From 3043608cf72b0abd8b022034080f44cc29ff0cf5 Mon Sep 17 00:00:00 2001
From: Peter Eisentraut <peter_e@gmx.net>
Date: Thu, 8 Mar 2012 22:29:01 +0200
Subject: [PATCH] ecpg: Fix off-by-one error in memory copying

In a rare case, one byte past the end of memory belonging to the
sqlca_t structure would be written to.

found by Coverity
---
 src/interfaces/ecpg/ecpglib/misc.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/interfaces/ecpg/ecpglib/misc.c b/src/interfaces/ecpg/ecpglib/misc.c
index 98e0597b03..c29f933ef9 100644
--- a/src/interfaces/ecpg/ecpglib/misc.c
+++ b/src/interfaces/ecpg/ecpglib/misc.c
@@ -530,7 +530,7 @@ ECPGset_var(int number, void *pointer, int lineno)
 		struct sqlca_t *sqlca = ECPGget_sqlca();
 
 		sqlca->sqlcode = ECPG_OUT_OF_MEMORY;
-		strncpy(sqlca->sqlstate, "YE001", sizeof("YE001"));
+		strncpy(sqlca->sqlstate, "YE001", sizeof(sqlca->sqlstate));
 		snprintf(sqlca->sqlerrm.sqlerrmc, sizeof(sqlca->sqlerrm.sqlerrmc), "out of memory on line %d", lineno);
 		sqlca->sqlerrm.sqlerrml = strlen(sqlca->sqlerrm.sqlerrmc);
 		/* free all memory we have allocated for the user */
-- 
2.40.0