From 96dc2ca70906c831b60be1c6ed3a27dbf7628e72 Mon Sep 17 00:00:00 2001 From: Sebastian Lackner Date: Mon, 11 Dec 2017 03:56:31 +0100 Subject: [PATCH] fusefrontend_reverse: Reject access to device nodes in newFile function Steps to reproduce: * Create a regular reverse mount point * Create a file "test" in the original directory * Access the corresponding encrypted directory in the mount point (ls ) * Quickly delete the file in the original data - instead create a device node * Access the file again, it will access the device node and attempt to read from it Fixes https://github.com/rfjakob/gocryptfs/issues/187 --- internal/fusefrontend_reverse/rfile.go | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/internal/fusefrontend_reverse/rfile.go b/internal/fusefrontend_reverse/rfile.go index c10d341..26756a3 100644 --- a/internal/fusefrontend_reverse/rfile.go +++ b/internal/fusefrontend_reverse/rfile.go @@ -51,6 +51,14 @@ func (rfs *ReverseFS) newFile(relPath string) (*reverseFile, fuse.Status) { syscall.Close(fd) return nil, fuse.ToStatus(err) } + // Reject access if the file descriptor does not refer to a regular file. + var a fuse.Attr + a.FromStat(&st) + if !a.IsRegular() { + tlog.Warn.Printf("ino%d: newFile: not a regular file", st.Ino) + syscall.Close(fd) + return nil, fuse.ToStatus(syscall.EACCES) + } // See if we have that inode number already in the table // (even if Nlink has dropped to 1) var derivedIVs pathiv.FileIVs