util: check for trailing characters in partition names

The function which maps partition names to partition ids currently
ignores trailing characters in the partition names. For example, the
partition name "/vicepbogus" is currently considered a valid partition
name ("/vicepbogus" maps to "bo" which is id 66). Although this is not a
regression, it is problematic for several reasons.

Firstly, this can lead to duplicate partition ids on the server, for
example "/vicepbad" and "/vicepbar" both map to the same partition id
("ba" is id 52).

Second, partitions are internally tracked by numeric id. The partition
names are generated from numeric ids when reporting partition names.
This means the trailing characters are lost when reporting the partition
names. For example, vos reports the attached partition "/vicepbad" as
"/vicepba".

Third, it could be possible (but perhaps unlikely) in the future to
extend the range of partition ids, so the trailing characters could
become significant at that time.

Finally, it could be confusing to admins that such partition names are
attached by the fileserver. For example, "/vicepaa-backup" is attached
and is used by the fileserver as partition id 26.

This change adds a check for trailing characters in partition names in
the volutil_GetPartitionID function, so it is more strict in what it
accepts as a valid partition name.  That function will now return -1
(illegal partition name) when trailing characters are found in
partition names.

Reviewed-on: https://gerrit.openafs.org/13039
Reviewed-by: Benjamin Kaduk <kaduk@mit.edu>
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Andrew Deason <adeason@sinenomine.net>
(cherry picked from commit 850c7c50dccbdebb8e0a44da4fc7840760d9e02d)

Change-Id: I1244630f3b31408f9f723b97956dca6987dd9747
Reviewed-on: https://gerrit.openafs.org/13121
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Michael Meffie <mmeffie@sinenomine.net>
Reviewed-by: Joe Gorse <jhgorse@gmail.com>
Reviewed-by: Marcio Brito Barbosa <mbarbosa@sinenomine.net>
Reviewed-by: Andrew Deason <adeason@sinenomine.net>
Reviewed-by: Mark Vitale <mvitale@sinenomine.net>
Reviewed-by: Benjamin Kaduk <kaduk@mit.edu>

diff --git a/src/util/volparse.c b/src/util/volparse.c
index c4cb1f877477a65b0c9e22d30f54ce41b89e44dd..79004fe875415054b4132e97f25694ab3ae3143f 100644 (file)
--- a/src/util/volparse.c
+++ b/src/util/volparse.c
@@ -57,9 +57,11 @@ volutil_GetPartitionID(char *aname)
     if (strlen(aname) <= 2) {
        strcpy(ascii, aname);
     } else if (!strncmp(aname, "/vicep", 6)) {
-       strncpy(ascii, aname + 6, 2);
+       if(strlcpy(ascii, aname + 6, sizeof(ascii)) >= sizeof(ascii))
+           return -1;  /* bad partition name: trailing characters */
     } else if (!strncmp(aname, "vicep", 5)) {
-       strncpy(ascii, aname + 5, 2);
+       if(strlcpy(ascii, aname + 5, sizeof(ascii)) >= sizeof(ascii))
+           return -1;  /* bad partition name: trailing characters */
     } else
        return -1;              /* bad partition name */
     /* now partitions are named /vicepa ... /vicepz, /vicepaa, /vicepab, .../vicepzz,