Minimize unsafe C functions usage

Replace calls to `sprintf` and `strcpy` by the safer options `snprintf`
and `safe_strcpy` in the following directories:

- libmysqld
- mysys
- sql-common
- strings

All new code of the whole pull request, including one or several files
that are either new files or modified ones, are contributed under the
BSD-new license. I am contributing on behalf of my employer
Amazon Web Services, Inc.

libmysqld/libmysql.c

@@ -2914,7 +2914,8 @@ my_bool STDCALL mysql_stmt_bind_param(MYSQL_STMT *stmt, MYSQL_BIND *my_bind)
       break;
     default:
       strmov(stmt->sqlstate, unknown_sqlstate);
-      sprintf(stmt->last_error,
+      snprintf(stmt->last_error,
+        sizeof(stmt->last_error),
 	      ER(stmt->last_errno= CR_UNSUPPORTED_PARAM_TYPE),
 	      param->buffer_type, count);
       DBUG_RETURN(1);
@@ -3001,7 +3002,9 @@ mysql_stmt_send_long_data(MYSQL_STMT *stmt, uint param_number,
   {
     /* Long data handling should be used only for string/binary types */
     strmov(stmt->sqlstate, unknown_sqlstate);
-    sprintf(stmt->last_error, ER(stmt->last_errno= CR_INVALID_BUFFER_USE),
+    snprintf(stmt->last_error,
+      sizeof(stmt->last_error),
+      ER(stmt->last_errno= CR_INVALID_BUFFER_USE),
 	    param->param_number);
     DBUG_RETURN(1);
   }
@@ -4130,7 +4133,8 @@ my_bool STDCALL mysql_stmt_bind_result(MYSQL_STMT *stmt, MYSQL_BIND *my_bind)
     if (setup_one_fetch_function(param, field))
     {
       strmov(stmt->sqlstate, unknown_sqlstate);
-      sprintf(stmt->last_error,
+      snprintf(stmt->last_error,
+              sizeof(stmt->last_error),
               ER(stmt->last_errno= CR_UNSUPPORTED_PARAM_TYPE),
               field->type, param_count);
       DBUG_RETURN(1);