Use StrNCpy not strncpy to fill hash key, to ensure the resulting key

is null-terminated. I think this is not a real bug because the parser would always have truncated the identifier to NAMEDATALEN-1 already, but let's be safe. Per report from Klocwork.

Use StrNCpy not strncpy to fill hash key, to ensure the resulting key
is null-terminated. I think this is not a real bug because the parser would always have truncated the identifier to NAMEDATALEN-1 already, but let's be safe. Per report from Klocwork.
80906168 · Tom Lane · 2ee3a720 · 80906168
Commit 80906168 authored Dec 03, 2004 by Tom Lane
Hide whitespace changes
Inline Side-by-side

Showing with 3 additions and 5 deletions

src/backend/commands/prepare.c src/backend/commands/prepare.c +3 -5

No files found.
--- a/src/backend/commands/prepare.c
+++ b/src/backend/commands/prepare.c
@@ -10,7 +10,7 @@
 * Copyright (c) 2002-2004, PostgreSQL Global Development Group
 *
 * IDENTIFICATION
- *	  $PostgreSQL: pgsql/src/backend/commands/prepare.c,v 1.33 2004/10/25 00:46:40 neilc Exp $
+ *	  $PostgreSQL: pgsql/src/backend/commands/prepare.c,v 1.34 2004/12/03 21:26:31 tgl Exp $
 *
 *-------------------------------------------------------------------------
 */
@@ -296,8 +296,7 @@ StorePreparedStatement(const char *stmt_name,

 	/* Check for pre-existing entry of same name */
 	/* See notes in FetchPreparedStatement */
-	MemSet(key, 0, sizeof(key));
-	strncpy(key, stmt_name, sizeof(key));
+	StrNCpy(key, stmt_name, sizeof(key));

 	hash_search(prepared_queries, key, HASH_FIND, &found);

@@ -370,8 +369,7 @@ FetchPreparedStatement(const char *stmt_name, bool throwError)
 		 * the hash package is picky enough that it needs to be
 		 * NULL-padded out to the appropriate length to work correctly.
 		 */
-		MemSet(key, 0, sizeof(key));
-		strncpy(key, stmt_name, sizeof(key));
+		StrNCpy(key, stmt_name, sizeof(key));

 		entry = (PreparedStatement *) hash_search(prepared_queries,
 												  key,