From da6a6342a933bed209355ae7f522e550809dd5f5 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?fengbojiang=28=E5=A7=9C=E5=87=A4=E6=B3=A2=29?=
 <fengbojiang@tencent.com>
Date: Fri, 22 Nov 2019 14:39:26 +0800
Subject: [PATCH] The disclosure in the TCP network stack was introduced in
 11.0.

Corresponding upstream changeset from
https://www.freebsd.org/security/advisories/FreeBSD-EN-18:05.mem.asc.
---
 freebsd/netinet/tcp_usrreq.c | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/freebsd/netinet/tcp_usrreq.c b/freebsd/netinet/tcp_usrreq.c
index 85f1d56a5..f4e3f305d 100644
--- a/freebsd/netinet/tcp_usrreq.c
+++ b/freebsd/netinet/tcp_usrreq.c
@@ -1566,7 +1566,9 @@ tcp_ctloutput(struct socket *so, struct sockopt *sopt)
 		return (error);
 	} else if ((sopt->sopt_dir == SOPT_GET) && 
 	    (sopt->sopt_name == TCP_FUNCTION_BLK)) {
-		strcpy(fsn.function_set_name, tp->t_fb->tfb_tcp_block_name);
+		strncpy(fsn.function_set_name, tp->t_fb->tfb_tcp_block_name,
+		    TCP_FUNCTION_NAME_LEN_MAX);
+		fsn.function_set_name[TCP_FUNCTION_NAME_LEN_MAX - 1] = '\0';
 		fsn.pcbcnt = tp->t_fb->tfb_refcnt;
 		INP_WUNLOCK(inp);
 		error = sooptcopyout(sopt, &fsn, sizeof fsn);