From f0ad3fae240c435099cb78d03cc4cd2695d80954 Mon Sep 17 00:00:00 2001
From: RElesgoe <xboi209@gmail.com>
Date: Wed, 24 Aug 2016 00:54:55 -0700
Subject: [PATCH] Prevent possible use of uninitialized variable in
 _client_createaccountw3()

---
 src/bnetd/handle_bnet.cpp | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/src/bnetd/handle_bnet.cpp b/src/bnetd/handle_bnet.cpp
index e66a86a..b6b9611 100644
--- a/src/bnetd/handle_bnet.cpp
+++ b/src/bnetd/handle_bnet.cpp
@@ -672,7 +672,6 @@ namespace pvpgn
 			t_packet *rpacket;
 			char const *username;
 			char const *plainpass;
-			char lpass[20];
 			t_hash sc_hash;
 			unsigned int i;
 			const char *account_salt;
@@ -737,10 +736,11 @@ namespace pvpgn
 				goto out;
 			}
 
-			if (plainpass) {
+			char lpass[20] = {};
+			if (plainpass)
+			{
 				/* convert plaintext password to lowercase for sc etc. */
-				std::strncpy(lpass, plainpass, 16);
-				lpass[16] = 0;
+				std::snprintf(lpass, sizeof lpass, "%s", plainpass);
 				strtolower(lpass);
 			}