From 1bca62fa1aff23f53d20276bf17da2b9ad553b2c Mon Sep 17 00:00:00 2001 From: Jasper Knockaert Date: Tue, 5 Jan 2021 11:14:49 +0100 Subject: [PATCH 1/7] avoid fread on directories and unencrypted files Reworking the logic in order to first check the filecache and only then reading the fileheader. This in order to solve #21578. --- .../Files/Storage/Wrapper/Encryption.php | 29 ++++++++++--------- 1 file changed, 16 insertions(+), 13 deletions(-) diff --git a/lib/private/Files/Storage/Wrapper/Encryption.php b/lib/private/Files/Storage/Wrapper/Encryption.php index d6143dccfb3..adcf56c0971 100644 --- a/lib/private/Files/Storage/Wrapper/Encryption.php +++ b/lib/private/Files/Storage/Wrapper/Encryption.php @@ -923,19 +923,22 @@ class Encryption extends Wrapper { $path = $realFile; } - $firstBlock = $this->readFirstBlock($path); - $result = $this->parseRawHeader($firstBlock); - - // if the header doesn't contain a encryption module we check if it is a - // legacy file. If true, we add the default encryption module - if (!isset($result[Util::HEADER_ENCRYPTION_MODULE_KEY])) { - if (!empty($result)) { - $result[Util::HEADER_ENCRYPTION_MODULE_KEY] = 'OC_DEFAULT_MODULE'; - } elseif ($exists) { - // if the header was empty we have to check first if it is a encrypted file at all - // We would do query to filecache only if we know that entry in filecache exists - $info = $this->getCache()->get($path); - if (isset($info['encrypted']) && $info['encrypted'] === true) { + $result = []; + + // first check if it is an encrypted file at all + // We would do query to filecache only if we know that entry in filecache exists + + $info = $this->getCache()->get($path); + if (isset($info['encrypted']) && $info['encrypted'] === true) { + $firstBlock = $this->readFirstBlock($path); + $result = $this->parseRawHeader($firstBlock); + + // if the header doesn't contain a encryption module we check if it is a + // legacy file. If true, we add the default encryption module + if (!isset($result[Util::HEADER_ENCRYPTION_MODULE_KEY])) { + if (!empty($result)) { + $result[Util::HEADER_ENCRYPTION_MODULE_KEY] = 'OC_DEFAULT_MODULE'; + } elseif ($exists) { $result[Util::HEADER_ENCRYPTION_MODULE_KEY] = 'OC_DEFAULT_MODULE'; } } From 0af8a0c8f067000fed42191e96d859740dc15168 Mon Sep 17 00:00:00 2001 From: Jasper Knockaert Date: Tue, 5 Jan 2021 19:09:16 +0100 Subject: [PATCH 2/7] attemtp to fix test --- tests/lib/Files/Storage/Wrapper/EncryptionTest.php | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/tests/lib/Files/Storage/Wrapper/EncryptionTest.php b/tests/lib/Files/Storage/Wrapper/EncryptionTest.php index eccec7c28d5..ef524a55fda 100644 --- a/tests/lib/Files/Storage/Wrapper/EncryptionTest.php +++ b/tests/lib/Files/Storage/Wrapper/EncryptionTest.php @@ -560,6 +560,12 @@ class EncryptionTest extends Storage { * @param string $strippedPath */ public function testGetHeader($path, $strippedPathExists, $strippedPath) { + $cache = $this->getMockBuilder('\OC\Files\Cache\Cache') + ->disableOriginalConstructor()->getMock(); + $cache->expects($this->any()) + ->method('get') + ->willReturn(['encrypted' => true]); + $sourceStorage = $this->getMockBuilder('\OC\Files\Storage\Storage') ->disableOriginalConstructor()->getMock(); @@ -586,7 +592,7 @@ class EncryptionTest extends Storage { $this->encryptionManager, $util, $this->logger, $this->file, null, $this->keyStore, $this->update, $this->mountManager, $this->arrayCache ] ) - ->setMethods(['readFirstBlock', 'parseRawHeader']) + ->setMethods(['getCache','readFirstBlock', 'parseRawHeader']) ->getMock(); $instance->expects($this->once())->method(('parseRawHeader')) From ca501a6d88f17cfd4b821fa3210d64883a143a37 Mon Sep 17 00:00:00 2001 From: Jasper Knockaert Date: Tue, 5 Jan 2021 20:41:02 +0100 Subject: [PATCH 3/7] 2nd attempt to fix tests --- .../Files/Storage/Wrapper/EncryptionTest.php | 18 +++++++++++------- 1 file changed, 11 insertions(+), 7 deletions(-) diff --git a/tests/lib/Files/Storage/Wrapper/EncryptionTest.php b/tests/lib/Files/Storage/Wrapper/EncryptionTest.php index ef524a55fda..6bdacda8c76 100644 --- a/tests/lib/Files/Storage/Wrapper/EncryptionTest.php +++ b/tests/lib/Files/Storage/Wrapper/EncryptionTest.php @@ -560,12 +560,6 @@ class EncryptionTest extends Storage { * @param string $strippedPath */ public function testGetHeader($path, $strippedPathExists, $strippedPath) { - $cache = $this->getMockBuilder('\OC\Files\Cache\Cache') - ->disableOriginalConstructor()->getMock(); - $cache->expects($this->any()) - ->method('get') - ->willReturn(['encrypted' => true]); - $sourceStorage = $this->getMockBuilder('\OC\Files\Storage\Storage') ->disableOriginalConstructor()->getMock(); @@ -579,6 +573,14 @@ class EncryptionTest extends Storage { $this->arrayCache ] )->getMock(); + + $cache = $this->getMockBuilder('\OC\Files\Cache\Cache') + ->disableOriginalConstructor()->getMock(); + $cache->expects($this->any()) + ->method('get') + ->willReturnCallback(function ($path) { + return ['encrypted' => true, 'path' => $path]; + }); $instance = $this->getMockBuilder('\OC\Files\Storage\Wrapper\Encryption') ->setConstructorArgs( @@ -594,7 +596,9 @@ class EncryptionTest extends Storage { ) ->setMethods(['getCache','readFirstBlock', 'parseRawHeader']) ->getMock(); - + + $instance->expects($this->any())->method('getCache')->willReturn($cache); + $instance->expects($this->once())->method(('parseRawHeader')) ->willReturn([Util::HEADER_ENCRYPTION_MODULE_KEY => 'OC_DEFAULT_MODULE']); From 76059da34115048255a63c61524bbe1666eb6e5d Mon Sep 17 00:00:00 2001 From: Jasper Knockaert Date: Tue, 5 Jan 2021 21:45:50 +0100 Subject: [PATCH 4/7] Update EncryptionTest.php --- tests/lib/Files/Storage/Wrapper/EncryptionTest.php | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/tests/lib/Files/Storage/Wrapper/EncryptionTest.php b/tests/lib/Files/Storage/Wrapper/EncryptionTest.php index 6bdacda8c76..d152a51ed85 100644 --- a/tests/lib/Files/Storage/Wrapper/EncryptionTest.php +++ b/tests/lib/Files/Storage/Wrapper/EncryptionTest.php @@ -597,7 +597,7 @@ class EncryptionTest extends Storage { ->setMethods(['getCache','readFirstBlock', 'parseRawHeader']) ->getMock(); - $instance->expects($this->any())->method('getCache')->willReturn($cache); + $instance->expects($this->once())->method('getCache')->willReturn($cache); $instance->expects($this->once())->method(('parseRawHeader')) ->willReturn([Util::HEADER_ENCRYPTION_MODULE_KEY => 'OC_DEFAULT_MODULE']); @@ -671,8 +671,8 @@ class EncryptionTest extends Storage { ->setMethods(['readFirstBlock', 'parseRawHeader', 'getCache']) ->getMock(); - $instance->expects($this->once())->method(('parseRawHeader'))->willReturn($header); - $instance->expects($this->any())->method('getCache')->willReturn($cache); + $instance->expects($this->any())->method(('parseRawHeader'))->willReturn($header); + $instance->expects($this->once())->method('getCache')->willReturn($cache); $result = $this->invokePrivate($instance, 'getHeader', ['test.txt']); $this->assertSameSize($expected, $result); From df3cd0f89e5f3f4db8832f14b7fc1a75a913d098 Mon Sep 17 00:00:00 2001 From: Jasper Knockaert Date: Sat, 16 Jan 2021 14:33:44 +0100 Subject: [PATCH 5/7] consolidation of boolean expression --- lib/private/Files/Storage/Wrapper/Encryption.php | 7 ++----- 1 file changed, 2 insertions(+), 5 deletions(-) diff --git a/lib/private/Files/Storage/Wrapper/Encryption.php b/lib/private/Files/Storage/Wrapper/Encryption.php index adcf56c0971..bdf6c7bd380 100644 --- a/lib/private/Files/Storage/Wrapper/Encryption.php +++ b/lib/private/Files/Storage/Wrapper/Encryption.php @@ -935,11 +935,8 @@ class Encryption extends Wrapper { // if the header doesn't contain a encryption module we check if it is a // legacy file. If true, we add the default encryption module - if (!isset($result[Util::HEADER_ENCRYPTION_MODULE_KEY])) { - if (!empty($result)) { - $result[Util::HEADER_ENCRYPTION_MODULE_KEY] = 'OC_DEFAULT_MODULE'; - } elseif ($exists) { - $result[Util::HEADER_ENCRYPTION_MODULE_KEY] = 'OC_DEFAULT_MODULE'; + if (!isset($result[Util::HEADER_ENCRYPTION_MODULE_KEY] && (!empty($result) || $exists)) { + $result[Util::HEADER_ENCRYPTION_MODULE_KEY] = 'OC_DEFAULT_MODULE'; } } } From ac650a13d38d6ba9d013f4f2181e80fbd7b20d9e Mon Sep 17 00:00:00 2001 From: Jasper Knockaert Date: Sat, 16 Jan 2021 14:38:19 +0100 Subject: [PATCH 6/7] fix brakcets --- lib/private/Files/Storage/Wrapper/Encryption.php | 1 - 1 file changed, 1 deletion(-) diff --git a/lib/private/Files/Storage/Wrapper/Encryption.php b/lib/private/Files/Storage/Wrapper/Encryption.php index bdf6c7bd380..f4b1899580e 100644 --- a/lib/private/Files/Storage/Wrapper/Encryption.php +++ b/lib/private/Files/Storage/Wrapper/Encryption.php @@ -937,7 +937,6 @@ class Encryption extends Wrapper { // legacy file. If true, we add the default encryption module if (!isset($result[Util::HEADER_ENCRYPTION_MODULE_KEY] && (!empty($result) || $exists)) { $result[Util::HEADER_ENCRYPTION_MODULE_KEY] = 'OC_DEFAULT_MODULE'; - } } } From 8466c53e0055558a7719de382ae148424f018513 Mon Sep 17 00:00:00 2001 From: Jasper Knockaert Date: Sat, 16 Jan 2021 14:49:53 +0100 Subject: [PATCH 7/7] fix even more brackets Signed-off-by: Jasper Knockaert jasper@knockaert.nl --- lib/private/Files/Storage/Wrapper/Encryption.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lib/private/Files/Storage/Wrapper/Encryption.php b/lib/private/Files/Storage/Wrapper/Encryption.php index f4b1899580e..22201c9db83 100644 --- a/lib/private/Files/Storage/Wrapper/Encryption.php +++ b/lib/private/Files/Storage/Wrapper/Encryption.php @@ -935,7 +935,7 @@ class Encryption extends Wrapper { // if the header doesn't contain a encryption module we check if it is a // legacy file. If true, we add the default encryption module - if (!isset($result[Util::HEADER_ENCRYPTION_MODULE_KEY] && (!empty($result) || $exists)) { + if (!isset($result[Util::HEADER_ENCRYPTION_MODULE_KEY]) && (!empty($result) || $exists)) { $result[Util::HEADER_ENCRYPTION_MODULE_KEY] = 'OC_DEFAULT_MODULE'; } }