git: d217ed397922 - main - pfctl: Accommodate a basename(3) that takes a non-const parameter

Tue, 15 Jul 2025 03:08:11 -0700 

The branch main has been updated by kp:

URL: 
https://cgit.FreeBSD.org/src/commit/?id=d217ed397922fb369fa22023d844aa9cda127b0a

commit d217ed397922fb369fa22023d844aa9cda127b0a
Author:     Kristof Provost <k...@freebsd.org>
AuthorDate: 2025-07-07 14:39:08 +0000
Commit:     Kristof Provost <k...@freebsd.org>
CommitDate: 2025-07-15 07:55:28 +0000

    pfctl: Accommodate a basename(3) that takes a non-const parameter
    
    It may in fact modify the string buffer.
    
    ok kn@ sashan@
    
    Obtained from:  OpenBSD, naddy <na...@openbsd.org>, 697265c5fb
    Sponsored by:   Rubicon Communications, LLC ("Netgate")
---
 sbin/pfctl/pfctl.c | 15 +++++++++------
 1 file changed, 9 insertions(+), 6 deletions(-)

diff --git a/sbin/pfctl/pfctl.c b/sbin/pfctl/pfctl.c
index 271286deeda7..2015e0a09549 100644
--- a/sbin/pfctl/pfctl.c
+++ b/sbin/pfctl/pfctl.c
@@ -131,8 +131,8 @@ int  pfctl_walk_get(int, struct pfioc_ruleset *, void *);
 int     pfctl_walk_anchors(int, int, const char *,
            int(*)(int, struct pfioc_ruleset *, void *), void *);
 struct pfr_anchors *
-        pfctl_get_anchors(int, char *, int);
-int     pfctl_recurse(int, int, char *,
+        pfctl_get_anchors(int, const char *, int);
+int     pfctl_recurse(int, int, const char *,
            int(*)(int, int, struct pfr_anchoritem *));
 int     pfctl_call_clearrules(int, int, struct pfr_anchoritem *);
 int     pfctl_call_cleartables(int, int, struct pfr_anchoritem *);
@@ -2988,20 +2988,23 @@ pfctl_show_anchors(int dev, int opts, char *anchor)
 }
 
 struct pfr_anchors *
-pfctl_get_anchors(int dev, char *anchor, int opts)
+pfctl_get_anchors(int dev, const char *anchor, int opts)
 {
        struct pfioc_ruleset pr;
        static struct pfr_anchors anchors;
+       char anchorbuf[PATH_MAX];
        char *n;
 
        SLIST_INIT(&anchors);
 
        memset(&pr, 0, sizeof(pr));
        if (*anchor != '\0') {
-               n = dirname(anchor);
+               strlcpy(anchorbuf, anchor, sizeof(anchorbuf));
+               n = dirname(anchorbuf);
                if (n[0] != '.' && n[1] != '\0')
                        strlcpy(pr.path, n, sizeof(pr.path));
-               n = basename(anchor);
+               strlcpy(anchorbuf, anchor, sizeof(anchorbuf));
+               n = basename(anchorbuf);
                if (n != NULL)
                        strlcpy(pr.name, n, sizeof(pr.name));
        }
@@ -3051,7 +3054,7 @@ pfctl_call_clearanchors(int dev, int opts, struct 
pfr_anchoritem *pfra)
 }
 
 int
-pfctl_recurse(int dev, int opts, char *anchorname,
+pfctl_recurse(int dev, int opts, const char *anchorname,
     int(*walkf)(int, int, struct pfr_anchoritem *))
 {
        int                      rv = 0;

Reply via email to