From 2758c75cae2896b7f1327fe00f60a1c017c0e0d1 Mon Sep 17 00:00:00 2001
From: Jakob Unterwurzacher
Date: Sat, 10 Dec 2016 12:59:54 +0100
Subject: ctlsock: sanitize paths before passing them to the backend

You used to be able to crash gocryptfs by passing "/foo"
of "foo/" to the ctlsock.

Fixes https://github.com/rfjakob/gocryptfs/issues/66
---
 internal/ctlsock/sanitize.go | 20 ++++++++++++++++++++
 1 file changed, 20 insertions(+)
 create mode 100644 internal/ctlsock/sanitize.go

(limited to 'internal/ctlsock/sanitize.go')

diff --git a/internal/ctlsock/sanitize.go b/internal/ctlsock/sanitize.go
new file mode 100644
index 0000000..5bc3706
--- /dev/null
+++ b/internal/ctlsock/sanitize.go
@@ -0,0 +1,20 @@
+package ctlsock
+
+import (
+	"path/filepath"
+)
+
+// SanitizePath adapts filepath.Clean for FUSE paths.
+// 1) It always returns a relative path
+// 2) It returns "" instead of "."
+// See the TestSanitizePath testcases for examples.
+func SanitizePath(path string) string {
+	clean := filepath.Clean(path)
+	if clean == "." || clean == "/" {
+		return ""
+	}
+	if clean[0] == '/' {
+		clean = clean[1:]
+	}
+	return clean
+}
-- 
cgit v1.2.3