libgocryptfs/internal
Jakob Unterwurzacher e827763f2e nametransform: harden name decryption against invalid input
This fixes a few issues I have found reviewing the code:

1) Limit the amount of data ReadLongName() will read. Previously,
you could send gocryptfs into out-of-memory by symlinking
gocryptfs.diriv to /dev/zero.

2) Handle the empty input case in unPad16() by returning an
error. Previously, it would panic with an out-of-bounds array
read. It is unclear to me if this could actually be triggered.

3) Reject empty names after base64-decoding in DecryptName().
An empty name crashes emeCipher.Decrypt().
It is unclear to me if B64.DecodeString() can actually return
a non-error empty result, but let's guard against it anyway.
2017-05-23 21:26:38 +02:00
..
configfile exitcodes: specific codes for failure to read or write gocryptfs.conf 2017-05-14 14:30:50 +02:00
contentenc contentenc: downgrade "interrupted write?" warning to debug 2017-05-01 18:44:18 +02:00
cryptocore fix golint complaints 2017-04-29 14:50:58 +02:00
ctlsock Fix typos found by Misspell 2017-05-07 12:22:15 +02:00
exitcodes main: downgrade panic log create failure from fatal error to warning 2017-05-23 18:01:21 +02:00
fusefrontend nametransform: harden name decryption against invalid input 2017-05-23 21:26:38 +02:00
fusefrontend_reverse fix golint complaints 2017-04-29 14:50:58 +02:00
nametransform nametransform: harden name decryption against invalid input 2017-05-23 21:26:38 +02:00
openfiletable openfiletable: rename WriteLock to ContentLock 2017-05-01 21:57:18 +02:00
prefer_openssl prefer_openssl: default to Go GCM on OSX 2016-12-10 21:04:17 +01:00
readpassword exitcodes: add code 22 for "password is empty" 2017-05-14 14:02:08 +02:00
serialize_reads fix golint complaints 2017-04-29 14:50:58 +02:00
siv_aead fix golint complaints 2017-04-29 14:50:58 +02:00
speed fix golint complaints 2017-04-29 14:50:58 +02:00
stupidgcm exitcodes: pull all exit code definitions into the package 2017-05-07 22:16:22 +02:00
syscallcompat syscallcompat: OSX compat: fix variable warnings 2017-02-16 19:23:17 +01:00
tlog Drop Go 1.4 compatability code everywhere 2017-03-05 17:44:14 +01:00