diff options
author | Jakob Unterwurzacher | 2017-05-25 14:21:55 +0200 |
---|---|---|
committer | Jakob Unterwurzacher | 2017-05-25 14:21:55 +0200 |
commit | 9a3f9350fe29083de04bbbe71e20ea169b2e691e (patch) | |
tree | 3e84be3140e76f0aaba6994deb25f1b68edca1ee | |
parent | 2ce269ec63e0a9c87b2fce45a5bf0cf09abf5bba (diff) |
nametransform: reject all-zero dirIV
This should never happen in normal operation and is a sign of
data corruption. Catch it early.
-rw-r--r-- | internal/nametransform/diriv.go | 8 |
1 files changed, 8 insertions, 0 deletions
diff --git a/internal/nametransform/diriv.go b/internal/nametransform/diriv.go index e74592a..902999b 100644 --- a/internal/nametransform/diriv.go +++ b/internal/nametransform/diriv.go @@ -1,6 +1,7 @@ package nametransform import ( + "bytes" "io" "os" "path/filepath" @@ -46,6 +47,9 @@ func ReadDirIVAt(dirfd *os.File) (iv []byte, err error) { return fdReadDirIV(fd) } +// allZeroDirIV is preallocated to quickly check if the data read from disk is all zero +var allZeroDirIV = make([]byte, DirIVLen) + // fdReadDirIV reads and verifies the DirIV from an opened gocryptfs.diriv file. func fdReadDirIV(fd *os.File) (iv []byte, err error) { // We want to detect if the file is bigger than DirIVLen, so @@ -61,6 +65,10 @@ func fdReadDirIV(fd *os.File) (iv []byte, err error) { tlog.Warn.Printf("ReadDirIVAt: wanted %d bytes, got %d. Returning EINVAL.", DirIVLen, len(iv)) return nil, syscall.EINVAL } + if bytes.Equal(iv, allZeroDirIV) { + tlog.Warn.Printf("ReadDirIVAt: diriv is all-zero. Returning EINVAL.") + return nil, syscall.EINVAL + } return iv, nil } |