diff options
| author | Jakob Unterwurzacher | 2017-12-02 21:36:07 +0100 | 
|---|---|---|
| committer | Jakob Unterwurzacher | 2017-12-02 21:36:07 +0100 | 
| commit | 441e796e7034977c15dc9402a880ef4061b471a7 (patch) | |
| tree | 0cb5c83e604cd4a3e45b798b11c950c7e6a57f30 | |
| parent | 316b916358b8830b53fec9e16b325735aa850b14 (diff) | |
fusefrontend_reverse: secure StatFs agains symlink races
...by ignoring the path that was passed in.
https://github.com/rfjakob/gocryptfs/issues/165
| -rw-r--r-- | internal/fusefrontend_reverse/rfs.go | 17 | 
1 files changed, 14 insertions, 3 deletions
| diff --git a/internal/fusefrontend_reverse/rfs.go b/internal/fusefrontend_reverse/rfs.go index 09ebe9e..18468ee 100644 --- a/internal/fusefrontend_reverse/rfs.go +++ b/internal/fusefrontend_reverse/rfs.go @@ -297,9 +297,20 @@ func (rfs *ReverseFS) OpenDir(cipherPath string, context *fuse.Context) ([]fuse.  	return entries, fuse.OK  } -// StatFs - FUSE call -func (rfs *ReverseFS) StatFs(name string) *fuse.StatfsOut { -	return rfs.loopbackfs.StatFs(name) +// StatFs - FUSE call. Returns information about the filesystem (free space +// etc). +// Securing statfs against symlink races seems to be more trouble than +// it's worth, so we just ignore the path and always return info about the +// backing storage root dir. +func (rfs *ReverseFS) StatFs(path string) *fuse.StatfsOut { +	var s syscall.Statfs_t +	err := syscall.Statfs(rfs.args.Cipherdir, &s) +	if err != nil { +		return nil +	} +	out := &fuse.StatfsOut{} +	out.FromStatfsT(&s) +	return out  }  // Readlink - FUSE call | 
