The problem is a somewhat common misusage of the strmake function.
The strmake(dst, src, len) function writes at most /len/ bytes to
the string pointed to by src, not including the trailing null byte.
Hence, if /len/ is the exact length of the destination buffer, a
one byte buffer overflow can occur if the length of the source
string is equal to or greater than /len/.

client/mysqldump.c:
  Make room for the trailing null byte.
libmysql/libmysql.c:
  Add comment, there is enough room in the buffer.
  Increase buffer length, two strings are concatenated.
libmysqld/lib_sql.cc:
  Make room for the trailing null byte.
mysys/default.c:
  Make room for the trailing null bytes.
mysys/mf_pack.c:
  Make room for the trailing null byte.
server-tools/instance-manager/commands.cc:
  Copy only if overflow isn't possible in both cases.
server-tools/instance-manager/listener.cc:
  Make room for the trailing null byte.
sql/log.cc:
  Make room for the trailing null byte.
sql/sp_pcontext.h:
  Cosmetic fix.
sql/sql_acl.cc:
  MAX_HOSTNAME already specifies space for the trailing null byte.
sql/sql_parse.cc:
  Make room for the trailing null byte.
sql/sql_table.cc:
  Make room for the trailing null byte.