fusefrontend_reverse: fix 176-byte names
A file with a name of exactly 176 bytes length caused this error: ls: cannot access ./tmp/dsg/sXSGJLTuZuW1FarwIkJs0w/b6mGjdxIRpaeanTo0rbh0A/QjMRrQZC_4WLhmHI1UOBcA/gocryptfs.longname.QV-UipdDXeUVdl05WruoEzBNPrQCfpu6OzJL0_QnDKY: No such file or directory ls: cannot access ./tmp/dsg/sXSGJLTuZuW1FarwIkJs0w/b6mGjdxIRpaeanTo0rbh0A/QjMRrQZC_4WLhmHI1UOBcA/gocryptfs.longname.QV-UipdDXeUVdl05WruoEzBNPrQCfpu6OzJL0_QnDKY.name: No such file or directory -????????? ? ? ? ? ? gocryptfs.longname.QV-UipdDXeUVdl05WruoEzBNPrQCfpu6OzJL0_QnDKY -????????? ? ? ? ? ? gocryptfs.longname.QV-UipdDXeUVdl05WruoEzBNPrQCfpu6OzJL0_QnDKY.name Root cause was a wrong shortNameMax constant that failed to account for the obligatory padding byte. Fix the constant and also expand the TestLongnameStat test case to test ALL file name lengths from 1-255 bytes. Fixes https://github.com/rfjakob/gocryptfs/issues/143 .
This commit is contained in:
parent
0072a96f20
commit
4da245c69d
@ -17,7 +17,14 @@ import (
|
||||
)
|
||||
|
||||
const (
|
||||
shortNameMax = 176
|
||||
// File names are padded to 16-byte multiples, encrypted and
|
||||
// base64-encoded. We can encode at most 176 bytes to stay below the 255
|
||||
// bytes limit:
|
||||
// * base64(176 bytes) = 235 bytes
|
||||
// * base64(192 bytes) = 256 bytes (over 255!)
|
||||
// But the PKCS#7 padding is at least one byte. This means we can only use
|
||||
// 175 bytes for the file name.
|
||||
shortNameMax = 175
|
||||
)
|
||||
|
||||
var longnameParentCache map[string]string
|
||||
@ -57,6 +64,7 @@ func (rfs *ReverseFS) findLongnameParent(dir string, dirIV []byte, longname stri
|
||||
}
|
||||
dirEntries, err := dirfd.Readdirnames(-1)
|
||||
if err != nil {
|
||||
tlog.Warn.Printf("findLongnameParent: Readdirnames failed: %v\n", err)
|
||||
return "", err
|
||||
}
|
||||
longnameCacheLock.Lock()
|
||||
@ -78,7 +86,6 @@ func (rfs *ReverseFS) findLongnameParent(dir string, dirIV []byte, longname stri
|
||||
if hit == "" {
|
||||
return "", syscall.ENOENT
|
||||
}
|
||||
|
||||
return hit, nil
|
||||
}
|
||||
|
||||
|
@ -254,6 +254,8 @@ func TestExampleFSv13(t *testing.T) {
|
||||
// gocryptfs v1.3 introduced HKDF.
|
||||
// We check the md5 sum of the encrypted version of a file to make sure we don't
|
||||
// accidentially change the ciphertext generation.
|
||||
// Create a full crypto round-trip by mounting two times:
|
||||
// dirA -> reverse mount -> dirB -> forward mount -> dirC
|
||||
func TestExampleFSv13reverse(t *testing.T) {
|
||||
// Prepare directories
|
||||
dirA := "v1.3-reverse"
|
||||
|
@ -1,6 +1,7 @@
|
||||
package reverse_test
|
||||
|
||||
import (
|
||||
"bytes"
|
||||
"io/ioutil"
|
||||
"os"
|
||||
"syscall"
|
||||
@ -10,25 +11,26 @@ import (
|
||||
"github.com/rfjakob/gocryptfs/tests/test_helpers"
|
||||
)
|
||||
|
||||
// TestLongnameStat checks that file names of all sizes (1 to 255) show up in
|
||||
// the decrypted reverse view (dirC, mounted in TestMain).
|
||||
func TestLongnameStat(t *testing.T) {
|
||||
fd, err := os.Create(dirA + "/" + x240)
|
||||
if err != nil {
|
||||
t.Fatal(err)
|
||||
}
|
||||
path := dirC + "/" + x240
|
||||
if !test_helpers.VerifyExistence(path) {
|
||||
t.Fail()
|
||||
}
|
||||
test_helpers.VerifySize(t, path, 0)
|
||||
_, err = fd.Write(make([]byte, 10))
|
||||
for i := 1; i <= 255; i++ {
|
||||
name := string(bytes.Repeat([]byte("x"), i))
|
||||
fd, err := os.Create(dirA + "/" + name)
|
||||
if err != nil {
|
||||
t.Fatal(err)
|
||||
}
|
||||
fd.Close()
|
||||
/*
|
||||
time.Sleep(1000 * time.Millisecond)
|
||||
test_helpers.VerifySize(t, path, 10)
|
||||
*/
|
||||
path := dirC + "/" + name
|
||||
if !test_helpers.VerifyExistence(path) {
|
||||
t.Fail()
|
||||
}
|
||||
test_helpers.VerifySize(t, path, 0)
|
||||
// A large number of longname files is a performance problem in
|
||||
// reverse mode. Delete the file once we are done with it to speed up
|
||||
// the test (2 seconds -> 0.2 seconds)
|
||||
syscall.Unlink(dirA + "/" + name)
|
||||
}
|
||||
}
|
||||
|
||||
func TestSymlinks(t *testing.T) {
|
||||
|
Loading…
x
Reference in New Issue
Block a user