badname: stop trying to decrypt at length 22

At least 16 bytes due to AES --> at least 22 characters in base64
author: Jakob Unterwurzacher 2020-06-06 12:49:45 +0200
committer: Jakob Unterwurzacher 2020-06-06 12:49:45 +0200
commit: 261cf12829dcef31f1a02559b898e5067a03af31 (patch)
tree: 16df982e6b594a3c4dac3fcf8428aa6607250d28 /internal/nametransform
parent: a8230d271f394e130a8190d554eef2a86bc962d7 (diff)
1 files changed, 4 insertions, 2 deletions
diff --git a/internal/nametransform/names.go b/internal/nametransform/names.go
index 675ed34..a659f0a 100644
--- a/internal/nametransform/names.go
+++ b/internal/nametransform/names.go
@@ -61,8 +61,10 @@ func (n *NameTransform) DecryptName(cipherName string, iv []byte) (string, error
 		for _, pattern := range n.BadnamePatterns {
 			match, err := filepath.Match(pattern, cipherName)
 			if err == nil && match { // Pattern should have been validated already
-				//find longest decryptable substring
-				for charpos := len(cipherName) - 1; charpos > 0; charpos-- {
+				// Find longest decryptable substring
+				// At least 16 bytes due to AES --> at least 22 characters in base64
+				nameMin := n.B64.EncodedLen(aes.BlockSize)
+				for charpos := len(cipherName) - 1; charpos >= nameMin; charpos-- {
 					res, err = n.decryptName(cipherName[:charpos], iv)
 					if err == nil {
 						return res + cipherName[charpos:] + " GOCRYPTFS_BAD_NAME", nil
author	Jakob Unterwurzacher	2020-06-06 12:49:45 +0200
committer	Jakob Unterwurzacher	2020-06-06 12:49:45 +0200
commit	261cf12829dcef31f1a02559b898e5067a03af31 (patch)
tree	16df982e6b594a3c4dac3fcf8428aa6607250d28 /internal/nametransform
parent	a8230d271f394e130a8190d554eef2a86bc962d7 (diff)