Use StrNCpy not strncpy to fill hash key, to ensure the resulting key

is null-terminated. I think this is not a real bug because the parser would always have truncated the identifier to NAMEDATALEN-1 already, but let's be safe. Per report from Klocwork.
2004-12-03 21:26:31 +00:00 · 2004-12-03 21:26:31 +00:00 · 8090616847
parent 2ee3a720a4
commit 8090616847
1 changed files with 3 additions and 5 deletions
--- a/src/backend/commands/prepare.c
+++ b/src/backend/commands/prepare.c
@ -10,7 +10,7 @@
 * Copyright (c) 2002-2004, PostgreSQL Global Development Group
 *
 * IDENTIFICATION
- *	  $PostgreSQL: pgsql/src/backend/commands/prepare.c,v 1.33 2004/10/25 00:46:40 neilc Exp $
+ *	  $PostgreSQL: pgsql/src/backend/commands/prepare.c,v 1.34 2004/12/03 21:26:31 tgl Exp $
 *
 *-------------------------------------------------------------------------
 */
@ -296,8 +296,7 @@ StorePreparedStatement(const char *stmt_name,

 	/* Check for pre-existing entry of same name */
 	/* See notes in FetchPreparedStatement */
-	MemSet(key, 0, sizeof(key));
-	strncpy(key, stmt_name, sizeof(key));
+	StrNCpy(key, stmt_name, sizeof(key));

 	hash_search(prepared_queries, key, HASH_FIND, &found);

@ -370,8 +369,7 @@ FetchPreparedStatement(const char *stmt_name, bool throwError)
 		 * the hash package is picky enough that it needs to be
 		 * NULL-padded out to the appropriate length to work correctly.
 		 */
-		MemSet(key, 0, sizeof(key));
-		strncpy(key, stmt_name, sizeof(key));
+		StrNCpy(key, stmt_name, sizeof(key));

 		entry = (PreparedStatement *) hash_search(prepared_queries,
 												  key,