libgocryptfs/internal/fusefrontend
Jakob Unterwurzacher e827763f2e nametransform: harden name decryption against invalid input
This fixes a few issues I have found reviewing the code:

1) Limit the amount of data ReadLongName() will read. Previously,
you could send gocryptfs into out-of-memory by symlinking
gocryptfs.diriv to /dev/zero.

2) Handle the empty input case in unPad16() by returning an
error. Previously, it would panic with an out-of-bounds array
read. It is unclear to me if this could actually be triggered.

3) Reject empty names after base64-decoding in DecryptName().
An empty name crashes emeCipher.Decrypt().
It is unclear to me if B64.DecodeString() can actually return
a non-error empty result, but let's guard against it anyway.
2017-05-23 21:26:38 +02:00
..
args.go Add -forcedecode 2017-04-23 23:11:56 +02:00
ctlsock_interface.go fusefrontend: implement path decryption via ctlsock 2017-05-07 21:01:39 +02:00
file_allocate_truncate.go openfiletable: rename WriteLock to ContentLock 2017-05-01 21:57:18 +02:00
file_holes.go fusefrontend: truncateGrowFile: avoid createHeader() call 2017-03-12 21:06:59 +01:00
file.go openfiletable: rename WriteLock to ContentLock 2017-05-01 21:57:18 +02:00
fs_dir.go nametransform: harden name decryption against invalid input 2017-05-23 21:26:38 +02:00
fs.go fusefrontend: log "too many open files" errors 2017-05-03 23:46:52 +02:00
names.go nametransform: delete unused function DecryptPathDirIV 2016-09-25 18:56:23 +02:00