summaryrefslogtreecommitdiff
path: root/internal/nametransform/pad16.go
diff options
context:
space:
mode:
authorJakob Unterwurzacher2017-05-23 20:46:24 +0200
committerJakob Unterwurzacher2017-05-23 21:26:38 +0200
commite827763f2e6226d9f5778d56c28270264950c0f5 (patch)
tree2f5f4adeed482dd473cc4714b97a8903806fdbb3 /internal/nametransform/pad16.go
parent508fd9e1d64131958c86175cb8d848f730e629cf (diff)
nametransform: harden name decryption against invalid input
This fixes a few issues I have found reviewing the code: 1) Limit the amount of data ReadLongName() will read. Previously, you could send gocryptfs into out-of-memory by symlinking gocryptfs.diriv to /dev/zero. 2) Handle the empty input case in unPad16() by returning an error. Previously, it would panic with an out-of-bounds array read. It is unclear to me if this could actually be triggered. 3) Reject empty names after base64-decoding in DecryptName(). An empty name crashes emeCipher.Decrypt(). It is unclear to me if B64.DecodeString() can actually return a non-error empty result, but let's guard against it anyway.
Diffstat (limited to 'internal/nametransform/pad16.go')
-rw-r--r--internal/nametransform/pad16.go17
1 files changed, 10 insertions, 7 deletions
diff --git a/internal/nametransform/pad16.go b/internal/nametransform/pad16.go
index 2b30bcb..833be0e 100644
--- a/internal/nametransform/pad16.go
+++ b/internal/nametransform/pad16.go
@@ -31,6 +31,9 @@ func pad16(orig []byte) (padded []byte) {
// unPad16 - remove padding
func unPad16(padded []byte) ([]byte, error) {
oldLen := len(padded)
+ if oldLen == 0 {
+ return nil, errors.New("Empty input")
+ }
if oldLen%aes.BlockSize != 0 {
return nil, errors.New("Unaligned size")
}
@@ -39,12 +42,16 @@ func unPad16(padded []byte) ([]byte, error) {
// The padding byte's value is the padding length
padLen := int(padByte)
// Padding must be at least 1 byte
- if padLen <= 0 {
+ if padLen == 0 {
return nil, errors.New("Padding cannot be zero-length")
}
- // Larger paddings make no sense
+ // Padding more than 16 bytes make no sense
if padLen > aes.BlockSize {
- return nil, fmt.Errorf("Padding too long, padLen = %d > 16", padLen)
+ return nil, fmt.Errorf("Padding too long, padLen=%d > 16", padLen)
+ }
+ // Padding cannot be as long as (or longer than) the whole string,
+ if padLen >= oldLen {
+ return nil, fmt.Errorf("Padding too long, oldLen=%d >= padLen=%d", oldLen, padLen)
}
// All padding bytes must be identical
for i := oldLen - padLen; i < oldLen; i++ {
@@ -53,9 +60,5 @@ func unPad16(padded []byte) ([]byte, error) {
}
}
newLen := oldLen - padLen
- // Padding an empty string makes no sense
- if newLen == 0 {
- return nil, errors.New("Unpadded length is zero")
- }
return padded[0:newLen], nil
}