(svc_name, optarg, sizeof(svc_name)-1);
+            svc_name[sizeof(svc_name)-1] = '\0';
             break;
         case 'w':
-            strncpy(secretkey, optarg, sizeof(secretkey));
+            strncpy(secretkey, optarg, sizeof(secretkey)-1);
+            secretkey[sizeof(secretkey)-1] = '\0';
             break;
         case 'i':
-            strncpy(identifier, optarg, sizeof(identifier));
+            strncpy(identifier, optarg, sizeof(identifier)-1);
+            identifier[sizeof(identifier)-1] = '\0';
             break;
         case 't':
             retries = atoi(optarg);
-- 
2.47.3