Fix printf %.*s with non-terminated arg
The OpenSSL code triggered this bug (it actually could crash wget2) in
debug_printf("ALPN: Server accepted protocol '%.*s'\n", (int) datalen, data);
If data is not terminated, a strlen(data)
can cause a segmenation fault.
Using strnlen()
fixes it.
Approver's checklist:
-
The author has submitted the FSF Copyright Assignment and is listed in AUTHORS -
There is a test suite reasonably covering new functionality or modifications
Edited by Tim Rühsen