Use memcpy rather than strncpy and leave note in code

Coverity found that the usage of strncpy may leave an unterminated
string. In this case it is ok, if the string is unterminated since
it would only be the part of a response and the client would have
to collect all the parts as indicated by the total length of the
string. So we use memcpy instead and leave a note in the code. So
far the strings would not nearly be 3k to get close to the maximum.

Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>

src/swtpm/ctrlchannel.c

@@ -822,7 +822,8 @@ int ctrlchannel_process_fd(int fd,
         pgi->u.resp.tpm_result = htobe32(0);
         pgi->u.resp.totlength = htobe32(strlen(info_data) + 1);
         pgi->u.resp.length = htobe32(length);
-        strncpy(pgi->u.resp.buffer, &info_data[offset], length);
+        /* client has to collect whole string in case buffer is too small */
+        memcpy(pgi->u.resp.buffer, &info_data[offset], length);
         free(info_data);
 
         out_len = offsetof(ptm_getinfo, u.resp.buffer) + length;

src/swtpm/cuse_tpm.c

@@ -1226,7 +1226,8 @@ static void ptm_ioctl(fuse_req_t req, int cmd, void *arg,
             out_pgi.u.resp.tpm_result = 0;
             out_pgi.u.resp.totlength = strlen(info_data) + 1;
             out_pgi.u.resp.length = length;
-            strncpy(out_pgi.u.resp.buffer, &info_data[offset], length);
+            /* client has to collect whole string in case buffer is too small */
+            memcpy(out_pgi.u.resp.buffer, &info_data[offset], length);
             free(info_data);
 
             fuse_reply_ioctl(req, 0, &out_pgi, sizeof(out_pgi));