Merge pull request #122 from cryptomator/hotfix/121-do-not-add-nullbytes

Extends the shortenend names check by basic syntax analysis of the string contained in `name.c9s`. Adds two new results for indicating incorrect syntax (not fixable) and only trailing bytes in string (fixable).

Fixes #121.

Author: infeo

src/main/java/org/cryptomator/cryptofs/LongFileNameProvider.java

@@ -113,7 +113,7 @@ public void persist() {
 		private void persistInternal() throws IOException {
 			Path longNameFile = c9sPath.resolve(INFLATED_FILE_NAME);
 			Files.createDirectories(c9sPath);
-			Files.write(longNameFile,UTF_8.encode(longName).array()); //WRITE, CREATE, TRUNCATE_EXISTING
+			Files.writeString(longNameFile, longName, UTF_8, StandardOpenOption.TRUNCATE_EXISTING, StandardOpenOption.WRITE, StandardOpenOption.CREATE);
 		}
 	}
 

src/main/java/org/cryptomator/cryptofs/health/shortened/NotDecodableLongName.java

@@ -0,0 +1,43 @@
+package org.cryptomator.cryptofs.health.shortened;
+
+import org.cryptomator.cryptofs.health.api.CommonDetailKeys;
+import org.cryptomator.cryptofs.health.api.DiagnosticResult;
+
+import java.nio.file.Path;
+import java.util.Map;
+
+/**
+ * A name.c9s file with a syntactical <em>incorrect</em> string.
+ * <p>
+ * A string is only correct if
+ * <ul>
+ *     <li> it ends with {@value org.cryptomator.cryptofs.common.Constants#CRYPTOMATOR_FILE_SUFFIX} and </li>
+ *     <li> excluding the aforementioned suffix, is base64url encoded</li>
+ * </ul>
+ * <p>
+ * A special case represents the diagnostic result {@link TrailingBytesInNameFile}.
+ *
+ * @see TrailingBytesInNameFile
+ */
+public class NotDecodableLongName implements DiagnosticResult {
+
+	private final Path nameFile;
+	private final String longName;
+
+	public NotDecodableLongName(Path nameFile, String longName) {
+		this.nameFile = nameFile;
+		this.longName = longName;
+	}
+
+	@Override
+	public Severity getSeverity() {
+		return Severity.CRITICAL;
+	}
+
+
+	@Override
+	public Map<String, String> details() {
+		return Map.of(CommonDetailKeys.ENCRYPTED_PATH, nameFile.toString(), //
+				"Stored String", longName);
+	}
+}

src/main/java/org/cryptomator/cryptofs/health/shortened/ShortenedNamesCheck.java

@@ -95,6 +95,16 @@ void checkShortenedName(Path dir) throws IOException {
 			}
 
 			var longName = Files.readString(nameFile, UTF_8);
+
+			var syntaxResult = checkSyntax(longName);
+			if (syntaxResult == SyntaxResult.INVALID) {
+				resultCollector.accept(new NotDecodableLongName(nameFile, longName));
+				return;
+			} else if (syntaxResult == SyntaxResult.TRAILING_BYTES) {
+				resultCollector.accept(new TrailingBytesInNameFile(nameFile, longName));
+				return;
+			}
+
 			var expectedShortName = deflate(longName);
 			if (!dir.getFileName().toString().equals(expectedShortName)) {
 				resultCollector.accept(new LongShortNamesMismatch(dir, expectedShortName));
@@ -103,6 +113,38 @@ void checkShortenedName(Path dir) throws IOException {
 			}
 		}
 
+
+		/**
+		 * Determines if the string stored inside the name file is a base64url encoded ending with {@value Constants#CRYPTOMATOR_FILE_SUFFIX}.
+		 *
+		 * <em>visible for testing</em>
+		 *
+		 * @return {@link SyntaxResult} indicating if it is valid, invalid or affected by https://github.com/cryptomator/cryptofs/issues/121
+		 */
+		SyntaxResult checkSyntax(String toAnalyse) {
+			int posObligatoryC9rString = toAnalyse.indexOf(Constants.CRYPTOMATOR_FILE_SUFFIX);
+			if (posObligatoryC9rString == -1) {
+				return SyntaxResult.INVALID;
+			}
+
+			var encryptedFileName = toAnalyse.substring(0, posObligatoryC9rString);
+			if (!BASE64URL.canDecode(encryptedFileName)) {
+				return SyntaxResult.INVALID;
+			}
+
+			if (toAnalyse.substring(posObligatoryC9rString).length() > Constants.CRYPTOMATOR_FILE_SUFFIX.length()) {
+				return SyntaxResult.TRAILING_BYTES;
+			}
+
+			return SyntaxResult.VALID;
+		}
+
+		enum SyntaxResult {
+			VALID,
+			INVALID,
+			TRAILING_BYTES; //to indicate issue https://github.com/cryptomator/cryptofs/issues/121
+		}
+
 		//visible for testing
 		String deflate(String longFileName) {
 			byte[] longFileNameBytes = longFileName.getBytes(UTF_8);

src/main/java/org/cryptomator/cryptofs/health/shortened/TrailingBytesInNameFile.java

@@ -0,0 +1,50 @@
+package org.cryptomator.cryptofs.health.shortened;
+
+import org.cryptomator.cryptofs.VaultConfig;
+import org.cryptomator.cryptofs.health.api.CommonDetailKeys;
+import org.cryptomator.cryptofs.health.api.DiagnosticResult;
+import org.cryptomator.cryptolib.api.Cryptor;
+import org.cryptomator.cryptolib.api.Masterkey;
+
+import java.io.IOException;
+import java.nio.charset.StandardCharsets;
+import java.nio.file.Files;
+import java.nio.file.Path;
+import java.nio.file.StandardOpenOption;
+import java.util.Map;
+
+import static org.cryptomator.cryptofs.common.Constants.CRYPTOMATOR_FILE_SUFFIX;
+
+/**
+ * Result and fix for bug https://github.com/cryptomator/cryptofs/issues/121
+ */
+public class TrailingBytesInNameFile implements DiagnosticResult {
+
+	private final Path nameFile;
+	private final String longName;
+
+	public TrailingBytesInNameFile(Path nameFile, String longName) {
+		this.nameFile = nameFile;
+		this.longName = longName;
+	}
+
+	@Override
+	public Severity getSeverity() {
+		return Severity.WARN;
+	}
+
+	@Override
+	public void fix(Path pathToVault, VaultConfig config, Masterkey masterkey, Cryptor cryptor) throws IOException {
+		var startIndexTrailingBytes = longName.indexOf(CRYPTOMATOR_FILE_SUFFIX) + CRYPTOMATOR_FILE_SUFFIX.length();
+		Files.writeString(pathToVault.resolve(nameFile), //
+				longName.substring(0, startIndexTrailingBytes), //
+				StandardCharsets.UTF_8, //
+				StandardOpenOption.WRITE, StandardOpenOption.TRUNCATE_EXISTING);
+	}
+
+	@Override
+	public Map<String, String> details() {
+		return Map.of(CommonDetailKeys.ENCRYPTED_PATH, nameFile.toString(), //
+				"Encrypted Long Name", longName);
+	}
+}

src/test/java/org/cryptomator/cryptofs/LongFileNameProviderTest.java

@@ -14,6 +14,7 @@
 import org.mockito.Mockito;
 
 import java.io.IOException;
+import java.nio.charset.StandardCharsets;
 import java.nio.file.FileVisitResult;
 import java.nio.file.Files;
 import java.nio.file.NoSuchFileException;
@@ -90,7 +91,7 @@ public void testDeflateMultipleTimes(@TempDir Path tmpPath) {
 	}
 
 	@Test
-	public void testPerstistCachedFailsOnReadOnlyFileSystems(@TempDir Path tmpPath) {
+	public void testPersistCachedFailsOnReadOnlyFileSystems(@TempDir Path tmpPath) {
 		LongFileNameProvider prov = new LongFileNameProvider(readonlyFlag);
 
 		String orig = "longName";
@@ -103,4 +104,16 @@ public void testPerstistCachedFailsOnReadOnlyFileSystems(@TempDir Path tmpPath)
 		});
 	}
 
+	@Test
+	public void testPersistedStringEqualsLongName(@TempDir Path tmpPath) throws IOException {
+		LongFileNameProvider prov = new LongFileNameProvider(readonlyFlag);
+
+		String orig = "LongNameOf200Chars00_0000_0000_0000_0000_0000_0000_0000_0000_0000_0000_0000_0000_0000_0000_0000_0000_0000_0000_0000_0000_0000_0000_0000_0000_0000_0000_0000_0000_0000_0000_0000_0000_0000_0000_0000_0000";
+		Path canonicalFileName = tmpPath.resolve(orig);
+		LongFileNameProvider.DeflatedFileName deflated = prov.deflate(canonicalFileName);
+
+		deflated.persist();
+		Assertions.assertEquals(Files.readString(deflated.c9sPath.resolve("name.c9s"), StandardCharsets.UTF_8),deflated.longName);
+	}
+
 }

src/test/java/org/cryptomator/cryptofs/health/shortened/ShortenedNamesCheckTest.java

@@ -23,6 +23,8 @@
 import java.util.Set;
 import java.util.function.Consumer;
 
+import static org.cryptomator.cryptofs.health.shortened.ShortenedNamesCheck.DirVisitor.SyntaxResult.VALID;
+
 public class ShortenedNamesCheckTest {
 
 	private FileSystem fs;
@@ -76,6 +78,7 @@ public void testExistingNamesFileAndMatchingNamesProducesValidResult() throws IO
 
 			var visitorSpy = Mockito.spy(visitor);
 			Mockito.doReturn("shortName.c9s").when(visitorSpy).deflate(longName);
+			Mockito.doReturn(VALID).when(visitorSpy).checkSyntax(longName);
 
 			visitorSpy.checkShortenedName(dir);
 			ArgumentCaptor<DiagnosticResult> resultCaptor = ArgumentCaptor.forClass(DiagnosticResult.class);
@@ -126,12 +129,44 @@ public void testMismatchingNamesProducesMismatchResult() throws IOException {
 
 			var visitorSpy = Mockito.spy(visitor);
 			Mockito.doReturn("otherName.c9s").when(visitorSpy).deflate(longName);
+			Mockito.doReturn(VALID).when(visitorSpy).checkSyntax(longName);
 
 			visitorSpy.checkShortenedName(dir);
 			ArgumentCaptor<DiagnosticResult> resultCaptor = ArgumentCaptor.forClass(DiagnosticResult.class);
 			Mockito.verify(resultsCollector).accept(resultCaptor.capture());
 			MatcherAssert.assertThat(resultCaptor.getValue(), Matchers.instanceOf(LongShortNamesMismatch.class));
 		}
 
+		@Test
+		@DisplayName("dir with non base64url content in name.c9s produces illegal encoding result")
+		public void testNonBase64URLCharsInNameFileProducesIllegalEncodingResult() throws IOException {
+			String longName = "Bug##121\0\0\0";
+			Path dir = dataRoot.resolve("AA/zzzz/shortName.c9s");
+			Path nameFile = dir.resolve("name.c9s");
+			Files.createDirectories(dir);
+			Files.writeString(nameFile, longName, StandardCharsets.UTF_8, StandardOpenOption.CREATE_NEW, StandardOpenOption.WRITE);
+
+			visitor.checkShortenedName(dir);
+			ArgumentCaptor<DiagnosticResult> resultCaptor = ArgumentCaptor.forClass(DiagnosticResult.class);
+			Mockito.verify(resultsCollector).accept(resultCaptor.capture());
+			MatcherAssert.assertThat(resultCaptor.getValue(), Matchers.instanceOf(NotDecodableLongName.class));
+		}
+
+		@Test
+		@DisplayName("dir with non base64url content in name.c9s produces illegal encoding result")
+		public void testNameFileWithTrailingNullBytesProducesIllegalEncodingResult() throws IOException {
+			String longName = "VGhpc0lzQVRlc3Q.c9r\0\0\u0002\0"; //" base64url("ThisIsATest") + ".c9r" + "\0\0\0"
+
+			Path dir = dataRoot.resolve("AA/zzzz/shortName.c9s");
+			Path nameFile = dir.resolve("name.c9s");
+			Files.createDirectories(dir);
+			Files.writeString(nameFile, longName, StandardCharsets.UTF_8, StandardOpenOption.CREATE_NEW, StandardOpenOption.WRITE);
+
+			visitor.checkShortenedName(dir);
+			ArgumentCaptor<DiagnosticResult> resultCaptor = ArgumentCaptor.forClass(DiagnosticResult.class);
+			Mockito.verify(resultsCollector).accept(resultCaptor.capture());
+			MatcherAssert.assertThat(resultCaptor.getValue(), Matchers.instanceOf(TrailingBytesInNameFile.class));
+		}
+
 	}
 }

src/test/java/org/cryptomator/cryptofs/health/shortened/TrailingNullBytesInNameFileTest.java

@@ -0,0 +1,53 @@
+package org.cryptomator.cryptofs.health.shortened;
+
+import org.cryptomator.cryptofs.VaultConfig;
+import org.cryptomator.cryptolib.api.Cryptor;
+import org.cryptomator.cryptolib.api.Masterkey;
+import org.junit.jupiter.api.Assertions;
+import org.junit.jupiter.api.BeforeEach;
+import org.junit.jupiter.api.DisplayName;
+import org.junit.jupiter.api.Test;
+import org.junit.jupiter.api.io.TempDir;
+import org.mockito.Mockito;
+
+import java.io.IOException;
+import java.nio.charset.StandardCharsets;
+import java.nio.file.Files;
+import java.nio.file.Path;
+import java.nio.file.StandardOpenOption;
+
+public class TrailingNullBytesInNameFileTest {
+
+	@TempDir
+	public Path pathToVault;
+
+	private TrailingBytesInNameFile result;
+	private Path dataDir;
+	private Path cipherDir;
+
+	@BeforeEach
+	public void init() throws IOException {
+		dataDir = pathToVault.resolve("d");
+		cipherDir = dataDir.resolve("00/0000");
+		Files.createDirectories(cipherDir);
+	}
+
+	@Test
+	@DisplayName("Successful fix only removes trailing null bytes")
+	public void testSuccessfulFixRemovesTrailingNullBytes() throws IOException {
+		//prepare
+		Path c9sDir = cipherDir.resolve("foo==.c9s");
+		Path nameFile = c9sDir.resolve("name.c9s");
+		var longName = "bar==.c9r\0\0\0";
+		result = new TrailingBytesInNameFile(nameFile, longName );
+
+		Files.createDirectory(c9sDir);
+		Files.writeString(nameFile, longName, StandardCharsets.UTF_8, StandardOpenOption.CREATE_NEW, StandardOpenOption.WRITE);
+
+		//execute
+		result.fix(pathToVault, Mockito.mock(VaultConfig.class), Mockito.mock(Masterkey.class), Mockito.mock(Cryptor.class));
+
+		//evaluate
+		Assertions.assertEquals("bar==.c9r", Files.readString(nameFile,StandardCharsets.UTF_8));
+	}
+}