Author: Honza Horak License: BSD Error: BUFFER_SIZE_WARNING (CWE-120): mysql-5.1.70/sql/sql_prepare.cc:2765: buffer_size_warning: Calling strncpy with a maximum size argument of 512 bytes on destination array "this->stmt->last_error" of size 512 bytes might leave the destination string unterminated. diff -up mysql-5.1.70/sql/sql_prepare.cc.bs1 mysql-5.1.70/sql/sql_prepare.cc --- mysql-5.1.70/sql/sql_prepare.cc.bs1 2013-07-24 16:07:19.372790635 +0200 +++ mysql-5.1.70/sql/sql_prepare.cc 2013-07-24 16:07:52.483773171 +0200 @@ -2762,7 +2762,8 @@ public: { stmt->state= Query_arena::ERROR; stmt->last_errno= sql_errno; - strncpy(stmt->last_error, message, MYSQL_ERRMSG_SIZE); + strncpy(stmt->last_error, message, sizeof(stmt->last_error)-1); + stmt->last_error[sizeof(stmt->last_error)-1] = '\0'; return TRUE; }