From 82482adb483e1963be8fb5deedb24dca9d252708 Mon Sep 17 00:00:00 2001 From: Jasper Knockaert Date: Tue, 5 Jan 2021 11:14:49 +0100 Subject: [PATCH 1/7] avoid fread on directories and unencrypted files Reworking the logic in order to first check the filecache and only then reading the fileheader. This in order to solve #21578. --- .../Files/Storage/Wrapper/Encryption.php | 29 ++++++++++--------- 1 file changed, 16 insertions(+), 13 deletions(-) diff --git a/lib/private/Files/Storage/Wrapper/Encryption.php b/lib/private/Files/Storage/Wrapper/Encryption.php index a7a915afad9ae..7482212157e42 100644 --- a/lib/private/Files/Storage/Wrapper/Encryption.php +++ b/lib/private/Files/Storage/Wrapper/Encryption.php @@ -925,19 +925,22 @@ protected function getHeader($path) { $path = $realFile; } - $firstBlock = $this->readFirstBlock($path); - $result = $this->parseRawHeader($firstBlock); - - // if the header doesn't contain a encryption module we check if it is a - // legacy file. If true, we add the default encryption module - if (!isset($result[Util::HEADER_ENCRYPTION_MODULE_KEY])) { - if (!empty($result)) { - $result[Util::HEADER_ENCRYPTION_MODULE_KEY] = 'OC_DEFAULT_MODULE'; - } elseif ($exists) { - // if the header was empty we have to check first if it is a encrypted file at all - // We would do query to filecache only if we know that entry in filecache exists - $info = $this->getCache()->get($path); - if (isset($info['encrypted']) && $info['encrypted'] === true) { + $result = []; + + // first check if it is an encrypted file at all + // We would do query to filecache only if we know that entry in filecache exists + + $info = $this->getCache()->get($path); + if (isset($info['encrypted']) && $info['encrypted'] === true) { + $firstBlock = $this->readFirstBlock($path); + $result = $this->parseRawHeader($firstBlock); + + // if the header doesn't contain a encryption module we check if it is a + // legacy file. If true, we add the default encryption module + if (!isset($result[Util::HEADER_ENCRYPTION_MODULE_KEY])) { + if (!empty($result)) { + $result[Util::HEADER_ENCRYPTION_MODULE_KEY] = 'OC_DEFAULT_MODULE'; + } elseif ($exists) { $result[Util::HEADER_ENCRYPTION_MODULE_KEY] = 'OC_DEFAULT_MODULE'; } } From ab14c0322b0ea8f9b7ae827b91a7170b813ec78b Mon Sep 17 00:00:00 2001 From: Jasper Knockaert Date: Tue, 5 Jan 2021 19:09:16 +0100 Subject: [PATCH 2/7] attemtp to fix test --- tests/lib/Files/Storage/Wrapper/EncryptionTest.php | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/tests/lib/Files/Storage/Wrapper/EncryptionTest.php b/tests/lib/Files/Storage/Wrapper/EncryptionTest.php index 8bdb48fd854e7..2a2a45e53ceba 100644 --- a/tests/lib/Files/Storage/Wrapper/EncryptionTest.php +++ b/tests/lib/Files/Storage/Wrapper/EncryptionTest.php @@ -566,6 +566,12 @@ public function dataTestCopyKeys() { * @param string $strippedPath */ public function testGetHeader($path, $strippedPathExists, $strippedPath) { + $cache = $this->getMockBuilder('\OC\Files\Cache\Cache') + ->disableOriginalConstructor()->getMock(); + $cache->expects($this->any()) + ->method('get') + ->willReturn(['encrypted' => true]); + $sourceStorage = $this->getMockBuilder('\OC\Files\Storage\Storage') ->disableOriginalConstructor()->getMock(); @@ -597,7 +603,7 @@ public function testGetHeader($path, $strippedPathExists, $strippedPath) { $this->encryptionManager, $util, $this->logger, $this->file, null, $this->keyStore, $this->update, $this->mountManager, $this->arrayCache ] ) - ->setMethods(['readFirstBlock', 'parseRawHeader']) + ->setMethods(['getCache','readFirstBlock', 'parseRawHeader']) ->getMock(); $instance->expects($this->once())->method(('parseRawHeader')) From bbf191bdef3bef110928cf24bfa3d0931002a1a4 Mon Sep 17 00:00:00 2001 From: Jasper Knockaert Date: Tue, 5 Jan 2021 20:41:02 +0100 Subject: [PATCH 3/7] 2nd attempt to fix tests --- .../Files/Storage/Wrapper/EncryptionTest.php | 18 +++++++++++------- 1 file changed, 11 insertions(+), 7 deletions(-) diff --git a/tests/lib/Files/Storage/Wrapper/EncryptionTest.php b/tests/lib/Files/Storage/Wrapper/EncryptionTest.php index 2a2a45e53ceba..7042fd09f5e02 100644 --- a/tests/lib/Files/Storage/Wrapper/EncryptionTest.php +++ b/tests/lib/Files/Storage/Wrapper/EncryptionTest.php @@ -566,12 +566,6 @@ public function dataTestCopyKeys() { * @param string $strippedPath */ public function testGetHeader($path, $strippedPathExists, $strippedPath) { - $cache = $this->getMockBuilder('\OC\Files\Cache\Cache') - ->disableOriginalConstructor()->getMock(); - $cache->expects($this->any()) - ->method('get') - ->willReturn(['encrypted' => true]); - $sourceStorage = $this->getMockBuilder('\OC\Files\Storage\Storage') ->disableOriginalConstructor()->getMock(); @@ -590,6 +584,14 @@ public function testGetHeader($path, $strippedPathExists, $strippedPath) { $this->arrayCache ] )->getMock(); + + $cache = $this->getMockBuilder('\OC\Files\Cache\Cache') + ->disableOriginalConstructor()->getMock(); + $cache->expects($this->any()) + ->method('get') + ->willReturnCallback(function ($path) { + return ['encrypted' => true, 'path' => $path]; + }); $instance = $this->getMockBuilder('\OC\Files\Storage\Wrapper\Encryption') ->setConstructorArgs( @@ -605,7 +607,9 @@ public function testGetHeader($path, $strippedPathExists, $strippedPath) { ) ->setMethods(['getCache','readFirstBlock', 'parseRawHeader']) ->getMock(); - + + $instance->expects($this->any())->method('getCache')->willReturn($cache); + $instance->expects($this->once())->method(('parseRawHeader')) ->willReturn([Util::HEADER_ENCRYPTION_MODULE_KEY => 'OC_DEFAULT_MODULE']); From 5341807b14d1242d6852377f70ef80b1f9325ff4 Mon Sep 17 00:00:00 2001 From: Jasper Knockaert Date: Tue, 5 Jan 2021 21:45:50 +0100 Subject: [PATCH 4/7] Update EncryptionTest.php --- tests/lib/Files/Storage/Wrapper/EncryptionTest.php | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/tests/lib/Files/Storage/Wrapper/EncryptionTest.php b/tests/lib/Files/Storage/Wrapper/EncryptionTest.php index 7042fd09f5e02..a4ee5e45bd5fb 100644 --- a/tests/lib/Files/Storage/Wrapper/EncryptionTest.php +++ b/tests/lib/Files/Storage/Wrapper/EncryptionTest.php @@ -608,7 +608,7 @@ public function testGetHeader($path, $strippedPathExists, $strippedPath) { ->setMethods(['getCache','readFirstBlock', 'parseRawHeader']) ->getMock(); - $instance->expects($this->any())->method('getCache')->willReturn($cache); + $instance->expects($this->once())->method('getCache')->willReturn($cache); $instance->expects($this->once())->method(('parseRawHeader')) ->willReturn([Util::HEADER_ENCRYPTION_MODULE_KEY => 'OC_DEFAULT_MODULE']); @@ -687,8 +687,8 @@ public function testGetHeaderAddLegacyModule($header, $isEncrypted, $exists, $ex ->setMethods(['readFirstBlock', 'parseRawHeader', 'getCache']) ->getMock(); - $instance->expects($this->once())->method(('parseRawHeader'))->willReturn($header); - $instance->expects($this->any())->method('getCache')->willReturn($cache); + $instance->expects($this->any())->method(('parseRawHeader'))->willReturn($header); + $instance->expects($this->once())->method('getCache')->willReturn($cache); $result = $this->invokePrivate($instance, 'getHeader', ['test.txt']); $this->assertSameSize($expected, $result); From 5f9663d2c85f09c2b75b16d08c8305fbc419d98f Mon Sep 17 00:00:00 2001 From: Jasper Knockaert Date: Sat, 16 Jan 2021 14:33:44 +0100 Subject: [PATCH 5/7] consolidation of boolean expression --- lib/private/Files/Storage/Wrapper/Encryption.php | 7 ++----- 1 file changed, 2 insertions(+), 5 deletions(-) diff --git a/lib/private/Files/Storage/Wrapper/Encryption.php b/lib/private/Files/Storage/Wrapper/Encryption.php index 7482212157e42..96927485c2922 100644 --- a/lib/private/Files/Storage/Wrapper/Encryption.php +++ b/lib/private/Files/Storage/Wrapper/Encryption.php @@ -937,11 +937,8 @@ protected function getHeader($path) { // if the header doesn't contain a encryption module we check if it is a // legacy file. If true, we add the default encryption module - if (!isset($result[Util::HEADER_ENCRYPTION_MODULE_KEY])) { - if (!empty($result)) { - $result[Util::HEADER_ENCRYPTION_MODULE_KEY] = 'OC_DEFAULT_MODULE'; - } elseif ($exists) { - $result[Util::HEADER_ENCRYPTION_MODULE_KEY] = 'OC_DEFAULT_MODULE'; + if (!isset($result[Util::HEADER_ENCRYPTION_MODULE_KEY] && (!empty($result) || $exists)) { + $result[Util::HEADER_ENCRYPTION_MODULE_KEY] = 'OC_DEFAULT_MODULE'; } } } From c1dcd06fe1b73de58c37346318a4a8499836f409 Mon Sep 17 00:00:00 2001 From: Jasper Knockaert Date: Sat, 16 Jan 2021 14:38:19 +0100 Subject: [PATCH 6/7] fix brakcets --- lib/private/Files/Storage/Wrapper/Encryption.php | 1 - 1 file changed, 1 deletion(-) diff --git a/lib/private/Files/Storage/Wrapper/Encryption.php b/lib/private/Files/Storage/Wrapper/Encryption.php index 96927485c2922..d3f514375eac7 100644 --- a/lib/private/Files/Storage/Wrapper/Encryption.php +++ b/lib/private/Files/Storage/Wrapper/Encryption.php @@ -939,7 +939,6 @@ protected function getHeader($path) { // legacy file. If true, we add the default encryption module if (!isset($result[Util::HEADER_ENCRYPTION_MODULE_KEY] && (!empty($result) || $exists)) { $result[Util::HEADER_ENCRYPTION_MODULE_KEY] = 'OC_DEFAULT_MODULE'; - } } } From bb092dd7cc711dadab7ee62e3e225c308725c160 Mon Sep 17 00:00:00 2001 From: Jasper Knockaert Date: Sat, 16 Jan 2021 14:49:53 +0100 Subject: [PATCH 7/7] fix even more brackets Signed-off-by: Jasper Knockaert jasper@knockaert.nl --- lib/private/Files/Storage/Wrapper/Encryption.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lib/private/Files/Storage/Wrapper/Encryption.php b/lib/private/Files/Storage/Wrapper/Encryption.php index d3f514375eac7..64c9b0a4a66de 100644 --- a/lib/private/Files/Storage/Wrapper/Encryption.php +++ b/lib/private/Files/Storage/Wrapper/Encryption.php @@ -937,7 +937,7 @@ protected function getHeader($path) { // if the header doesn't contain a encryption module we check if it is a // legacy file. If true, we add the default encryption module - if (!isset($result[Util::HEADER_ENCRYPTION_MODULE_KEY] && (!empty($result) || $exists)) { + if (!isset($result[Util::HEADER_ENCRYPTION_MODULE_KEY]) && (!empty($result) || $exists)) { $result[Util::HEADER_ENCRYPTION_MODULE_KEY] = 'OC_DEFAULT_MODULE'; } }