tests/cli/TestBadname: make sure case 5 is never decodable
Sometimes, by chance, case 5 resulted in valid decrypted data: --- FAIL: TestBadname (0.08s) cli_test.go:885: Case 5 failed: "J7Rbo1BvfXojpBEr0Qrt_invalid_file GOCRYPTFS_BAD_NAME" in ["file GOCRYPTFS_BAD_NAME,\x9e$O\xc3j\x8c\xd0\x06\x01#\f%k\x02\xcanvalid_file GOCRYPTFS_BAD_NAME,mzaZRF9_0IU-_5vv2wPC_invalid_file GOCRYPTFS_BAD_NAME,file,file_invalid_file GOCRYPTFS_BAD_NAME,mzaZRF9_0IU-_5vv2wP_invalid_file GOCRYPTFS_BAD_NAME"] Add percent signs so base64 decoding always fails. Fixes https://github.com/rfjakob/gocryptfs/runs/3347883728
This commit is contained in:
parent
8d5b4c5177
commit
b8ddc49ede
@ -698,19 +698,19 @@ func TestSymlinkedCipherdir(t *testing.T) {
|
|||||||
}
|
}
|
||||||
|
|
||||||
// TestBadname tests the `-badname` option
|
// TestBadname tests the `-badname` option
|
||||||
|
//
|
||||||
|
// Supported structure of badname: <ciphername><badname pattern><badname suffix>
|
||||||
|
// "Visible" shows the success of function DecryptName (cipher -> plain)
|
||||||
|
// "Access" shows the success of function EncryptAndHashBadName (plain -> cipher)
|
||||||
|
// Case Visible Access Description
|
||||||
|
// Case 1 x x Access file without BadName suffix (default mode)
|
||||||
|
// Case 2 x x Access file with BadName suffix which has a valid cipher file (will only be possible if file was created without badname option)
|
||||||
|
// Case 3 Access file with valid ciphername + BadName suffix (impossible since this would not be produced by DecryptName)
|
||||||
|
// Case 4 x x Access file with decryptable part of name and Badname suffix (default badname case)
|
||||||
|
// Case 5 x x Access file with undecryptable name and BadName suffix (e. g. when part of the cipher name was cut)
|
||||||
|
// Case 6 x Access file with multiple possible matches.
|
||||||
|
// Case 7 Access file with BadName suffix and non-matching pattern
|
||||||
func TestBadname(t *testing.T) {
|
func TestBadname(t *testing.T) {
|
||||||
//Supported structure of badname: <ciphername><badname pattern><badname suffix>
|
|
||||||
//"Visible" shows the success of function DecryptName (cipher -> plain)
|
|
||||||
//"Access" shows the success of function EncryptAndHashBadName (plain -> cipher)
|
|
||||||
//Case Visible Access Description
|
|
||||||
//Case 1 x x Access file without BadName suffix (default mode)
|
|
||||||
//Case 2 x x Access file with BadName suffix which has a valid cipher file (will only be possible if file was created without badname option)
|
|
||||||
//Case 3 Access file with valid ciphername + BadName suffix (impossible since this would not be produced by DecryptName)
|
|
||||||
//Case 4 x x Access file with decryptable part of name and Badname suffix (default badname case)
|
|
||||||
//Case 5 x x Access file with undecryptable name and BadName suffix (e. g. when part of the cipher name was cut)
|
|
||||||
//Case 6 x Access file with multiple possible matches.
|
|
||||||
//Case 7 Access file with BadName suffix and non-matching pattern
|
|
||||||
|
|
||||||
dir := test_helpers.InitFS(t)
|
dir := test_helpers.InitFS(t)
|
||||||
mnt := dir + ".mnt"
|
mnt := dir + ".mnt"
|
||||||
validFileName := "file"
|
validFileName := "file"
|
||||||
@ -721,7 +721,7 @@ func TestBadname(t *testing.T) {
|
|||||||
|
|
||||||
file := mnt + "/" + validFileName
|
file := mnt + "/" + validFileName
|
||||||
// Case 1: write one valid filename (empty content)
|
// Case 1: write one valid filename (empty content)
|
||||||
err := ioutil.WriteFile(file, []byte("Content Case 1."), 0600)
|
err := ioutil.WriteFile(file, nil, 0600)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
t.Fatal(err)
|
t.Fatal(err)
|
||||||
}
|
}
|
||||||
@ -783,8 +783,8 @@ func TestBadname(t *testing.T) {
|
|||||||
if err != nil {
|
if err != nil {
|
||||||
t.Fatal(err)
|
t.Fatal(err)
|
||||||
}
|
}
|
||||||
//Case 5: write invalid file which is not decodable (cropping the encrpyted file name)
|
//Case 5: write invalid file which is not decodable (replace last 2 bytes with percent sign)
|
||||||
err = ioutil.WriteFile(dir+"/"+encryptedfilename[:len(encryptedfilename)-2]+invalidSuffix, contentCipher[4], 0600)
|
err = ioutil.WriteFile(dir+"/"+encryptedfilename[:len(encryptedfilename)-2]+"%%"+invalidSuffix, contentCipher[4], 0600)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
t.Fatal(err)
|
t.Fatal(err)
|
||||||
}
|
}
|
||||||
@ -822,7 +822,7 @@ func TestBadname(t *testing.T) {
|
|||||||
validFileName + nametransform.BadnameSuffix,
|
validFileName + nametransform.BadnameSuffix,
|
||||||
"",
|
"",
|
||||||
validFileName + invalidSuffix + nametransform.BadnameSuffix,
|
validFileName + invalidSuffix + nametransform.BadnameSuffix,
|
||||||
encryptedfilename[:len(encryptedfilename)-2] + invalidSuffix + nametransform.BadnameSuffix,
|
encryptedfilename[:len(encryptedfilename)-2] + "%%" + invalidSuffix + nametransform.BadnameSuffix,
|
||||||
"",
|
"",
|
||||||
validFileName + "wrongPattern" + nametransform.BadnameSuffix}
|
validFileName + "wrongPattern" + nametransform.BadnameSuffix}
|
||||||
results := []bool{false, false, true, false, false, true, true}
|
results := []bool{false, false, true, false, false, true, true}
|
||||||
|
Loading…
Reference in New Issue
Block a user