git: 781bc1a69fab - stable/13 - route: avoid overlapping strcpy

From: Kyle Evans <kevans_at_FreeBSD.org>
Date: Thu, 08 Aug 2024 20:07:06 UTC
The branch stable/13 has been updated by kevans:

URL: https://cgit.FreeBSD.org/src/commit/?id=781bc1a69fab3ccb93deab611d19be18d093ca26

commit 781bc1a69fab3ccb93deab611d19be18d093ca26
Author:     Kyle Evans <kevans@FreeBSD.org>
AuthorDate: 2024-07-23 20:25:46 +0000
Commit:     Kyle Evans <kevans@FreeBSD.org>
CommitDate: 2024-08-08 20:00:37 +0000

    route: avoid overlapping strcpy
    
    Passing overlapping buffers to strcpy yields an undefined result, so
    let's avoid it. The copy doesn't really need to happen anyways, we can
    just point to the domain part of the hostname.
    
    This was discovered with _FORTIFY_SOURCE.
    
    Sponsored by:   Klara, Inc.
    Sponsored by:   Stormshield
    Reviewed by:    allanjude, emaste, imp, melifaro (all previous version)
    
    (cherry picked from commit 158f319428c10143ce2ffe766416207c75578931)
---
 sbin/route/route.c | 22 ++++++++++++----------
 1 file changed, 12 insertions(+), 10 deletions(-)

diff --git a/sbin/route/route.c b/sbin/route/route.c
index c48a39b490dd..d82ab2c054ae 100644
--- a/sbin/route/route.c
+++ b/sbin/route/route.c
@@ -108,8 +108,8 @@ static u_long  rtm_inits;
 static uid_t	uid;
 static int	defaultfib;
 static int	numfibs;
-static char	domain[MAXHOSTNAMELEN + 1];
-static bool	domain_initialized;
+static char	domain_storage[MAXHOSTNAMELEN + 1];
+static const char	*domain;
 static int	rtm_seq;
 static char	rt_line[NI_MAXHOST];
 static char	net_line[MAXHOSTNAMELEN + 1];
@@ -563,14 +563,16 @@ routename(struct sockaddr *sa)
 	const char *cp;
 	int n;
 
-	if (!domain_initialized) {
-		domain_initialized = true;
-		if (gethostname(domain, MAXHOSTNAMELEN) == 0 &&
-		    (cp = strchr(domain, '.'))) {
-			domain[MAXHOSTNAMELEN] = '\0';
-			(void)strcpy(domain, cp + 1);
-		} else
-			domain[0] = '\0';
+	if (domain == NULL) {
+		if (gethostname(domain_storage,
+		    sizeof(domain_storage) - 1) == 0 &&
+		    (cp = strchr(domain_storage, '.')) != NULL) {
+			domain_storage[sizeof(domain_storage) - 1] = '\0';
+			domain = cp + 1;
+		} else {
+			domain_storage[0] = '\0';
+			domain = domain_storage;
+		}
 	}
 
 	/* If the address is zero-filled, use "default". */