Patch from Scott McKellar to fill buffer overflow holes:

Patch from Scott McKellar to fill buffer overflow holes:

The first overflow can happen with an excessively long username.

The second overflow is more doubtful, because the inputs come from
two other functions.  It's not obvious whether an overflow is possible
or not.  It may be that those functions will never return strings long
enough to overflow.  However it is easier to assume that they might,
and avoid the overflow for sure, than to determine whether an overflow
is possible in the first place.

In each case I declared a variable-length character array with a
calculated length.

git-svn-id: svn://svn.open-ils.org/OpenSRF/trunk@1053 9efc2488-bf62-4759-914b-345cdb29e865