diff --git a/WHATS_NEW b/WHATS_NEW
index e3eae3a6c..e1c7182fd 100644
--- a/WHATS_NEW
+++ b/WHATS_NEW
@@ -1,5 +1,6 @@
 Version 2.02.91 -
 ===================================
+  Ensure strncpy() function always ends with '\0'.
   Set status in _fsadm_cmd() for error path.
   Add missing deps for lvm2api for rebuild when lvm-internal is changed.
   Fix resource leaks for failing allocation of formats (lvm1/2,pool).
diff --git a/WHATS_NEW_DM b/WHATS_NEW_DM
index e1d2ee316..1a7786c8c 100644
--- a/WHATS_NEW_DM
+++ b/WHATS_NEW_DM
@@ -1,5 +1,6 @@
 Version 1.02.70 - 
 ===================================
+  Leave space for '\0' for readline() call in _sysfs_get_kernel_name().
 
 Version 1.02.69 - 1st February 2012
 ===================================
diff --git a/lib/device/dev-cache.c b/lib/device/dev-cache.c
index fb5361ef5..a8f1c2736 100644
--- a/lib/device/dev-cache.c
+++ b/lib/device/dev-cache.c
@@ -254,8 +254,10 @@ static int _compare_paths(const char *path0, const char *path1)
 	if (slash1 < slash0)
 		return 1;
 
-	strncpy(p0, path0, PATH_MAX);
-	strncpy(p1, path1, PATH_MAX);
+	strncpy(p0, path0, sizeof(p0) - 1);
+	p0[sizeof(p0) - 1] = '\0';
+	strncpy(p1, path1, sizeof(p1) - 1);
+	p1[sizeof(p1) - 1] = '\0';
 	s0 = p0 + 1;
 	s1 = p1 + 1;
 
diff --git a/lib/locking/locking.c b/lib/locking/locking.c
index 6fc7bf651..1b4e0ac54 100644
--- a/lib/locking/locking.c
+++ b/lib/locking/locking.c
@@ -459,7 +459,8 @@ int lock_vol(struct cmd_context *cmd, const char *vol, uint32_t flags)
 		return 0;
 	}
 
-	strncpy(resource, vol, sizeof(resource));
+	strncpy(resource, vol, sizeof(resource) - 1);
+	resource[sizeof(resource) - 1] = '\0';
 
 	if (!_lock_vol(cmd, resource, flags, lv_op))
 		return_0;
diff --git a/lib/log/log.c b/lib/log/log.c
index 040d70dec..fa20b1ea6 100644
--- a/lib/log/log.c
+++ b/lib/log/log.c
@@ -136,7 +136,7 @@ void fin_syslog(void)
 
 void init_msg_prefix(const char *prefix)
 {
-	strncpy(_msg_prefix, prefix, sizeof(_msg_prefix));
+	strncpy(_msg_prefix, prefix, sizeof(_msg_prefix) - 1);
 	_msg_prefix[sizeof(_msg_prefix) - 1] = '\0';
 }
 
diff --git a/lib/misc/lvm-globals.c b/lib/misc/lvm-globals.c
index 69de6231d..e1512f904 100644
--- a/lib/misc/lvm-globals.c
+++ b/lib/misc/lvm-globals.c
@@ -165,13 +165,13 @@ void init_detect_internal_vg_cache_corruption(int detect)
 
 void set_cmd_name(const char *cmd)
 {
-	strncpy(_cmd_name, cmd, sizeof(_cmd_name));
+	strncpy(_cmd_name, cmd, sizeof(_cmd_name) - 1);
 	_cmd_name[sizeof(_cmd_name) - 1] = '\0';
 }
 
 void set_sysfs_dir_path(const char *path)
 {
-	strncpy(_sysfs_dir_path, path, sizeof(_sysfs_dir_path));
+	strncpy(_sysfs_dir_path, path, sizeof(_sysfs_dir_path) - 1);
 	_sysfs_dir_path[sizeof(_sysfs_dir_path) - 1] = '\0';
 }
 
diff --git a/lib/misc/sharedlib.c b/lib/misc/sharedlib.c
index cab2909e6..48fa522b3 100644
--- a/lib/misc/sharedlib.c
+++ b/lib/misc/sharedlib.c
@@ -34,8 +34,10 @@ void get_shared_library_path(struct cmd_context *cmd, const char *libname,
 	if (libname[0] == '/' ||
 	    !(lib_dir = find_config_tree_str(cmd, "global/library_dir", 0)) ||
 	    (dm_snprintf(path, path_len, "%s/%s", lib_dir,
-			  libname) == -1) || stat(path, &info) == -1)
-		strncpy(path, libname, path_len);
+			 libname) == -1) || stat(path, &info) == -1) {
+		strncpy(path, libname, path_len - 1);
+		path[path_len - 1] = '\0';
+	}
 }
 
 void *load_shared_library(struct cmd_context *cmd, const char *libname,
diff --git a/libdm/libdm-common.c b/libdm/libdm-common.c
index a4a351edb..2fb5e5e52 100644
--- a/libdm/libdm-common.c
+++ b/libdm/libdm-common.c
@@ -706,7 +706,7 @@ int get_dev_node_read_ahead(const char *dev_name, uint32_t major, uint32_t minor
 
 		if ((fd = open(_path0, O_RDONLY, 0)) != -1) {
 			/* Reading from sysfs, expecting number\n */
-			if ((len = read(fd, buf, sizeof(buf))) < 1) {
+			if ((len = read(fd, buf, sizeof(buf) - 1)) < 1) {
 				log_sys_error("read", _path0);
 				r = 0;
 			} else {
@@ -1256,7 +1256,7 @@ static int _sysfs_get_kernel_name(uint32_t major, uint32_t minor, char *buf, siz
 		goto error;
 	}
 
-	if ((size = readlink(sysfs_path, temp_buf, PATH_MAX)) < 0) {
+	if ((size = readlink(sysfs_path, temp_buf, PATH_MAX - 1)) < 0) {
 		if (errno != ENOENT)
 			log_sys_error("readlink", sysfs_path);
 		else
diff --git a/tools/dmsetup.c b/tools/dmsetup.c
index 4b25e0f3b..2e4b8f571 100644
--- a/tools/dmsetup.c
+++ b/tools/dmsetup.c
@@ -3059,7 +3059,8 @@ static char *parse_loop_device_name(const char *dev, const char *dev_dir)
 		    device[strlen(dev_dir)] != '/')
 			goto error;
 
-		strncpy(buf, strrchr(device, '/') + 1, (size_t) PATH_MAX);
+		strncpy(buf, strrchr(device, '/') + 1, PATH_MAX - 1);
+		buf[PATH_MAX - 1] = '\0';
 		dm_free(device);
 
 	} else {