Skip site navigation (1)Skip section navigation (2)
Date:      Thu, 9 Jan 2025 06:11:20 GMT
From:      "Jason A. Harmening" <jah@FreeBSD.org>
To:        src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org
Subject:   git: 6584e5a1c54f - stable/14 - mount(8): Avoid truncation when fstab-formatting unionfs mount info
Message-ID:  <202501090611.5096BKE3066613@gitrepo.freebsd.org>

next in thread | raw e-mail | index | archive | help
The branch stable/14 has been updated by jah:

URL: https://cgit.FreeBSD.org/src/commit/?id=6584e5a1c54ff24ed7c9eb80a884b4e7f54e7288

commit 6584e5a1c54ff24ed7c9eb80a884b4e7f54e7288
Author:     Jason A. Harmening <jah@FreeBSD.org>
AuthorDate: 2024-12-22 06:36:30 +0000
Commit:     Jason A. Harmening <jah@FreeBSD.org>
CommitDate: 2025-01-09 06:10:00 +0000

    mount(8): Avoid truncation when fstab-formatting unionfs mount info
    
    When displaying unionfs mounts in fstab format (`mount -p`), mount(8)
    currently uses strlcpy to remove the disposition prefix from the mount
    name returned by getmntinfo(3).  But strlcpy, like strcpy before it,
    does not guarantee correct behavior if the source and destination
    buffers overlap.
    
    Just offset the buffer and avoid the destructive copy in the first
    place.
    
    PR:             283420
    Reviewed by:    imp (previous version), olce
    Differential Revision: https://reviews.freebsd.org/D48177
    
    (cherry picked from commit a314c60625af1829b7e12c3a4cedb74d7f69d074)
---
 sbin/mount/mount.c | 16 ++++++++--------
 1 file changed, 8 insertions(+), 8 deletions(-)

diff --git a/sbin/mount/mount.c b/sbin/mount/mount.c
index 2fcc94e40818..bb84d9696d12 100644
--- a/sbin/mount/mount.c
+++ b/sbin/mount/mount.c
@@ -901,9 +901,11 @@ void
 putfsent(struct statfs *ent)
 {
 	struct fstab *fst;
+	const char *mntfromname;
 	char *opts, *rw;
 	int l;
 
+	mntfromname = ent->f_mntfromname;
 	opts = NULL;
 	/* flags2opts() doesn't return the "rw" option. */
 	if ((ent->f_flags & MNT_RDONLY) != 0)
@@ -914,16 +916,14 @@ putfsent(struct statfs *ent)
 	opts = flags2opts(ent->f_flags);
 	opts = catopt(rw, opts);
 
-	if (strncmp(ent->f_mntfromname, "<below>", 7) == 0 ||
-	    strncmp(ent->f_mntfromname, "<above>", 7) == 0) {
-		strlcpy(ent->f_mntfromname,
-		    (strnstr(ent->f_mntfromname, ":", 8) +1),
-		    sizeof(ent->f_mntfromname));
+	if (strncmp(mntfromname, "<below>:", 8) == 0 ||
+	    strncmp(mntfromname, "<above>:", 8) == 0) {
+		mntfromname += 8;
 	}
 
-	l = strlen(ent->f_mntfromname);
+	l = strlen(mntfromname);
 	xo_emit("{:device}{P:/%s}{P:/%s}{P:/%s}",
-	    ent->f_mntfromname,
+	    mntfromname,
 	    l < 8 ? "\t" : "",
 	    l < 16 ? "\t" : "",
 	    l < 24 ? "\t" : " ");
@@ -939,7 +939,7 @@ putfsent(struct statfs *ent)
 	    l < 8 ? "\t" : " ");
 	free(opts);
 
-	if ((fst = getfsspec(ent->f_mntfromname)))
+	if ((fst = getfsspec(mntfromname)))
 		xo_emit("{P:\t}{n:dump/%u}{P: }{n:pass/%u}\n",
 		    fst->fs_freq, fst->fs_passno);
 	else if ((fst = getfsfile(ent->f_mntonname)))



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?202501090611.5096BKE3066613>