diff options
| author | Jakob Unterwurzacher | 2016-12-10 12:59:54 +0100 |
|---|---|---|
| committer | Jakob Unterwurzacher | 2016-12-10 12:59:54 +0100 |
| commit | 2758c75cae2896b7f1327fe00f60a1c017c0e0d1 (patch) | |
| tree | 79b3639b9341e7c88cff50b0baba003edbeca5ed /internal/ctlsock/sanitize.go | |
| parent | 21904cd5f03f853ea6ceccbb414a5070c1f96324 (diff) | |
ctlsock: sanitize paths before passing them to the backend
You used to be able to crash gocryptfs by passing "/foo"
of "foo/" to the ctlsock.
Fixes https://github.com/rfjakob/gocryptfs/issues/66
Diffstat (limited to 'internal/ctlsock/sanitize.go')
| -rw-r--r-- | internal/ctlsock/sanitize.go | 20 |
1 files changed, 20 insertions, 0 deletions
diff --git a/internal/ctlsock/sanitize.go b/internal/ctlsock/sanitize.go new file mode 100644 index 0000000..5bc3706 --- /dev/null +++ b/internal/ctlsock/sanitize.go @@ -0,0 +1,20 @@ +package ctlsock + +import ( + "path/filepath" +) + +// SanitizePath adapts filepath.Clean for FUSE paths. +// 1) It always returns a relative path +// 2) It returns "" instead of "." +// See the TestSanitizePath testcases for examples. +func SanitizePath(path string) string { + clean := filepath.Clean(path) + if clean == "." || clean == "/" { + return "" + } + if clean[0] == '/' { + clean = clean[1:] + } + return clean +} |