Fix handling of small files and files with null in first 8 bytes (#116)

jmurty · web-flow · commit 334697a4599a · 2022-01-16T00:25:13.000+11:00
The `read -rn 8` command doesn't seem to cope with small files, and
does all kinds of strange things (on macOS at least) including:
- not reading anything at all from files with short first lines
- reading too much from files with long first lines (more than 8 chars)

Switch to us `head -c8` instead, which is safer, plus some fiddly
use of `tr` to ignore null bytes early in a way that works for older
and newer versions of bash.
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -25,6 +25,7 @@ The format is based on [Keep a Changelog][1], and this project adheres to
 - Zsh completion. (#107)
 - Fix salt generation for partial (patch) commits (#118)
 - Improve command hint to fix secret files not encrypted in index (#120)
+- Fix handling of files with null in first 8 bytes (#116)
 
 ## [2.1.0] - 2020-09-07
 
diff --git a/tests/test_crypt.bats b/tests/test_crypt.bats
@@ -139,6 +139,77 @@ function check_repo_is_clean {
   rm "$FILENAME"
 }
 
+@test "crypt: handle very small file" {
+  FILENAME="small file.txt"
+  SECRET_CONTENT="sh"
+  SECRET_CONTENT_ENC="U2FsdGVkX1/NlZCZ0ho/TL+5kTxm/R/X5nfATzQLKfI="
+
+  encrypt_named_file "$FILENAME" "$SECRET_CONTENT"
+  [[ "${output}" = *"Encrypt file \"$FILENAME\""* ]]
+
+  # Working copy is decrypted
+  run cat "$FILENAME"
+  [ "$status" -eq 0 ]
+  [ "${lines[0]}" = "$SECRET_CONTENT" ]
+
+  # Git internal copy is encrypted
+  run git show HEAD:"$FILENAME" --no-textconv
+  [ "$status" -eq 0 ]
+  [ "${lines[0]}" = "$SECRET_CONTENT_ENC" ]
+
+  # transcrypt --show-raw shows encrypted content
+  run ../transcrypt --show-raw "$FILENAME"
+  [ "$status" -eq 0 ]
+  [ "${lines[0]}" = "==> $FILENAME <==" ]
+  [ "${lines[1]}" = "$SECRET_CONTENT_ENC" ]
+
+  # git ls-crypt lists encrypted file
+  run git ls-crypt
+  [ "$status" -eq 0 ]
+  [ "${lines[0]}" = "$FILENAME" ]
+
+  # transcrypt --list lists encrypted file"
+  run ../transcrypt --list
+  [ "$status" -eq 0 ]
+  [ "${lines[0]}" = "$FILENAME" ]
+
+  rm "$FILENAME"
+}
+
+@test "crypt: handle file with problematic bytes" {
+  FILENAME="problem bytes file.txt"
+  SECRET_CONTENT_ENC="U2FsdGVkX1/RVkIfYCsbUMcvQlC2vWZJVQtZSuppd7Q="
+
+  # Write octal byte 375 and null byte as file contents
+  printf "\375 \0 shh" > "$FILENAME"
+
+  encrypt_named_file "$FILENAME"
+  [[ "${output}" = *"Encrypt file \"$FILENAME\""* ]]
+
+  # Git internal copy is encrypted
+  run git show HEAD:"$FILENAME" --no-textconv
+  [ "$status" -eq 0 ]
+  [ "${lines[0]}" = "$SECRET_CONTENT_ENC" ]
+
+  # transcrypt --show-raw shows encrypted content
+  run ../transcrypt --show-raw "$FILENAME"
+  [ "$status" -eq 0 ]
+  [ "${lines[0]}" = "==> $FILENAME <==" ]
+  [ "${lines[1]}" = "$SECRET_CONTENT_ENC" ]
+
+  # git ls-crypt lists encrypted file
+  run git ls-crypt
+  [ "$status" -eq 0 ]
+  [ "${lines[0]}" = "$FILENAME" ]
+
+  # transcrypt --list lists encrypted file"
+  run ../transcrypt --list
+  [ "$status" -eq 0 ]
+  [ "${lines[0]}" = "$FILENAME" ]
+
+  rm "$FILENAME"
+}
+
 @test "crypt: transcrypt --upgrade applies new merge driver" {
   VERSION=$(../transcrypt -v | awk '{print $2}')
 
diff --git a/transcrypt b/transcrypt
@@ -127,7 +127,8 @@ git_clean() {
 	trap 'rm -f "$tempfile"' EXIT
 	tee "$tempfile" &>/dev/null
 	# the first bytes of an encrypted file are always "Salted" in Base64
-	read -rn 8 firstbytes <"$tempfile"
+	# The `head + LC_ALL=C tr` command handles binary data in old and new Bash (#116)
+	firstbytes=$(head -c8 "$tempfile" | LC_ALL=C tr -d '\0')
 	if [[ $firstbytes == "U2FsdGVk" ]]; then
 		cat "$tempfile"
 	else
