From 662d5009f51115f078998dcec2c1252fc5ebace6 Mon Sep 17 00:00:00 2001
From: Tomasz Swierczek <t.swierczek@samsung.com>
Date: Fri, 17 Jul 2020 11:35:10 +0200
Subject: [PATCH] Fix static analysis issue

src/key.c: openssl_password_cb

according to openssl examples, password is considered a null-terminated string
(https://www.openssl.org/docs/man1.1.1/man3/SSL_CTX_set_default_passwd_cb.html)

Change-Id: I3b2fc13043e4adb7f5885d4140453297311e74f3
---
 src/key.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/src/key.c b/src/key.c
index d94e533..1eea8d9 100644
--- a/src/key.c
+++ b/src/key.c
@@ -62,10 +62,11 @@ static int openssl_password_cb(char *buf, int size, UNUSED int rwflag, void *u)
 
 	size_t pass_len = strlen(cb_data->password);
 
-	if (pass_len > INT_MAX || (int)pass_len > size)
+	if (pass_len + 1 > INT_MAX || (int)pass_len + 1 > size)
 		return 0;
 
 	memcpy(buf, cb_data->password, pass_len);
+	buf[pass_len] = 0;
 	cb_data->password_requested = true;
 
 	return pass_len;
-- 
2.7.4