summaryrefslogtreecommitdiff
path: root/internal
diff options
context:
space:
mode:
authorJakob Unterwurzacher2017-05-25 14:21:55 +0200
committerJakob Unterwurzacher2017-05-25 14:21:55 +0200
commit9a3f9350fe29083de04bbbe71e20ea169b2e691e (patch)
tree3e84be3140e76f0aaba6994deb25f1b68edca1ee /internal
parent2ce269ec63e0a9c87b2fce45a5bf0cf09abf5bba (diff)
nametransform: reject all-zero dirIV
This should never happen in normal operation and is a sign of data corruption. Catch it early.
Diffstat (limited to 'internal')
-rw-r--r--internal/nametransform/diriv.go8
1 files changed, 8 insertions, 0 deletions
diff --git a/internal/nametransform/diriv.go b/internal/nametransform/diriv.go
index e74592a..902999b 100644
--- a/internal/nametransform/diriv.go
+++ b/internal/nametransform/diriv.go
@@ -1,6 +1,7 @@
package nametransform
import (
+ "bytes"
"io"
"os"
"path/filepath"
@@ -46,6 +47,9 @@ func ReadDirIVAt(dirfd *os.File) (iv []byte, err error) {
return fdReadDirIV(fd)
}
+// allZeroDirIV is preallocated to quickly check if the data read from disk is all zero
+var allZeroDirIV = make([]byte, DirIVLen)
+
// fdReadDirIV reads and verifies the DirIV from an opened gocryptfs.diriv file.
func fdReadDirIV(fd *os.File) (iv []byte, err error) {
// We want to detect if the file is bigger than DirIVLen, so
@@ -61,6 +65,10 @@ func fdReadDirIV(fd *os.File) (iv []byte, err error) {
tlog.Warn.Printf("ReadDirIVAt: wanted %d bytes, got %d. Returning EINVAL.", DirIVLen, len(iv))
return nil, syscall.EINVAL
}
+ if bytes.Equal(iv, allZeroDirIV) {
+ tlog.Warn.Printf("ReadDirIVAt: diriv is all-zero. Returning EINVAL.")
+ return nil, syscall.EINVAL
+ }
return iv, nil
}