From 6e8ef9cbb05228a70c6e6d2f9bb5c2a2dcf2b2e0 Mon Sep 17 00:00:00 2001
From: "Pedro F. Giffuni" <pfg@FreeBSD.org>
Date: Fri, 18 Dec 2015 23:05:36 +0000
Subject: [PATCH] ed(1): Prevent possible string overflows

Use strlcpy instead of strncpy to guarantee NULL termination.

Pointed out by:	imp
CID:		1007252
X-MFC with:	r292454
---
 bin/ed/main.c | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/bin/ed/main.c b/bin/ed/main.c
index 138c183ef98c..174931494e34 100644
--- a/bin/ed/main.c
+++ b/bin/ed/main.c
@@ -506,7 +506,7 @@ exec_command(void)
 		else if (open_sbuf() < 0)
 			return FATAL;
 		if (*fnp && *fnp != '!')
-			 strncpy(old_filename, fnp, PATH_MAX);
+			 strlcpy(old_filename, fnp, PATH_MAX);
 #ifdef BACKWARDS
 		if (*fnp == '\0' && *old_filename == '\0') {
 			errmsg = "no current filename";
@@ -534,7 +534,7 @@ exec_command(void)
 		}
 		GET_COMMAND_SUFFIX();
 		if (*fnp)
-			strncpy(old_filename, fnp, PATH_MAX);
+			strlcpy(old_filename, fnp, PATH_MAX);
 		printf("%s\n", strip_escapes(old_filename));
 		break;
 	case 'g':
@@ -665,7 +665,7 @@ exec_command(void)
 		GET_COMMAND_SUFFIX();
 		if (!isglobal) clear_undo_stack();
 		if (*old_filename == '\0' && *fnp != '!')
-			strncpy(old_filename, fnp, PATH_MAX);
+			strlcpy(old_filename, fnp, PATH_MAX);
 #ifdef BACKWARDS
 		if (*fnp == '\0' && *old_filename == '\0') {
 			errmsg = "no current filename";
@@ -799,7 +799,7 @@ exec_command(void)
 			return ERR;
 		GET_COMMAND_SUFFIX();
 		if (*old_filename == '\0' && *fnp != '!')
-			strncpy(old_filename, fnp, PATH_MAX);
+			strlcpy(old_filename, fnp, PATH_MAX);
 #ifdef BACKWARDS
 		if (*fnp == '\0' && *old_filename == '\0') {
 			errmsg = "no current filename";