summaryrefslogtreecommitdiff
path: root/internal/nametransform
diff options
context:
space:
mode:
authorJakob Unterwurzacher2020-06-06 12:49:45 +0200
committerJakob Unterwurzacher2020-06-06 12:49:45 +0200
commit261cf12829dcef31f1a02559b898e5067a03af31 (patch)
tree16df982e6b594a3c4dac3fcf8428aa6607250d28 /internal/nametransform
parenta8230d271f394e130a8190d554eef2a86bc962d7 (diff)
badname: stop trying to decrypt at length 22
At least 16 bytes due to AES --> at least 22 characters in base64
Diffstat (limited to 'internal/nametransform')
-rw-r--r--internal/nametransform/names.go6
1 files changed, 4 insertions, 2 deletions
diff --git a/internal/nametransform/names.go b/internal/nametransform/names.go
index 675ed34..a659f0a 100644
--- a/internal/nametransform/names.go
+++ b/internal/nametransform/names.go
@@ -61,8 +61,10 @@ func (n *NameTransform) DecryptName(cipherName string, iv []byte) (string, error
for _, pattern := range n.BadnamePatterns {
match, err := filepath.Match(pattern, cipherName)
if err == nil && match { // Pattern should have been validated already
- //find longest decryptable substring
- for charpos := len(cipherName) - 1; charpos > 0; charpos-- {
+ // Find longest decryptable substring
+ // At least 16 bytes due to AES --> at least 22 characters in base64
+ nameMin := n.B64.EncodedLen(aes.BlockSize)
+ for charpos := len(cipherName) - 1; charpos >= nameMin; charpos-- {
res, err = n.decryptName(cipherName[:charpos], iv)
if err == nil {
return res + cipherName[charpos:] + " GOCRYPTFS_BAD_NAME", nil