From 860b4b8be9fbf15287ac11859bc0278900c95c87 Mon Sep 17 00:00:00 2001
From: Guilherme Amadio <amadio@cern.ch>
Date: Thu, 6 Dec 2018 15:31:32 +0100
Subject: [PATCH] Copy terminating nul bytes into strings in TAuthenticate

Both pt and ru are 5 characters long, so this is safe.
---
 net/auth/src/TAuthenticate.cxx | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/net/auth/src/TAuthenticate.cxx b/net/auth/src/TAuthenticate.cxx
index d3c8603af63ad..553608201299b 100644
--- a/net/auth/src/TAuthenticate.cxx
+++ b/net/auth/src/TAuthenticate.cxx
@@ -842,9 +842,9 @@ void TAuthenticate::SetEnvironment()
       } else {
          if (!strncasecmp(gEnv->GetValue(usrPromptDef,""),"no",2) ||
              !strncmp(gEnv->GetValue(usrPromptDef,""),"0",1))
-            strncpy(pt,"0",1);
+            strncpy(pt,"0",2);
          else
-            strncpy(pt,"1",1);
+            strncpy(pt,"1",2);
       }
       TString usrReUseDef = TString(GetAuthMethod(fSecurity)) + ".ReUse";
       if ((ptr = strstr(fDetails, "ru:")) != 0) {
@@ -852,9 +852,9 @@ void TAuthenticate::SetEnvironment()
       } else {
          if (!strncasecmp(gEnv->GetValue(usrReUseDef,""),"no",2) ||
              !strncmp(gEnv->GetValue(usrReUseDef,""),"0",1))
-            strncpy(ru,"0",1);
+            strncpy(ru,"0",2);
          else
-            strncpy(ru,"1",1);
+            strncpy(ru,"1",2);
       }
       TString usrValidDef = TString(GetAuthMethod(fSecurity)) + ".Valid";
       TString hours(gEnv->GetValue(usrValidDef,"24:00"));