summaryrefslogtreecommitdiff
path: root/internal/fusefrontend
diff options
context:
space:
mode:
authorJakob Unterwurzacher2021-06-02 14:21:30 +0200
committerJakob Unterwurzacher2021-06-02 14:29:48 +0200
commit04858ddd222bbf7156f33f99cfb293a9b1e15ec8 (patch)
tree732cbf83c9d842a911d515abbad7c153c4159354 /internal/fusefrontend
parent242cdf966f262b2e20785eb0ff49ac55a8bd4636 (diff)
nametransform: check name validity on encryption
xfstests generic/523 discovered that we allowed to set xattrs with "/" in the name, but did not allow to read them later. With this change we do not allow to set them in the first place.
Diffstat (limited to 'internal/fusefrontend')
-rw-r--r--internal/fusefrontend/node_xattr.go16
-rw-r--r--internal/fusefrontend/root_node.go9
-rw-r--r--internal/fusefrontend/xattr_unit_test.go5
3 files changed, 22 insertions, 8 deletions
diff --git a/internal/fusefrontend/node_xattr.go b/internal/fusefrontend/node_xattr.go
index 3855b55..925dcbf 100644
--- a/internal/fusefrontend/node_xattr.go
+++ b/internal/fusefrontend/node_xattr.go
@@ -56,12 +56,14 @@ func (n *Node) Getxattr(ctx context.Context, attr string, dest []byte) (uint32,
}
} else {
// encrypted user xattr
- cAttr := rn.encryptXattrName(attr)
+ cAttr, err := rn.encryptXattrName(attr)
+ if err != nil {
+ return minus1, syscall.EIO
+ }
cData, errno := n.getXAttr(cAttr)
if errno != 0 {
return 0, errno
}
- var err error
data, err = rn.decryptXattrValue(cData)
if err != nil {
tlog.Warn.Printf("GetXAttr: %v", err)
@@ -91,7 +93,10 @@ func (n *Node) Setxattr(ctx context.Context, attr string, data []byte, flags uin
return n.setXAttr(attr, data, flags)
}
- cAttr := rn.encryptXattrName(attr)
+ cAttr, err := rn.encryptXattrName(attr)
+ if err != nil {
+ return syscall.EINVAL
+ }
cData := rn.encryptXattrValue(data)
return n.setXAttr(cAttr, cData, flags)
}
@@ -107,7 +112,10 @@ func (n *Node) Removexattr(ctx context.Context, attr string) syscall.Errno {
return n.removeXAttr(attr)
}
- cAttr := rn.encryptXattrName(attr)
+ cAttr, err := rn.encryptXattrName(attr)
+ if err != nil {
+ return syscall.EINVAL
+ }
return n.removeXAttr(cAttr)
}
diff --git a/internal/fusefrontend/root_node.go b/internal/fusefrontend/root_node.go
index e998e9d..a830cc4 100644
--- a/internal/fusefrontend/root_node.go
+++ b/internal/fusefrontend/root_node.go
@@ -311,10 +311,13 @@ func (rn *RootNode) decryptXattrValue(cData []byte) (data []byte, err error) {
}
// encryptXattrName transforms "user.foo" to "user.gocryptfs.a5sAd4XAa47f5as6dAf"
-func (rn *RootNode) encryptXattrName(attr string) (cAttr string) {
+func (rn *RootNode) encryptXattrName(attr string) (string, error) {
// xattr names are encrypted like file names, but with a fixed IV.
- cAttr = xattrStorePrefix + rn.nameTransform.EncryptName(attr, xattrNameIV)
- return cAttr
+ cAttr, err := rn.nameTransform.EncryptName(attr, xattrNameIV)
+ if err != nil {
+ return "", err
+ }
+ return xattrStorePrefix + cAttr, nil
}
func (rn *RootNode) decryptXattrName(cAttr string) (attr string, err error) {
diff --git a/internal/fusefrontend/xattr_unit_test.go b/internal/fusefrontend/xattr_unit_test.go
index f6c0469..a0cf4c8 100644
--- a/internal/fusefrontend/xattr_unit_test.go
+++ b/internal/fusefrontend/xattr_unit_test.go
@@ -33,7 +33,10 @@ func newTestFS(args Args) *RootNode {
func TestEncryptDecryptXattrName(t *testing.T) {
fs := newTestFS(Args{})
attr1 := "user.foo123456789"
- cAttr := fs.encryptXattrName(attr1)
+ cAttr, err := fs.encryptXattrName(attr1)
+ if err != nil {
+ t.Fatal(err)
+ }
t.Logf("cAttr=%v", cAttr)
attr2, err := fs.decryptXattrName(cAttr)
if attr1 != attr2 || err != nil {