diff --git a/src/lib/protocols/tls.c b/src/lib/protocols/tls.c
index 99e11cc13fd..3a02ad0b223 100644
--- a/src/lib/protocols/tls.c
+++ b/src/lib/protocols/tls.c
@@ -1205,7 +1205,7 @@ static void tlsCheckUncommonALPN(struct ndpi_detection_module_struct *ndpi_struc
   char * alpn_start = flow->protos.tls_quic.alpn;
   char * comma_or_nul = alpn_start;
   do {
-    int alpn_len;
+    size_t alpn_len;
 
     comma_or_nul = strchr(comma_or_nul, ',');
 
@@ -1215,13 +1215,20 @@ static void tlsCheckUncommonALPN(struct ndpi_detection_module_struct *ndpi_struc
     alpn_len = comma_or_nul - alpn_start;
 
     if(!is_a_common_alpn(ndpi_struct, alpn_start, alpn_len)) {
-      char str[64] = { '\0' };
+      char str[64];
+      size_t str_len;
       
 #ifdef DEBUG_TLS
       printf("TLS uncommon ALPN found: %.*s\n", (int)alpn_len, alpn_start);
 #endif
 
-      strncpy(str, alpn_start, alpn_len);
+      str[0] = '\0';
+      str_len = ndpi_min(alpn_len, sizeof(str));
+      if(str_len > 0) {
+        strncpy(str, alpn_start, str_len);
+        str[str_len - 1] = '\0';
+      }
+
       ndpi_set_risk(ndpi_struct, flow, NDPI_TLS_UNCOMMON_ALPN, str);
       break;
     }