From 2b366655dffc140e4404f931c52ab6490542647e Mon Sep 17 00:00:00 2001
From: claudio <claudio@openbsd.org>
Date: Fri, 4 Aug 2023 09:20:12 +0000
Subject: [PATCH] Instead of forcing a NUL into struct ctl_neighbor descr
 adjust the peer matching code to only match at maximum sizeof(n->descr) bytes
 using strncmp(). OK tb@

---
 usr.sbin/bgpd/control.c | 5 +----
 usr.sbin/bgpd/rde.c     | 5 +++--
 usr.sbin/bgpd/session.c | 5 +++--
 3 files changed, 7 insertions(+), 8 deletions(-)

diff --git a/usr.sbin/bgpd/control.c b/usr.sbin/bgpd/control.c
index 585d5f4fb12..16195d1e8ca 100644
--- a/usr.sbin/bgpd/control.c
+++ b/usr.sbin/bgpd/control.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: control.c,v 1.111 2023/07/20 11:10:03 claudio Exp $ */
+/*	$OpenBSD: control.c,v 1.112 2023/08/04 09:20:12 claudio Exp $ */
 
 /*
  * Copyright (c) 2003, 2004 Henning Brauer <henning@openbsd.org>
@@ -314,7 +314,6 @@ control_dispatch_msg(struct pollfd *pfd, struct peer_head *peers)
 			if (imsg.hdr.len == IMSG_HEADER_SIZE +
 			    sizeof(struct ctl_neighbor)) {
 				neighbor = imsg.data;
-				neighbor->descr[PEER_DESCR_LEN - 1] = 0;
 			} else {
 				neighbor = NULL;
 			}
@@ -370,7 +369,6 @@ control_dispatch_msg(struct pollfd *pfd, struct peer_head *peers)
 			}
 
 			neighbor = imsg.data;
-			neighbor->descr[PEER_DESCR_LEN - 1] = 0;
 
 			matched = 0;
 			RB_FOREACH(p, peer_head, peers) {
@@ -474,7 +472,6 @@ control_dispatch_msg(struct pollfd *pfd, struct peer_head *peers)
 
 			ribreq = imsg.data;
 			neighbor = &ribreq->neighbor;
-			neighbor->descr[PEER_DESCR_LEN - 1] = 0;
 
 			/* check if at least one neighbor exists */
 			RB_FOREACH(p, peer_head, peers)
diff --git a/usr.sbin/bgpd/rde.c b/usr.sbin/bgpd/rde.c
index 0a9fd116915..b575e9398e4 100644
--- a/usr.sbin/bgpd/rde.c
+++ b/usr.sbin/bgpd/rde.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: rde.c,v 1.608 2023/07/12 14:45:42 claudio Exp $ */
+/*	$OpenBSD: rde.c,v 1.609 2023/08/04 09:20:12 claudio Exp $ */
 
 /*
  * Copyright (c) 2003, 2004 Henning Brauer <henning@openbsd.org>
@@ -2947,7 +2947,8 @@ rde_match_peer(struct rde_peer *p, struct ctl_neighbor *n)
 			return 0;
 	} else if (n && n->descr[0]) {
 		s = n->is_group ? p->conf.group : p->conf.descr;
-		if (strcmp(s, n->descr))
+		/* cannot trust n->descr to be properly terminated */
+		if (strncmp(s, n->descr, sizeof(n->descr)))
 			return 0;
 	}
 	return 1;
diff --git a/usr.sbin/bgpd/session.c b/usr.sbin/bgpd/session.c
index 3b5fa3b52b5..86dadcfee70 100644
--- a/usr.sbin/bgpd/session.c
+++ b/usr.sbin/bgpd/session.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: session.c,v 1.446 2023/07/12 14:45:43 claudio Exp $ */
+/*	$OpenBSD: session.c,v 1.447 2023/08/04 09:20:12 claudio Exp $ */
 
 /*
  * Copyright (c) 2003, 2004, 2005 Henning Brauer <henning@openbsd.org>
@@ -3461,7 +3461,8 @@ peer_matched(struct peer *p, struct ctl_neighbor *n)
 			return 0;
 	} else if (n && n->descr[0]) {
 		s = n->is_group ? p->conf.group : p->conf.descr;
-		if (strcmp(s, n->descr))
+		/* cannot trust n->descr to be properly terminated */
+		if (strncmp(s, n->descr, sizeof(n->descr)))
 			return 0;
 	}
 	return 1;
-- 
2.20.1