Thanks to the Coverity tool, we found some 'security best practices violations' in the Lustre code, and more specifically cases of copy into fixed size buffer.
This is typically where we should use strlcpy() instead of strcpy() or strlcat() instead of strcat() because the size of the source buffer is not known.

I will propose a patch to address the issues.