From: Pádraig Brady <P@draigBrady.com>
Date: Wed, 20 Sep 2017 03:56:32 +0000 (-0700)
Subject: shred: reinstate --remove file name length obfuscation
X-Git-Tag: v8.29~59
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=c34f8d5c787e6f7f7a0fdcd5f8c8bcf845081584;p=thirdparty%2Fcoreutils.git

shred: reinstate --remove file name length obfuscation

This was unintentionally removed in v8.27-60-g2ae1460
* src/shred.c (wipename): Interate through all name lengths.
* tests/misc/shred-remove.sh: Add test cases.
* NEWS: Mention the bug fix.
Fixes https://bugs.gnu.org/28507
---

diff --git a/NEWS b/NEWS
index 4ebe3c6d61..15ae40bcbf 100644
--- a/NEWS
+++ b/NEWS
@@ -18,6 +18,10 @@ GNU coreutils NEWS                                    -*- outline -*-
   ptx -S no longer infloops for a pattern which returns zero-length matches.
   [the bug dates back to the initial implementation]
 
+  shred --remove will again repeatedly rename files with shortening names
+  to attempt to hide the original length of the file name.
+  [bug introduced in coreutils-8.28]
+
 
 * Noteworthy changes in release 8.28 (2017-09-01) [stable]
 
diff --git a/src/shred.c b/src/shred.c
index d1d3883a31..f2b5d27d5e 100644
--- a/src/shred.c
+++ b/src/shred.c
@@ -1117,7 +1117,6 @@ wipename (char *oldname, char const *qoldname, struct Options const *flags)
                 first = false;
               }
             memcpy (oldname + (base - newname), base, len + 1);
-            break;
           }
       }
 
diff --git a/tests/misc/shred-remove.sh b/tests/misc/shred-remove.sh
index 985a4ab10f..8720eafb29 100755
--- a/tests/misc/shred-remove.sh
+++ b/tests/misc/shred-remove.sh
@@ -44,4 +44,24 @@ done
 touch $file || framework_failure_
 returns_ 1 shred -n0 --remove=none $file 2>/dev/null || fail=1
 
+# Ensure rename passes complete.
+# coreutils-8.28 did not do the decreasing length rename
+# which may have leaked the length of the removed file name
+printf 0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ_. |
+sed 's/./&\n/g' | xargs touch || framework_failure_  # test level exhaustion
+touch test 000 || framework_failure_  # test level increment
+shred -vu test 2>out || fail=1
+cat <<\EOF >exp || framework_failure_
+shred: test: removing
+shred: test: renamed to 0000
+shred: 0000: renamed to 001
+shred: 001: renamed to 00
+shred: test: removed
+EOF
+compare exp out || fail=1
+
+# Ensure renames are only retried for EEXIST
+mkdir rodir && cd rodir && touch $file && chmod a-w . || framework_failure_
+returns_ 1 timeout 10 shred -u $file || fail=1
+
 Exit $fail