From 9197385331528cc7f6e1573cea134880b46b1307 Mon Sep 17 00:00:00 2001
From: Ben RUBSON <ben.rubson@gmail.com>
Date: Mon, 26 Mar 2018 08:09:01 +0200
Subject: [PATCH] Correct a possible write crash (#494)

Originate buffer was modified by encryption, which can lead to an EncFS crash, as originate application may not like its buffer to be overwritten
---
 encfs/BlockFileIO.cpp | 18 +++++++++++++-----
 1 file changed, 13 insertions(+), 5 deletions(-)

diff --git a/encfs/BlockFileIO.cpp b/encfs/BlockFileIO.cpp
index 983f155..c3a5330 100644
--- a/encfs/BlockFileIO.cpp
+++ b/encfs/BlockFileIO.cpp
@@ -98,15 +98,23 @@ ssize_t BlockFileIO::cacheReadOneBlock(const IORequest &req) const {
 }
 
 ssize_t BlockFileIO::cacheWriteOneBlock(const IORequest &req) {
-  // cache results of write (before pass-thru, because it may be modified
-  // in-place)
+  // Let's point request buffer to our own buffer, as it may be modified by
+  // encryption : originating process may not like to have its buffer modified
   memcpy(_cache.data, req.data, req.dataLen);
-  _cache.offset = req.offset;
-  _cache.dataLen = req.dataLen;
-  ssize_t res = writeOneBlock(req);
+  IORequest tmp;
+  tmp.offset = req.offset;
+  tmp.data = _cache.data;
+  tmp.dataLen = req.dataLen;
+  ssize_t res = writeOneBlock(tmp);
   if (res < 0) {
     clearCache(_cache, _blockSize);
   }
+  else {
+    // And now we can cache the write buffer from the request
+    memcpy(_cache.data, req.data, req.dataLen);
+    _cache.offset = req.offset;
+    _cache.dataLen = req.dataLen;
+  }
   return res;
 }