From 04858ddd222bbf7156f33f99cfb293a9b1e15ec8 Mon Sep 17 00:00:00 2001
From: Jakob Unterwurzacher
Date: Wed, 2 Jun 2021 14:21:30 +0200
Subject: nametransform: check name validity on encryption

xfstests generic/523 discovered that we allowed to set
xattrs with "/" in the name, but did not allow to read
them later.

With this change we do not allow to set them in the first
place.
---
 internal/fusefrontend_reverse/ctlsock_interface.go | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

(limited to 'internal/fusefrontend_reverse/ctlsock_interface.go')

diff --git a/internal/fusefrontend_reverse/ctlsock_interface.go b/internal/fusefrontend_reverse/ctlsock_interface.go
index 6bf2e6a..2157044 100644
--- a/internal/fusefrontend_reverse/ctlsock_interface.go
+++ b/internal/fusefrontend_reverse/ctlsock_interface.go
@@ -23,7 +23,10 @@ func (rn *RootNode) EncryptPath(plainPath string) (string, error) {
 	parts := strings.Split(plainPath, "/")
 	for _, part := range parts {
 		dirIV := pathiv.Derive(cipherPath, pathiv.PurposeDirIV)
-		encryptedPart := rn.nameTransform.EncryptName(part, dirIV)
+		encryptedPart, err := rn.nameTransform.EncryptName(part, dirIV)
+		if err != nil {
+			return "", err
+		}
 		if rn.args.LongNames && len(encryptedPart) > unix.NAME_MAX {
 			encryptedPart = rn.nameTransform.HashLongName(encryptedPart)
 		}
-- 
cgit v1.2.3