hardcoresushi/libgocryptfs
1
0
Fork 0
Code Issues Pull Requests Releases Activity
90687215a4
libgocryptfs/internal
History
Sebastian Lackner 90687215a4 fusefrontend_reverse: Do not mix up cache information for different directories 
Fixes https://github.com/rfjakob/gocryptfs/issues/168

Steps to reproduce the problem:

* Create a regular reverse mount point
* Create files with the same very long name in multiple directories - so far
  everything works as expected, and it will appear with a different name each
  time, for example, gocryptfs.longname.A in directory A and
  gocryptfs.longname.B in directory B
* Try to access a path with A/gocryptfs.longname.B or B/gocryptfs.longname.A -
  this should fail, but it actually works.

The problem is that the longname cache only uses the path as key and not the
dir or divIV. Assume an attacker can directly interact with a reverse mount and
knows the relation longname path -> unencoded path in one directory, it allows
to test if the same unencoded filename appears in any other directory.
2017-11-25 16:20:48 +01:00
..
configfile main: Add '-devrandom' commandline option 2017-11-21 23:37:06 +01:00
contentenc contentenc: reserve one additional block in CReqPool 2017-10-19 09:23:10 +02:00
cryptocore Fix misspellings reported by goreportcard.com 2017-08-21 21:06:05 +02:00
ctlsock Fix typos found by Misspell 2017-05-07 12:22:15 +02:00
exitcodes Add "-trace" flag (record execution trace) 2017-06-07 22:09:06 +02:00
fusefrontend fusefrontend: Skip gocryptfs.diriv handling when directory was deleted successfully 2017-11-25 16:20:00 +01:00
fusefrontend_reverse fusefrontend_reverse: Do not mix up cache information for different directories 2017-11-25 16:20:48 +01:00
nametransform fusefrontend: Fix longname handling for renames with existing target 2017-11-25 16:19:09 +01:00
openfiletable openfiletable: rename WriteLock to ContentLock 2017-05-01 21:57:18 +02:00
pathiv pathiv: fix test failure on Go 1.6 2017-05-31 08:21:36 +02:00
prefer_openssl prefer_openssl: default to Go GCM on OSX 2016-12-10 21:04:17 +01:00
readpassword exitcodes: add code 22 for "password is empty" 2017-05-14 14:02:08 +02:00
serialize_reads fix golint complaints 2017-04-29 14:50:58 +02:00
siv_aead siv_aead: fix trivial typo in comment 2017-09-17 11:42:46 +02:00
speed fix golint complaints 2017-04-29 14:50:58 +02:00
stupidgcm macos: make testing without openssl work properly 2017-07-14 23:22:15 +02:00
syscallcompat tests: don't read /proc, the number of entries changes too quickly 2017-10-22 18:13:08 +02:00
tlog Drop Go 1.4 compatability code everywhere 2017-03-05 17:44:14 +01:00