summaryrefslogtreecommitdiff
path: root/internal
diff options
context:
space:
mode:
authorJakob Unterwurzacher2017-12-02 21:36:07 +0100
committerJakob Unterwurzacher2017-12-02 21:36:07 +0100
commit441e796e7034977c15dc9402a880ef4061b471a7 (patch)
tree0cb5c83e604cd4a3e45b798b11c950c7e6a57f30 /internal
parent316b916358b8830b53fec9e16b325735aa850b14 (diff)
fusefrontend_reverse: secure StatFs agains symlink races
...by ignoring the path that was passed in. https://github.com/rfjakob/gocryptfs/issues/165
Diffstat (limited to 'internal')
-rw-r--r--internal/fusefrontend_reverse/rfs.go17
1 files changed, 14 insertions, 3 deletions
diff --git a/internal/fusefrontend_reverse/rfs.go b/internal/fusefrontend_reverse/rfs.go
index 09ebe9e..18468ee 100644
--- a/internal/fusefrontend_reverse/rfs.go
+++ b/internal/fusefrontend_reverse/rfs.go
@@ -297,9 +297,20 @@ func (rfs *ReverseFS) OpenDir(cipherPath string, context *fuse.Context) ([]fuse.
return entries, fuse.OK
}
-// StatFs - FUSE call
-func (rfs *ReverseFS) StatFs(name string) *fuse.StatfsOut {
- return rfs.loopbackfs.StatFs(name)
+// StatFs - FUSE call. Returns information about the filesystem (free space
+// etc).
+// Securing statfs against symlink races seems to be more trouble than
+// it's worth, so we just ignore the path and always return info about the
+// backing storage root dir.
+func (rfs *ReverseFS) StatFs(path string) *fuse.StatfsOut {
+ var s syscall.Statfs_t
+ err := syscall.Statfs(rfs.args.Cipherdir, &s)
+ if err != nil {
+ return nil
+ }
+ out := &fuse.StatfsOut{}
+ out.FromStatfsT(&s)
+ return out
}
// Readlink - FUSE call