libgocryptfs/internal/nametransform
Jakob Unterwurzacher e827763f2e nametransform: harden name decryption against invalid input
This fixes a few issues I have found reviewing the code:

1) Limit the amount of data ReadLongName() will read. Previously,
you could send gocryptfs into out-of-memory by symlinking
gocryptfs.diriv to /dev/zero.

2) Handle the empty input case in unPad16() by returning an
error. Previously, it would panic with an out-of-bounds array
read. It is unclear to me if this could actually be triggered.

3) Reject empty names after base64-decoding in DecryptName().
An empty name crashes emeCipher.Decrypt().
It is unclear to me if B64.DecodeString() can actually return
a non-error empty result, but let's guard against it anyway.
2017-05-23 21:26:38 +02:00
..
diriv_cache.go fusefronted: expire dir IV cache after one second 2016-11-01 10:57:39 +01:00
diriv.go nametransform: diriv cache: fall back to the grandparent 2017-05-22 22:36:54 +02:00
longnames_test.go longnames: fix fsstress failure, use dirfd 2016-04-10 21:31:08 +02:00
longnames.go nametransform: harden name decryption against invalid input 2017-05-23 21:26:38 +02:00
names_test.go nametransform: harden name decryption against invalid input 2017-05-23 21:26:38 +02:00
names.go nametransform: harden name decryption against invalid input 2017-05-23 21:26:38 +02:00
pad16.go nametransform: harden name decryption against invalid input 2017-05-23 21:26:38 +02:00