malloc now allocates space for string terminator (#1507)

addresses a code scanner vulnerability

the combination of `strlen` and `malloc` results in space being
allocated for the string, but not the null terminator required to end
the string, so space for an extra character has to be manually specified

#### references
- CERT C Coding Standard: [MEM35-C. Allocate sufficient memory for an
object](https://www.securecoding.cert.org/confluence/display/c/MEM35-C.+Allocate+sufficient+memory+for+an+object).
- Common Weakness Enumeration:
[CWE-131](https://cwe.mitre.org/data/definitions/131.html).
- Common Weakness Enumeration:
[CWE-120](https://cwe.mitre.org/data/definitions/120.html).
- Common Weakness Enumeration:
[CWE-122](https://cwe.mitre.org/data/definitions/122.html).

src/apps/relay/dbdrivers/dbd_mysql.c

@@ -115,7 +115,7 @@ char *decryptPassword(char *in, const unsigned char *mykey) {
 #endif
 
   strcat(last, (char *)outdata);
-  out = (char *)malloc(sizeof(char) * strlen(last));
+  out = (char *)malloc(sizeof(char) * (strlen(last) + 1)); // add 1 to allocate space for terminating '\0'
   strcpy(out, last);
   return out;
 }