From 2f0322a764423306c80bc9a18b90deac5f2da345 Mon Sep 17 00:00:00 2001
From: Herman Semenoff <GermanAizek@yandex.ru>
Date: Mon, 9 Feb 2026 01:46:28 +0300
Subject: [PATCH] utsnames: replace strcpy to strncpy for premature attention
 and safety

This change will help developers pay attention in the future if this buffer current task utsname and code associated with it are changed
---
 utsnames.c | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/utsnames.c b/utsnames.c
index 57c3fd4..a1483dc 100644
--- a/utsnames.c
+++ b/utsnames.c
@@ -166,7 +166,9 @@ getutsname(struct tstat *curtask)
 	if ( (offset = strlen(tmphost) - UTSLEN) < 0)
 		offset = 0;
 
-	strcpy(curtask->gen.utsname, tmphost+offset);	// copy last part when overflow
+	// copy last part when overflow
+	strncpy(curtask->gen.utsname, tmphost+offset, sizeof(curtask->gen.utsname) - 1);
+	curtask->gen.utsname[sizeof(curtask->gen.utsname) - 1] = '\0';
 
 	if (! droprootprivs())
 		mcleanstop(42, "failed to drop root privs\n");