diff options
| author | Jakob Unterwurzacher | 2021-06-02 14:21:30 +0200 |
|---|---|---|
| committer | Jakob Unterwurzacher | 2021-06-02 14:29:48 +0200 |
| commit | 04858ddd222bbf7156f33f99cfb293a9b1e15ec8 (patch) | |
| tree | 732cbf83c9d842a911d515abbad7c153c4159354 /internal/fusefrontend | |
| parent | 242cdf966f262b2e20785eb0ff49ac55a8bd4636 (diff) | |
nametransform: check name validity on encryption
xfstests generic/523 discovered that we allowed to set
xattrs with "/" in the name, but did not allow to read
them later.
With this change we do not allow to set them in the first
place.
Diffstat (limited to 'internal/fusefrontend')
| -rw-r--r-- | internal/fusefrontend/node_xattr.go | 16 | ||||
| -rw-r--r-- | internal/fusefrontend/root_node.go | 9 | ||||
| -rw-r--r-- | internal/fusefrontend/xattr_unit_test.go | 5 |
3 files changed, 22 insertions, 8 deletions
diff --git a/internal/fusefrontend/node_xattr.go b/internal/fusefrontend/node_xattr.go index 3855b55..925dcbf 100644 --- a/internal/fusefrontend/node_xattr.go +++ b/internal/fusefrontend/node_xattr.go @@ -56,12 +56,14 @@ func (n *Node) Getxattr(ctx context.Context, attr string, dest []byte) (uint32, } } else { // encrypted user xattr - cAttr := rn.encryptXattrName(attr) + cAttr, err := rn.encryptXattrName(attr) + if err != nil { + return minus1, syscall.EIO + } cData, errno := n.getXAttr(cAttr) if errno != 0 { return 0, errno } - var err error data, err = rn.decryptXattrValue(cData) if err != nil { tlog.Warn.Printf("GetXAttr: %v", err) @@ -91,7 +93,10 @@ func (n *Node) Setxattr(ctx context.Context, attr string, data []byte, flags uin return n.setXAttr(attr, data, flags) } - cAttr := rn.encryptXattrName(attr) + cAttr, err := rn.encryptXattrName(attr) + if err != nil { + return syscall.EINVAL + } cData := rn.encryptXattrValue(data) return n.setXAttr(cAttr, cData, flags) } @@ -107,7 +112,10 @@ func (n *Node) Removexattr(ctx context.Context, attr string) syscall.Errno { return n.removeXAttr(attr) } - cAttr := rn.encryptXattrName(attr) + cAttr, err := rn.encryptXattrName(attr) + if err != nil { + return syscall.EINVAL + } return n.removeXAttr(cAttr) } diff --git a/internal/fusefrontend/root_node.go b/internal/fusefrontend/root_node.go index e998e9d..a830cc4 100644 --- a/internal/fusefrontend/root_node.go +++ b/internal/fusefrontend/root_node.go @@ -311,10 +311,13 @@ func (rn *RootNode) decryptXattrValue(cData []byte) (data []byte, err error) { } // encryptXattrName transforms "user.foo" to "user.gocryptfs.a5sAd4XAa47f5as6dAf" -func (rn *RootNode) encryptXattrName(attr string) (cAttr string) { +func (rn *RootNode) encryptXattrName(attr string) (string, error) { // xattr names are encrypted like file names, but with a fixed IV. - cAttr = xattrStorePrefix + rn.nameTransform.EncryptName(attr, xattrNameIV) - return cAttr + cAttr, err := rn.nameTransform.EncryptName(attr, xattrNameIV) + if err != nil { + return "", err + } + return xattrStorePrefix + cAttr, nil } func (rn *RootNode) decryptXattrName(cAttr string) (attr string, err error) { diff --git a/internal/fusefrontend/xattr_unit_test.go b/internal/fusefrontend/xattr_unit_test.go index f6c0469..a0cf4c8 100644 --- a/internal/fusefrontend/xattr_unit_test.go +++ b/internal/fusefrontend/xattr_unit_test.go @@ -33,7 +33,10 @@ func newTestFS(args Args) *RootNode { func TestEncryptDecryptXattrName(t *testing.T) { fs := newTestFS(Args{}) attr1 := "user.foo123456789" - cAttr := fs.encryptXattrName(attr1) + cAttr, err := fs.encryptXattrName(attr1) + if err != nil { + t.Fatal(err) + } t.Logf("cAttr=%v", cAttr) attr2, err := fs.decryptXattrName(cAttr) if attr1 != attr2 || err != nil { |