Created by Tyler Hicks on 2017-06-09 and last modified on 2017-06-09
Get this branch:
bzr branch lp:~tyhicks/ecryptfs/cid1375979
Only Tyler Hicks can upload to this branch. If you are Tyler Hicks please log in for upload directions.

Branch merges

Related bugs

Related blueprints

Branch information

Tyler Hicks

Recent revisions

894. By Tyler Hicks on 2017-06-09

Remove unreachable code when parsing mount opt name value pairs

Revision 886 introduced a change to the mount option parsing code for
name-value pairs. A break was added to a loop once the first '=' is seen.
Before the break was added, it was possible that a '=' would be seen, then
memory allocated for the name portion of the string, then another '=' could be
seen and the previous name string be freed and then reallocated. However,
there's no longer a chance of needed to reallocate the name string so the
free() is not needed.

Discovered by Coverity (CID 1375979)

893. By Jason Xing on 2017-06-09

src/utils/ecryptfs-recover-private: Prevent ecryptfs-recover-private command is
terminated because of printing warnings. So just get rid of line "exit 1" in
the warn() function.

892. By Tyler Hicks on 2017-06-08

warn when recovering with a mount passphrase (LP: #1694272, LP: #1439825)

[tyhicks: add context to changelog entry and create helper warn() function]

891. By Tyler Hicks on 2017-06-08

ecryptfs-migrate-home: Pass --nopwcheck to ecryptfs-setup-private (LP: #1630477)

[tyhicks: Remove extra spaces in usage output and add changelog entry]

890. By Tyler Hicks on 2017-06-08

Fix build with OpenSSL 1.1.x (LP: #1670476)

[tyhicks: Add debian/changelog entry]

889. By Jason Xing on 2017-06-08

ecryptfs-mount-private -h prints short usage message (LP: #1449253)

[tyhicks: Add debian/changelog entry]

888. By Jason Xing on 2017-06-08

Fix loop in ecryptfs-manager when there are no options (LP: #1695767)

Reproduce case:
1) User doesn't install openssl.
2) Run ecryptfs-manager and make selection 3.
It goes in the infinite loop...which means whatever selection you enter next
cannot end this command or alter your option.

Explanation for the patch:
Adding several lines to take such a case into consideration, through testing
whether "num_transitions" is set to zero or not we could prevent the infinite
loop. If it is set to zero, it will return -EINVAL because "num_transitions"
means how many options this command could show to users and zero means that
user has no option to choose.

[tyhicks: Print to stderr, adjust error message, and add changelog entry]

887. By Tyler Hicks on 2017-05-25

Add Jason's mount option parser fix to debian/changelog

886. By Jason Xing on 2017-05-25

libecryptfs: Handle '=' characters in mount option string values

Users cannot mount ecryptfs with "-o passphrase_passwd_file=mykey" (<mykey> is
"passwd=123=abc") or "-o passwd=123=abc". Because the passphrase user uses
includes "=" character.

Because in the manner of process_comma_tok() function, ecryptfs will store
"passwd=123" as the @current->name and "abc" as @current->value. That will go
wrong when we go into tf_pass_file() function because it cannot match the name
"passphrase_passwd" or "passwd".

Add two lines in process_comma_tok() to change that case. If we match one "="
character in the string, we don't need to loop and match another "=" again.

885. By Tyler Hicks on 2016-07-15

debian/changelog: Annotate CVE-2015-8946 and CVE-2016-6224

Branch metadata

Branch format:
Branch format 7
Repository format:
Bazaar repository format 2a (needs bzr 1.16 or later)
Stacked on:
This branch contains Public information 
Everyone can see this information.