Merge branch 'master' into links

circle.yml

@@ -10,5 +10,5 @@ dependencies:
 test:
   override:
     - bash ./ci/config.sh
-    - cd build && make && make check && make install
+    - cd build && make && ./checkops && make install
     - /tmp/encfs/bin/encfsctl --version

encfs/Context.cpp

@@ -120,10 +120,13 @@ void EncFS_Context::eraseNode(const char *path, FileNode *pl) {
   FileMap::iterator it = openFiles.find(std::string(path));
   rAssert(it != openFiles.end());
 
+  auto fn = it->second.front();
+
   it->second.pop_front();
 
   // if no more references to this file, remove the record all together
   if (it->second.empty()) {
+    fn->canary = CANARY_RELEASED;
     openFiles.erase(it);
   }
 }

encfs/FileNode.cpp

@@ -58,6 +58,8 @@ FileNode::FileNode(DirNode *parent_, const FSConfigPtr &cfg,
 
   Lock _lock(mutex);
 
+  this->canary = CANARY_OK;
+
   this->_pname = plaintextName_;
   this->_cname = cipherName_;
   this->parent = parent_;
@@ -76,6 +78,7 @@ FileNode::~FileNode() {
   // FileNode mutex should be locked before the destructor is called
   // pthread_mutex_lock( &mutex );
 
+  canary = CANARY_DESTROYED;
   _pname.assign(_pname.length(), '\0');
   _cname.assign(_cname.length(), '\0');
   io.reset();

encfs/FileNode.h

@@ -33,6 +33,10 @@
 #include "FileUtils.h"
 #include "encfs.h"
 
+#define CANARY_OK 0x46040975
+#define CANARY_RELEASED 0x70c5610d
+#define CANARY_DESTROYED 0x52cdad90
+
 namespace encfs {
 
 class Cipher;
@@ -45,6 +49,8 @@ class FileNode {
            const char *cipherName);
   ~FileNode();
 
+  uint32_t canary;
+
   const char *plaintextName() const;
   const char *cipherName() const;
 

encfs/FileUtils.cpp

@@ -536,12 +536,12 @@ bool writeV6Config(const char *configFile, const EncFSConfig *cfg) {
   addEl(doc, config, "nameAlg", cfg->nameIface);
   addEl(doc, config, "keySize", cfg->keySize);
   addEl(doc, config, "blockSize", cfg->blockSize);
-  addEl(doc, config, "uniqueIV", cfg->uniqueIV);
-  addEl(doc, config, "chainedNameIV", cfg->chainedNameIV);
-  addEl(doc, config, "externalIVChaining", cfg->externalIVChaining);
+  addEl(doc, config, "uniqueIV", (int)cfg->uniqueIV);
+  addEl(doc, config, "chainedNameIV", (int)cfg->chainedNameIV);
+  addEl(doc, config, "externalIVChaining", (int)cfg->externalIVChaining);
   addEl(doc, config, "blockMACBytes", cfg->blockMACBytes);
   addEl(doc, config, "blockMACRandBytes", cfg->blockMACRandBytes);
-  addEl(doc, config, "allowHoles", cfg->allowHoles);
+  addEl(doc, config, "allowHoles", (int)cfg->allowHoles);
   addEl(doc, config, "encodedKeySize", (int)cfg->keyData.size());
   addEl(doc, config, "encodedKeyData", cfg->keyData);
   addEl(doc, config, "saltLen", (int)cfg->salt.size());

encfs/encfs.cpp

@@ -125,6 +125,16 @@ static int withFileNode(const char *opName, const char *path,
 
     auto do_op = [&FSRoot, opName, &op](FileNode *fnode) {
       rAssert(fnode != nullptr);
+      if(fnode->canary != CANARY_OK) {
+        if(fnode->canary == CANARY_RELEASED) {
+          RLOG(ERROR) << "canary=CANARY_RELEASED. File node accessed after it was released.";
+        } else if(fnode->canary == CANARY_DESTROYED) {
+          RLOG(ERROR) << "canary=CANARY_DESTROYED. File node accessed after it was destroyed.";
+        } else {
+          RLOG(ERROR) << "canary=0x" << std::hex << fnode->canary << ". Corruption?";
+        }
+        throw Error("dead canary");
+      }
       VLOG(1) << "op: " << opName << " : " << fnode->cipherName();
 
       // check that we're not recursing into the mount point itself

test.sh

@@ -0,0 +1,10 @@
+#!/bin/bash -eu
+
+./build/checkops &> /dev/null
+
+for i in $(mount | grep -e "/tmp/encfs-reverse-tests-\|/tmp/encfs-tests-" | cut -f3 -d" "); do
+	echo "Warning: unmounting leftover filesystem: $i"
+	fusermount -u $i
+done
+
+perl -MTest::Harness -e '$$Test::Harness::debug=1; runtests @ARGV;' tests/*.t.pl

tests/normal.t.pl

@@ -2,7 +2,7 @@
 
 # Test EncFS normal and paranoid mode
 
-use Test::More tests => 112;
+use Test::More tests => 122;
 use File::Path;
 use File::Copy;
 use File::Temp;
@@ -70,6 +70,7 @@ sub runTests
     &internalModification;
     &grow;
     &umask0777;
+    &create_unmount_remount;
 
     &configFromPipe;
     &cleanup;
@@ -219,7 +220,7 @@ sub fileCreation
     # ensure there is an encrypted version.
     my $c = encName("df.txt");
     cmp_ok( length($c), '>', 8, "encrypted name ok" );
-    ok( -f "$raw/$c", "encrypted file created" );
+    ok( -f "$raw/$c", "encrypted file $raw/$c created" );
 
     # check contents
     my $count = qx(grep -c crypt-$$ "$crypt/df.txt");
@@ -391,3 +392,33 @@ sub configFromPipe
     waitpid($child, 0);
     ok( 0 == $?, "encfs mount with named pipe based config failed");
 }
+
+sub create_unmount_remount
+{
+    my $crypt = "$workingDir/create_remount.crypt";
+    my $mnt = "$workingDir/create_remount.mnt";
+    mkdir($crypt) || BAIL_OUT($!);
+    mkdir($mnt)  || BAIL_OUT($!);
+
+    system("./build/encfs --standard --extpass=\"echo test\" $crypt $mnt 2>&1");
+    ok( $? == 0, "encfs command returns 0") || return;
+    ok( -f "$crypt/.encfs6.xml",  "created control file") || return;
+
+    # Write some text
+    my $contents = "hello world\n";
+    ok( open(OUT, "> $mnt/test_file_1"), "write content");
+    print OUT $contents;
+    close OUT;
+
+    # Unmount
+    portable_unmount($mnt);
+
+    # Mount again
+    system("./build/encfs --extpass=\"echo test\" $crypt $mnt 2>&1");
+    ok( $? == 0, "encfs command returns 0") || return;
+
+    # Check if content is still there
+    checkContents("$mnt/test_file_1", $contents);
+
+    portable_unmount($mnt);
+}