diff --git a/lib/pairing.c b/lib/pairing.c
index d1458fd..9ab2ef4 100644
--- a/lib/pairing.c
+++ b/lib/pairing.c
@@ -32,7 +32,7 @@ struct pairing_s {
 };
 
 typedef struct srp_user_s {
-    char username[SRP_USERNAME_SIZE];   
+    char username[SRP_USERNAME_SIZE + 1];   
     unsigned char salt[SRP_SALT_SIZE];
     unsigned char verifier[SRP_VERIFIER_SIZE];
 } srp_user_t;
@@ -304,8 +304,8 @@ random_pin() {
 
 int
 srp_new_user(pairing_session_t *session, pairing_t *pairing, const char *device_id, const char *pin,
-                        const char **salt, int *len_salt, const char **pk, int *len_pk) {
-    if (strlen(device_id) >= SRP_USERNAME_SIZE) {
+             const char **salt, int *len_salt, const char **pk, int *len_pk) {
+    if (strlen(device_id) > SRP_USERNAME_SIZE) {
         return -1;
     }
 
@@ -317,7 +317,7 @@ srp_new_user(pairing_session_t *session, pairing_t *pairing, const char *device_
         return -2;
     }
     memset(session->srp_user, 0, sizeof(srp_user_t));
-    strncpy(session->srp_user->username, device_id, strlen(device_id) + 1);
+    strncpy(session->srp_user->username, device_id, SRP_USERNAME_SIZE);
 
     const unsigned char *srp_b = srp_private_key(pairing);
     unsigned char * srp_B;
diff --git a/lib/raop.c b/lib/raop.c
index 1cfcfb5..34d6958 100644
--- a/lib/raop.c
+++ b/lib/raop.c
@@ -435,13 +435,14 @@ raop_init(int max_clients, raop_callbacks_t *callbacks) {
     }
 
     /* store PK as a string in raop->pk_str */
+    memset(raop->pk_str, 0, sizeof(raop->pk_str));
 #ifdef PK
-    strncpy(raop->pk_str, PK, 2*ED25519_KEY_SIZE + 1);
+    strncpy(raop->pk_str, PK, 2*ED25519_KEY_SIZE);
 #else
     unsigned char public_key[ED25519_KEY_SIZE];
     pairing_get_public_key(pairing, public_key);
     char *pk_str = utils_pk_to_string(public_key, ED25519_KEY_SIZE);
-    strncpy(raop->pk_str, (const char *) pk_str, 2*ED25519_KEY_SIZE + 1);
+    strncpy(raop->pk_str, (const char *) pk_str, 2*ED25519_KEY_SIZE);
     free(pk_str);
 #endif