From a1a98abfbb1fe3bd235ca1a7e275f84d41afa417 Mon Sep 17 00:00:00 2001
From: Jakob Unterwurzacher <jakobunt@gmail.com>
Date: Tue, 31 Oct 2017 19:44:54 +0100
Subject: [PATCH] main: disallow recursively encrypting ourselves

From https://github.com/rfjakob/gocryptfs/issues/150:

  mkdir a
  mkdir a/b
  gocryptsfs -init -reverse a/
  gocryptfs -reverse a/ a/b

  Now directory a/b/ contains encrypted view of 'a' but it
  is possible to descend into encrypted version of b (e.g.
  a/b/43873uhj538765387/) which contains double encrypted
  'a' and so on.

Reported-by: https://github.com/tigmac
---
 mount.go | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/mount.go b/mount.go
index 4f57381..007cc46 100644
--- a/mount.go
+++ b/mount.go
@@ -47,6 +47,13 @@ func doMount(args *argContainer) int {
 			args.mountpoint, args.cipherdir)
 		os.Exit(exitcodes.MountPoint)
 	}
+	// Reverse-mounting "/foo" at "/foo/mnt" means we would be recursively
+	// encrypting ourselves.
+	if strings.HasPrefix(args.mountpoint, args.cipherdir+"/") {
+		tlog.Fatal.Printf("Mountpoint %q is contained in cipherdir %q, this is not supported",
+			args.mountpoint, args.cipherdir)
+		os.Exit(exitcodes.MountPoint)
+	}
 	if args.nonempty {
 		err = checkDir(args.mountpoint)
 	} else {