diff --git a/server/core/secrets.c b/server/core/secrets.c
index 054ee314a..18963e425 100644
--- a/server/core/secrets.c
+++ b/server/core/secrets.c
@@ -382,7 +382,7 @@ decrypt_password(const char *crypt)
     enlen = strlen(crypt) / 2;
     gw_hex2bin(encrypted, crypt, strlen(crypt));
 
-    if ((plain = (unsigned char *) MXS_MALLOC(80)) == NULL)
+    if ((plain = (unsigned char *) MXS_MALLOC(enlen + 1)) == NULL)
     {
         MXS_FREE(keys);
         return NULL;
@@ -391,6 +391,7 @@ decrypt_password(const char *crypt)
     AES_set_decrypt_key(keys->enckey, 8 * MAXSCALE_KEYLEN, &aeskey);
 
     AES_cbc_encrypt(encrypted, plain, enlen, &aeskey, keys->initvector, AES_DECRYPT);
+    plain[enlen] = '\0';
     MXS_FREE(keys);
 
     return (char *) plain;