git: d217ed397922 - main - pfctl: Accommodate a basename(3) that takes a non-const parameter

Go to: [ bottom of page ] [ top of archives ] [ this month ]
From: Kristof Provost <kp_at_FreeBSD.org>
Date: Tue, 15 Jul 2025 10:07:49 UTC
The branch main has been updated by kp:

URL: https://cgit.FreeBSD.org/src/commit/?id=d217ed397922fb369fa22023d844aa9cda127b0a

commit d217ed397922fb369fa22023d844aa9cda127b0a
Author:     Kristof Provost <kp@FreeBSD.org>
AuthorDate: 2025-07-07 14:39:08 +0000
Commit:     Kristof Provost <kp@FreeBSD.org>
CommitDate: 2025-07-15 07:55:28 +0000

    pfctl: Accommodate a basename(3) that takes a non-const parameter
    
    It may in fact modify the string buffer.
    
    ok kn@ sashan@
    
    Obtained from:  OpenBSD, naddy <naddy@openbsd.org>, 697265c5fb
    Sponsored by:   Rubicon Communications, LLC ("Netgate")
---
 sbin/pfctl/pfctl.c | 15 +++++++++------
 1 file changed, 9 insertions(+), 6 deletions(-)

diff --git a/sbin/pfctl/pfctl.c b/sbin/pfctl/pfctl.c
index 271286deeda7..2015e0a09549 100644
--- a/sbin/pfctl/pfctl.c
+++ b/sbin/pfctl/pfctl.c
@@ -131,8 +131,8 @@ int	 pfctl_walk_get(int, struct pfioc_ruleset *, void *);
 int	 pfctl_walk_anchors(int, int, const char *,
 	    int(*)(int, struct pfioc_ruleset *, void *), void *);
 struct pfr_anchors *
-	 pfctl_get_anchors(int, char *, int);
-int	 pfctl_recurse(int, int, char *,
+	 pfctl_get_anchors(int, const char *, int);
+int	 pfctl_recurse(int, int, const char *,
 	    int(*)(int, int, struct pfr_anchoritem *));
 int	 pfctl_call_clearrules(int, int, struct pfr_anchoritem *);
 int	 pfctl_call_cleartables(int, int, struct pfr_anchoritem *);
@@ -2988,20 +2988,23 @@ pfctl_show_anchors(int dev, int opts, char *anchor)
 }
 
 struct pfr_anchors *
-pfctl_get_anchors(int dev, char *anchor, int opts)
+pfctl_get_anchors(int dev, const char *anchor, int opts)
 {
 	struct pfioc_ruleset pr;
 	static struct pfr_anchors anchors;
+	char anchorbuf[PATH_MAX];
 	char *n;
 
 	SLIST_INIT(&anchors);
 
 	memset(&pr, 0, sizeof(pr));
 	if (*anchor != '\0') {
-		n = dirname(anchor);
+		strlcpy(anchorbuf, anchor, sizeof(anchorbuf));
+		n = dirname(anchorbuf);
 		if (n[0] != '.' && n[1] != '\0')
 			strlcpy(pr.path, n, sizeof(pr.path));
-		n = basename(anchor);
+		strlcpy(anchorbuf, anchor, sizeof(anchorbuf));
+		n = basename(anchorbuf);
 		if (n != NULL)
 			strlcpy(pr.name, n, sizeof(pr.name));
 	}
@@ -3051,7 +3054,7 @@ pfctl_call_clearanchors(int dev, int opts, struct pfr_anchoritem *pfra)
 }
 
 int
-pfctl_recurse(int dev, int opts, char *anchorname,
+pfctl_recurse(int dev, int opts, const char *anchorname,
     int(*walkf)(int, int, struct pfr_anchoritem *))
 {
 	int			 rv = 0;