1 files changed, 4 insertions, 0 deletions

diff --git a/smtp.c b/smtp.c
index 7fdb8499..c3fdaa68 100644
--- a/smtp.c
+++ b/smtp.c
@@ -87,6 +87,7 @@ static void SMTP_auth(int sock, char *username, char *password, char *buf)
 		SockPrintf(sock, "AUTH CRAM-MD5\r\n");
 		SockRead(sock, smtp_response, sizeof(smtp_response) - 1);
 		strncpy(tmp, smtp_response, sizeof(tmp));
+		tmp[sizeof(tmp)-1] == '\0';
 
 		if (strncmp(tmp, "334 ", 4)) { /* Server rejects AUTH */
 			SMTP_auth_error(sock, GT_("Server rejected the AUTH command.\n"));
@@ -146,6 +147,7 @@ static void SMTP_auth(int sock, char *username, char *password, char *buf)
 		SockPrintf(sock, "AUTH LOGIN\r\n");
 		SockRead(sock, smtp_response, sizeof(smtp_response) - 1);
 		strncpy(tmp, smtp_response, sizeof(tmp));
+		tmp[sizeof(tmp)-1] == '\0';
 
 		if (strncmp(tmp, "334 ", 4)) { /* Server rejects AUTH */
 			SMTP_auth_error(sock, GT_("Server rejected the AUTH command.\n"));
@@ -162,6 +164,7 @@ static void SMTP_auth(int sock, char *username, char *password, char *buf)
 		SockPrintf(sock, "%s\r\n", b64buf);
 		SockRead(sock, smtp_response, sizeof(smtp_response) - 1);
 		strncpy(tmp, smtp_response, sizeof(tmp));
+		tmp[sizeof(tmp)-1] == '\0';
 		p = strchr(tmp, ' ');
 		if (!p) {
 			SMTP_auth_error(sock, GT_("Bad base64 reply from server.\n"));
@@ -210,6 +213,7 @@ int SMTP_ehlo(int sock, const char *host, char *name, char *password, int *opt)
 	      *opt |= hp->value;
 	      if (strncmp(hp->name, "AUTH ", 5) == 0)
 	      	strncpy(auth_response, smtp_response, sizeof(auth_response));
+		auth_response[sizeof(auth_response)-1] == '\0';
 	  }
       if ((smtp_response[0] == '1' || smtp_response[0] == '2' || smtp_response[0] == '3') && smtp_response[3] == ' ') {
 	  if (*opt & ESMTP_AUTH)