From f032a9acf7da87ca3b188772cc470a03da1553ce Mon Sep 17 00:00:00 2001
From: Harin Vadodaria <harin.vadodaria@oracle.com>
Date: Tue, 26 Feb 2013 21:23:06 +0530
Subject: [PATCH] Bug#16372927: STACK OVERFLOW WITH LONG DATABASE NAME IN      
         GRANT STATEMENT

Description: A missing length check causes problem while
             copying source to destination when
             lower_case_table_names is set to a value
             other than 0. This patch fixes the issue
             by ensuring that requried bound check is
             performed.
---
 sql/sql_acl.cc | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/sql/sql_acl.cc b/sql/sql_acl.cc
index 17000e40b97..df31feccb26 100644
--- a/sql/sql_acl.cc
+++ b/sql/sql_acl.cc
@@ -3475,7 +3475,8 @@ bool mysql_grant(THD *thd, const char *db, List <LEX_USER> &list,
 
   if (lower_case_table_names && db)
   {
-    strmov(tmp_db,db);
+    strnmov(tmp_db,db,NAME_LEN);
+    tmp_db[NAME_LEN]= '\0';
     my_casedn_str(files_charset_info, tmp_db);
     db=tmp_db;
   }