Use StrNCpy not strncpy to fill hash key, to ensure the resulting key

is null-terminated.  I think this is not a real bug because the parser
would always have truncated the identifier to NAMEDATALEN-1 already,
but let's be safe.  Per report from Klocwork.

diff --git a/src/backend/commands/prepare.c b/src/backend/commands/prepare.c
index a5e1db93bccc3264568ade16d2b6b158fac023c7..70239aa79a0f9c3be76aa37da44a1b3d83e454cd 100644 (file)
--- a/src/backend/commands/prepare.c
+++ b/src/backend/commands/prepare.c
@@ -297,8 +297,7 @@ StorePreparedStatement(const char *stmt_name,
 
        /* Check for pre-existing entry of same name */
        /* See notes in FetchPreparedStatement */
-       MemSet(key, 0, sizeof(key));
-       strncpy(key, stmt_name, sizeof(key));
+       StrNCpy(key, stmt_name, sizeof(key));
 
        hash_search(prepared_queries, key, HASH_FIND, &found);
 
@@ -371,8 +370,7 @@ FetchPreparedStatement(const char *stmt_name, bool throwError)
                 * the hash package is picky enough that it needs to be
                 * NULL-padded out to the appropriate length to work correctly.
                 */
-               MemSet(key, 0, sizeof(key));
-               strncpy(key, stmt_name, sizeof(key));
+               StrNCpy(key, stmt_name, sizeof(key));
 
                entry = (PreparedStatement *) hash_search(prepared_queries,
                                                                                                  key,