diff options
author | Jakob Unterwurzacher | 2017-12-05 23:11:46 +0100 |
---|---|---|
committer | Jakob Unterwurzacher | 2017-12-05 23:14:12 +0100 |
commit | 926cb93b50d6a573dbbef59ff841960b9d824c37 (patch) | |
tree | f704dd2ff709215dc3c1f69c6ed0480cc4510b08 /internal/fusefrontend_reverse/rfs.go | |
parent | e604ce6deaf0ba4407c54293a338673ed06f833a (diff) |
fusefrontend_reverse: secure OpenDir against symlink races
...by using the new OpenNofollow helper.
The benchmark shows a small but acceptable performance loss:
$ ./benchmark-reverse.bash
LS: 2.182
CAT: 18.221
Tracking ticket: https://github.com/rfjakob/gocryptfs/issues/165
Diffstat (limited to 'internal/fusefrontend_reverse/rfs.go')
-rw-r--r-- | internal/fusefrontend_reverse/rfs.go | 12 |
1 files changed, 9 insertions, 3 deletions
diff --git a/internal/fusefrontend_reverse/rfs.go b/internal/fusefrontend_reverse/rfs.go index 18468ee..0329cc9 100644 --- a/internal/fusefrontend_reverse/rfs.go +++ b/internal/fusefrontend_reverse/rfs.go @@ -17,6 +17,7 @@ import ( "github.com/rfjakob/gocryptfs/internal/fusefrontend" "github.com/rfjakob/gocryptfs/internal/nametransform" "github.com/rfjakob/gocryptfs/internal/pathiv" + "github.com/rfjakob/gocryptfs/internal/syscallcompat" "github.com/rfjakob/gocryptfs/internal/tlog" ) @@ -253,9 +254,14 @@ func (rfs *ReverseFS) OpenDir(cipherPath string, context *fuse.Context) ([]fuse. return nil, fuse.ToStatus(err) } // Read plaintext dir - entries, status := rfs.loopbackfs.OpenDir(relPath, context) - if entries == nil { - return nil, status + fd, err := syscallcompat.OpenNofollow(rfs.args.Cipherdir, relPath, syscall.O_RDONLY, 0) + if err != nil { + return nil, fuse.ToStatus(err) + } + defer syscall.Close(fd) + entries, err := syscallcompat.Getdents(fd) + if err != nil { + return nil, fuse.ToStatus(err) } if rfs.args.PlaintextNames { return rfs.openDirPlaintextnames(cipherPath, entries) |