vlserver: Disable regex volume name processing in ListAttributesN2

For the interim and until it is needed, this is most prudently simply disabled. FIXES 131890 (cherry picked from commit 22481ab370) Change-Id: I612ea4a1c85fdb895acc6a71801e659869e849c2
2025-01-18 15:00:12 +00:00 · 2015-07-08 14:37:16 -04:00 · 2015-07-08 14:37:16 -04:00 · 63087b338e
commit 63087b338e
parent 5ec99156b0
1 changed files with 8 additions and 66 deletions
--- a/src/vlserver/vlprocs.c
+++ b/src/vlserver/vlprocs.c
@ -1446,11 +1446,10 @@ SVL_ListAttributesN2(struct rx_call *rxcall,
    afs_int32 blockindex = 0, count = 0, k, match;
    afs_int32 matchindex = 0;
    int serverindex = -1;	/* no server found */
-    int findserver = 0, findpartition = 0, findflag = 0, findname = 0;
+    int findserver = 0, findpartition = 0, findflag = 0;
    int pollcount = 0;
    int namematchRWBK, namematchRO, thismatch;
    int matchtype = 0;
-    char volumename[VL_MAXNAMELEN+2]; /* regex anchors */
    char rxstr[AFS_RXINFO_LEN];
 #ifdef HAVE_POSIX_REGEX
    regex_t re;
@ -1500,8 +1499,7 @@ SVL_ListAttributesN2(struct rx_call *rxcall,
    }

    /* Search each entry in the database and return all entries
-     * that match the request. It checks volumename (with
-     * wildcarding), entry flags, server, and partition.
+     * that match the request. It checks entry flags, server, and partition.
     */
    else {
 	/* Get the server index for matching server address */
@ -1515,21 +1513,9 @@ SVL_ListAttributesN2(struct rx_call *rxcall,
 	findpartition = ((attributes->Mask & VLLIST_PARTITION) ? 1 : 0);
 	findflag = ((attributes->Mask & VLLIST_FLAG) ? 1 : 0);
 	if (name && (strcmp(name, ".*") != 0) && (strcmp(name, "") != 0)) {
-	    sprintf(volumename, "^%s$", name);
-#ifdef HAVE_POSIX_REGEX
-	    if (regcomp(&re, volumename, REG_NOSUB) != 0) {
-		errorcode = VL_BADNAME;
-		goto done;
-	    }
-	    need_regfree = 1;
-#else
-	    t = (char *)re_comp(volumename);
-	    if (t) {
-		errorcode = VL_BADNAME;
-		goto done;
-	    }
-#endif
-	    findname = 1;
+	    /* regex-matching code has been disabled for security reasons. */
+	    errorcode = VL_BADNAME;
+	    goto done;
 	}

 	/* Read each entry and see if it is the one we want */
@ -1559,38 +1545,12 @@ SVL_ListAttributesN2(struct rx_call *rxcall,
 		if (tentry.serverFlags[k] & VLSF_RWVOL) {
 		    /* Does the name match the RW name */
 		    if (tentry.flags & VLF_RWEXISTS) {
-			if (findname) {
-			    sprintf(volumename, "%s", tentry.name);
-#ifdef HAVE_POSIX_REGEX
-			    if (regexec(&re, volumename, 0, NULL, 0) == 0) {
-				thismatch = VLSF_RWVOL;
-			    }
-#else
-			    if (re_exec(volumename)) {
-				thismatch = VLSF_RWVOL;
-			    }
-#endif
-			} else {
-			    thismatch = VLSF_RWVOL;
-			}
+			thismatch = VLSF_RWVOL;
 		    }

 		    /* Does the name match the BK name */
 		    if (!thismatch && (tentry.flags & VLF_BACKEXISTS)) {
-			if (findname) {
-			    sprintf(volumename, "%s.backup", tentry.name);
-#ifdef HAVE_POSIX_REGEX
-			    if (regexec(&re, volumename, 0, NULL, 0) == 0) {
-				thismatch = VLSF_BACKVOL;
-			    }
-#else
-			    if (re_exec(volumename)) {
-				thismatch = VLSF_BACKVOL;
-			    }
-#endif
-			} else {
-			    thismatch = VLSF_BACKVOL;
-			}
+			thismatch = VLSF_BACKVOL;
 		    }

 		    namematchRWBK = (thismatch ? 1 : 2);
@ -1602,25 +1562,7 @@ SVL_ListAttributesN2(struct rx_call *rxcall,
 		 */
 		else {
 		    if (tentry.flags & VLF_ROEXISTS) {
-			if (findname) {
-			    if (namematchRO) {
-				thismatch =
-				    ((namematchRO == 1) ? VLSF_ROVOL : 0);
-			    } else {
-				sprintf(volumename, "%s.readonly",
-					tentry.name);
-#ifdef HAVE_POSIX_REGEX
-			    if (regexec(&re, volumename, 0, NULL, 0) == 0) {
-				thismatch = VLSF_ROVOL;
-			    }
-#else
-				if (re_exec(volumename))
-				    thismatch = VLSF_ROVOL;
-#endif
-			    }
-			} else {
-			    thismatch = VLSF_ROVOL;
-			}
+			thismatch = VLSF_ROVOL;
 		    }
 		    namematchRO = (thismatch ? 1 : 2);
 		}