FAT32: path traversal fails if the first directory is equal to the FAT volume label

[nkraetzschmar]

If the first component of a file path is equal to the FAT32 volume label then the function readDirWithMkdir incorrectly matches the volume label entry to the file name being searched for¹.

A very common scenario where this error can occur is trying to access files in the /EFI directory on an ESP partition with volume label EFI.

Steps to reproduce:

• build two FAT32 images (using mtools), one with LABEL=TEST, one with LABEL=EFI, both containing an /EFI directory:

#!/usr/bin/env bash

set -e

for i in TEST EFI; do
	truncate -s 256M disk_$i
	mformat -i disk_$i -F -v $i ::
	mmd -i disk_$i ::/EFI
	mdir -i disk_$i -/ ::
done

• try to read the /EFI directory on each using the following

package main

import (
	"fmt"
	"os"

	"github.com/diskfs/go-diskfs/filesystem/fat32"
)

func main() {
	paths := []string{"disk_TEST", "disk_EFI"}

	for _, path := range paths {
		file, err := os.Open(path)
		if err != nil {
			panic(err)
		}
		defer file.Close()

		fs, err := fat32.Read(file, 256*1024*1024, 0, 512)
		if err != nil {
			panic(err)
		}

		dir, err := fs.ReadDir("/EFI")
		if err != nil {
			panic(err)
		}

		fmt.Printf("%#v\n", dir)
	}
}

This results in the following output:

[]fs.FileInfo{fat32.FileInfo{modTime:time.Time{wall:0x0, ext:63868765252, loc:(*time.Location)(nil)}, mode:0x0, name:"", shortName:".", size:0, isDir:true}, fat32.FileInfo{modTime:time.Time{wall:0x0, ext:63868765252, loc:(*time.Location)(nil)}, mode:0x0, name:"", shortName:"..", size:0, isDir:true}}
panic: error reading directory /EFI: cannot create directory at /EFI since it is a file

The expected behaviour would obviously be, that this works for both disk images, regardless of the volume label.

Footnotes

1. https://github.com/diskfs/go-diskfs/blob/15ebb7b3fb4e7106cfad897d1939ccce8f51743a/filesystem/fat32/fat32.go#L997 ↩