summaryrefslogtreecommitdiff
path: root/internal/fusefrontend_reverse
diff options
context:
space:
mode:
authorJakob Unterwurzacher2021-06-02 14:21:30 +0200
committerJakob Unterwurzacher2021-06-02 14:29:48 +0200
commit04858ddd222bbf7156f33f99cfb293a9b1e15ec8 (patch)
tree732cbf83c9d842a911d515abbad7c153c4159354 /internal/fusefrontend_reverse
parent242cdf966f262b2e20785eb0ff49ac55a8bd4636 (diff)
nametransform: check name validity on encryption
xfstests generic/523 discovered that we allowed to set xattrs with "/" in the name, but did not allow to read them later. With this change we do not allow to set them in the first place.
Diffstat (limited to 'internal/fusefrontend_reverse')
-rw-r--r--internal/fusefrontend_reverse/ctlsock_interface.go5
-rw-r--r--internal/fusefrontend_reverse/node_dir_ops.go6
-rw-r--r--internal/fusefrontend_reverse/root_node.go7
3 files changed, 14 insertions, 4 deletions
diff --git a/internal/fusefrontend_reverse/ctlsock_interface.go b/internal/fusefrontend_reverse/ctlsock_interface.go
index 6bf2e6a..2157044 100644
--- a/internal/fusefrontend_reverse/ctlsock_interface.go
+++ b/internal/fusefrontend_reverse/ctlsock_interface.go
@@ -23,7 +23,10 @@ func (rn *RootNode) EncryptPath(plainPath string) (string, error) {
parts := strings.Split(plainPath, "/")
for _, part := range parts {
dirIV := pathiv.Derive(cipherPath, pathiv.PurposeDirIV)
- encryptedPart := rn.nameTransform.EncryptName(part, dirIV)
+ encryptedPart, err := rn.nameTransform.EncryptName(part, dirIV)
+ if err != nil {
+ return "", err
+ }
if rn.args.LongNames && len(encryptedPart) > unix.NAME_MAX {
encryptedPart = rn.nameTransform.HashLongName(encryptedPart)
}
diff --git a/internal/fusefrontend_reverse/node_dir_ops.go b/internal/fusefrontend_reverse/node_dir_ops.go
index 22f8122..c287284 100644
--- a/internal/fusefrontend_reverse/node_dir_ops.go
+++ b/internal/fusefrontend_reverse/node_dir_ops.go
@@ -64,7 +64,11 @@ func (n *Node) Readdir(ctx context.Context) (stream fs.DirStream, errno syscall.
!rn.args.ConfigCustom {
cName = configfile.ConfDefaultName
} else {
- cName = rn.nameTransform.EncryptName(entries[i].Name, dirIV)
+ cName, err = rn.nameTransform.EncryptName(entries[i].Name, dirIV)
+ if err != nil {
+ entries[i].Name = "___GOCRYPTFS_INVALID_NAME___"
+ continue
+ }
if len(cName) > unix.NAME_MAX {
cName = rn.nameTransform.HashLongName(cName)
dotNameFile := fuse.DirEntry{
diff --git a/internal/fusefrontend_reverse/root_node.go b/internal/fusefrontend_reverse/root_node.go
index b7a259a..10b0d69 100644
--- a/internal/fusefrontend_reverse/root_node.go
+++ b/internal/fusefrontend_reverse/root_node.go
@@ -71,9 +71,12 @@ func (rn *RootNode) findLongnameParent(fd int, diriv []byte, longname string) (p
if len(entry.Name) <= shortNameMax {
continue
}
- cFullName = rn.nameTransform.EncryptName(entry.Name, diriv)
+ cFullName, err = rn.nameTransform.EncryptName(entry.Name, diriv)
+ if err != nil {
+ continue
+ }
if len(cFullName) <= unix.NAME_MAX {
- // Entry should have been skipped by the "continue" above
+ // Entry should have been skipped by the shortNameMax check above
log.Panic("logic error or wrong shortNameMax constant?")
}
hName := rn.nameTransform.HashLongName(cFullName)