From 6718ba1851e659bb972e59eeb7f13c04322c60b2 Mon Sep 17 00:00:00 2001
From: Ed Schouten <ed@FreeBSD.org>
Date: Thu, 28 Jul 2016 15:17:12 +0000
Subject: [PATCH] Don't call basename() and dirname() in an unportable way.

POSIX allows these functions to modify their input buffer, so that they
have storage for the return value. Pull copies of the filename before
calling these utility functions.
---
 usr.bin/sed/main.c | 10 ++++++++--
 1 file changed, 8 insertions(+), 2 deletions(-)

diff --git a/usr.bin/sed/main.c b/usr.bin/sed/main.c
index abffe3c6b379..97efab316b4f 100644
--- a/usr.bin/sed/main.c
+++ b/usr.bin/sed/main.c
@@ -301,6 +301,7 @@ mf_fgets(SPACE *sp, enum e_spflag spflag)
 {
 	struct stat sb;
 	ssize_t len;
+	char *dirbuf, *basebuf;
 	static char *p = NULL;
 	static size_t plen = 0;
 	int c;
@@ -389,9 +390,14 @@ mf_fgets(SPACE *sp, enum e_spflag spflag)
 				if ((size_t)len > sizeof(oldfname))
 					errx(1, "%s: name too long", fname);
 			}
+			if ((dirbuf = strdup(fname)) == NULL ||
+			    (basebuf = strdup(fname)) == NULL)
+				err(1, "strdup");
 			len = snprintf(tmpfname, sizeof(tmpfname),
-			    "%s/.!%ld!%s", dirname(fname), (long)getpid(),
-			    basename(fname));
+			    "%s/.!%ld!%s", dirname(dirbuf), (long)getpid(),
+			    basename(basebuf));
+			free(dirbuf);
+			free(basebuf);
 			if ((size_t)len >= sizeof(tmpfname))
 				errx(1, "%s: name too long", fname);
 			unlink(tmpfname);