commit d6b622833d0a5d679a8ed3f37b7e661d51a19188 Author: Stephan Wiesand Date: Tue Aug 4 14:13:38 2015 +0200 Make OpenAFS 1.6.14 Update version strings for release 1.6.14. Change-Id: I123d9f764a4b8496e0a85032ec8848e9a46a0428 Reviewed-on: http://gerrit.openafs.org/11974 Reviewed-by: Stephan Wiesand Tested-by: Stephan Wiesand commit e47846dccbca3ef4118d8434786fafe7c99b5ae4 Author: Stephan Wiesand Date: Thu Aug 13 12:44:44 2015 +0200 Update NEWS for 1.6.14 Release notes for OpenAFS 1.6.14 Change-Id: I9caed2c8e8737deccbe72eae1d35e810c48a685a Reviewed-on: http://gerrit.openafs.org/11980 Tested-by: BuildBot Reviewed-by: Stephan Wiesand commit 60be338c2de58f2a33c64bdb41c006574ba7fd0e Author: Jeffrey Altman Date: Sat Aug 1 09:32:35 2015 -0400 vlserver: ListAttributesN2 volume name safety The vlserver ListAttributesN2 RPC permits filtering the result set by volume name in addition by site or volume id. Two issues identified by Andrew Deason (Sine Nomine Associates) are addressed by this patch. First, the size of the volumename[] buffer is insufficient to store the valid input read over the network. The buffer needs to be able to store VL_MAXNAMELEN characters of the volume name, two characters for the regular expression '^' and '$', and the trailing NUL. Second, sprintf() is used to write to the buffer and even with valid input from the caller SVL_ListAttributesN2 can overflow the buffer when ".backup" and ".readonly" are appended to the volume name. If there is an overflow the search name is invalid and there can not be a valid match. This patch increases the size of volumename[] to VL_MAXNAMELEN+3. It also uses snprintf() instead of sprintf() and performs error checking. The error VL_BADNAME is returned when the network input is invalid. Reviewed-on: http://gerrit.openafs.org/11969 Reviewed-by: Mark Vitale Reviewed-by: Nathaniel Filardo Reviewed-by: Daria Brashear Tested-by: BuildBot (cherry picked from commit c9f430fd8f479bbfe28829f7032ecd325a4f833d) Change-Id: I1b48cc8ed1a52afc36465f2fbd5bfd5345e90c41 Reviewed-on: http://gerrit.openafs.org/11976 Tested-by: BuildBot Reviewed-by: Mark Vitale Reviewed-by: Michael Meffie Reviewed-by: Benjamin Kaduk Tested-by: Benjamin Kaduk Reviewed-by: Stephan Wiesand commit 0b4cad31128623b1cf381384b8cf50336a86be9c Author: D Brashear Date: Fri Jul 18 16:00:12 2014 -0400 vlserver: limit use of regex to admins always allow regexes only if the querying user is a superuser. if the superuser uses up all the resources, well, they could just do whatever damage directly anyway. means even in unrestricted mode we are not vulnerable Reviewed-on: http://gerrit.openafs.org/11968 Reviewed-by: Daria Brashear Reviewed-by: Mark Vitale Tested-by: BuildBot Reviewed-by: Benjamin Kaduk (cherry picked from commit 049323e7e03c64f534a73ff452d218f19d5b8132) Change-Id: I1e3f11bd14b071be69eb6e00c26ea2209596c82a Reviewed-on: http://gerrit.openafs.org/11975 Tested-by: BuildBot Reviewed-by: Mark Vitale Reviewed-by: Michael Meffie Reviewed-by: Benjamin Kaduk Reviewed-by: Stephan Wiesand commit 3803e6acbe625c3b298dde7a6f9d0fd560cfe635 Author: Stephan Wiesand Date: Tue Aug 4 16:05:06 2015 +0200 Revert "vlserver: Disable regex volume name processing in ListAttributesN2" This reverts commit 63087b338e3d0fbbb26ee183a039052bf07aaaec. Change-Id: I4bb759893224b8c53a1deb50f34e8395ed44fb4a Reviewed-on: http://gerrit.openafs.org/11971 Reviewed-by: Daria Brashear Tested-by: BuildBot Reviewed-by: Mark Vitale Reviewed-by: Stephan Wiesand