diff --git a/src/swtpm/ctrlchannel.c b/src/swtpm/ctrlchannel.c
index 23e8992..d3454a5 100644
--- a/src/swtpm/ctrlchannel.c
+++ b/src/swtpm/ctrlchannel.c
@@ -822,7 +822,8 @@ int ctrlchannel_process_fd(int fd,
         pgi->u.resp.tpm_result = htobe32(0);
         pgi->u.resp.totlength = htobe32(strlen(info_data) + 1);
         pgi->u.resp.length = htobe32(length);
-        strncpy(pgi->u.resp.buffer, &info_data[offset], length);
+        /* client has to collect whole string in case buffer is too small */
+        memcpy(pgi->u.resp.buffer, &info_data[offset], length);
         free(info_data);
 
         out_len = offsetof(ptm_getinfo, u.resp.buffer) + length;
diff --git a/src/swtpm/cuse_tpm.c b/src/swtpm/cuse_tpm.c
index 3bd168d..8dce627 100644
--- a/src/swtpm/cuse_tpm.c
+++ b/src/swtpm/cuse_tpm.c
@@ -1226,7 +1226,8 @@ static void ptm_ioctl(fuse_req_t req, int cmd, void *arg,
             out_pgi.u.resp.tpm_result = 0;
             out_pgi.u.resp.totlength = strlen(info_data) + 1;
             out_pgi.u.resp.length = length;
-            strncpy(out_pgi.u.resp.buffer, &info_data[offset], length);
+            /* client has to collect whole string in case buffer is too small */
+            memcpy(out_pgi.u.resp.buffer, &info_data[offset], length);
             free(info_data);
 
             fuse_reply_ioctl(req, 0, &out_pgi, sizeof(out_pgi));