Do not use sizeof() on an array passed as an argument to a function and
expect to get anything but the size of a pointer. As a result only the
first 4 (or 8) bytes of the response buffer were initialized to 0 in
auth_digest_compute_response() which caused it to return a string which
was not NUL-terminated...