From 1eb2ff482aaa2a3b5196350bff680249e6acbf7d Mon Sep 17 00:00:00 2001
From: pfg <pfg@ccf9f872-aa2e-dd11-9fc8-001c23d0bc1f>
Date: Sat, 26 Dec 2015 18:37:01 +0000
Subject: [PATCH] MFC	r292454, r292455 ed(1): Prevent possible string
 overflows

Use strlcpy to guarantee NULL termination.

With hint from:	imp, cem, ngie
CID:		1007252


git-svn-id: svn://svn.freebsd.org/base/stable/10@292754 ccf9f872-aa2e-dd11-9fc8-001c23d0bc1f
---
 bin/ed/main.c | 10 ++++++----
 1 file changed, 6 insertions(+), 4 deletions(-)

diff --git a/bin/ed/main.c b/bin/ed/main.c
index 98bb300fe..174931494 100644
--- a/bin/ed/main.c
+++ b/bin/ed/main.c
@@ -505,7 +505,8 @@ exec_command(void)
 			return ERR;
 		else if (open_sbuf() < 0)
 			return FATAL;
-		if (*fnp && *fnp != '!') strcpy(old_filename, fnp);
+		if (*fnp && *fnp != '!')
+			 strlcpy(old_filename, fnp, PATH_MAX);
 #ifdef BACKWARDS
 		if (*fnp == '\0' && *old_filename == '\0') {
 			errmsg = "no current filename";
@@ -532,7 +533,8 @@ exec_command(void)
 			return ERR;
 		}
 		GET_COMMAND_SUFFIX();
-		if (*fnp) strcpy(old_filename, fnp);
+		if (*fnp)
+			strlcpy(old_filename, fnp, PATH_MAX);
 		printf("%s\n", strip_escapes(old_filename));
 		break;
 	case 'g':
@@ -663,7 +665,7 @@ exec_command(void)
 		GET_COMMAND_SUFFIX();
 		if (!isglobal) clear_undo_stack();
 		if (*old_filename == '\0' && *fnp != '!')
-			strcpy(old_filename, fnp);
+			strlcpy(old_filename, fnp, PATH_MAX);
 #ifdef BACKWARDS
 		if (*fnp == '\0' && *old_filename == '\0') {
 			errmsg = "no current filename";
@@ -797,7 +799,7 @@ exec_command(void)
 			return ERR;
 		GET_COMMAND_SUFFIX();
 		if (*old_filename == '\0' && *fnp != '!')
-			strcpy(old_filename, fnp);
+			strlcpy(old_filename, fnp, PATH_MAX);
 #ifdef BACKWARDS
 		if (*fnp == '\0' && *old_filename == '\0') {
 			errmsg = "no current filename";
-- 
2.42.0