e827763f2e
This fixes a few issues I have found reviewing the code: 1) Limit the amount of data ReadLongName() will read. Previously, you could send gocryptfs into out-of-memory by symlinking gocryptfs.diriv to /dev/zero. 2) Handle the empty input case in unPad16() by returning an error. Previously, it would panic with an out-of-bounds array read. It is unclear to me if this could actually be triggered. 3) Reject empty names after base64-decoding in DecryptName(). An empty name crashes emeCipher.Decrypt(). It is unclear to me if B64.DecodeString() can actually return a non-error empty result, but let's guard against it anyway. |
||
---|---|---|
.. | ||
configfile | ||
contentenc | ||
cryptocore | ||
ctlsock | ||
exitcodes | ||
fusefrontend | ||
fusefrontend_reverse | ||
nametransform | ||
openfiletable | ||
prefer_openssl | ||
readpassword | ||
serialize_reads | ||
siv_aead | ||
speed | ||
stupidgcm | ||
syscallcompat | ||
tlog |