diff options
author | Jakob Unterwurzacher | 2016-12-10 12:59:54 +0100 |
---|---|---|
committer | Jakob Unterwurzacher | 2016-12-10 12:59:54 +0100 |
commit | 2758c75cae2896b7f1327fe00f60a1c017c0e0d1 (patch) | |
tree | 79b3639b9341e7c88cff50b0baba003edbeca5ed /tests/defaults/main_test.go | |
parent | 21904cd5f03f853ea6ceccbb414a5070c1f96324 (diff) |
ctlsock: sanitize paths before passing them to the backend
You used to be able to crash gocryptfs by passing "/foo"
of "foo/" to the ctlsock.
Fixes https://github.com/rfjakob/gocryptfs/issues/66
Diffstat (limited to 'tests/defaults/main_test.go')
-rw-r--r-- | tests/defaults/main_test.go | 7 |
1 files changed, 7 insertions, 0 deletions
diff --git a/tests/defaults/main_test.go b/tests/defaults/main_test.go index 1ad5f55..089f940 100644 --- a/tests/defaults/main_test.go +++ b/tests/defaults/main_test.go @@ -57,6 +57,13 @@ func TestCtlSock(t *testing.T) { if response.ErrNo != int32(syscall.ENOENT) || response.Result != "" { t.Errorf("incorrect error handling: %+v", response) } + // Strange paths should not cause a crash + crashers := []string{"/foo", "foo/", "/foo/", ".", "/////", "/../../."} + for _, c := range crashers { + req.EncryptPath = c + // QueryCtlSock calls t.Fatal if it gets EOF when gocryptfs panics + test_helpers.QueryCtlSock(t, sock, req) + } } // In gocryptfs before v1.2, the file header was only read once for each |