Merge branch 'release/2.6.5'

pom.xml

@@ -2,7 +2,7 @@
 	<modelVersion>4.0.0</modelVersion>
 	<groupId>org.cryptomator</groupId>
 	<artifactId>cryptofs</artifactId>
-	<version>2.6.4</version>
+	<version>2.6.5</version>
 	<name>Cryptomator Crypto Filesystem</name>
 	<description>This library provides the Java filesystem provider used by Cryptomator.</description>
 	<url>https://github.com/cryptomator/cryptofs</url>
@@ -21,7 +21,7 @@
 		<cryptolib.version>2.1.2</cryptolib.version>
 		<jwt.version>4.3.0</jwt.version>
 		<dagger.version>2.44.2</dagger.version>
-		<guava.version>31.1-jre</guava.version>
+		<guava.version>32.0.0-jre</guava.version>
 		<caffeine.version>3.1.4</caffeine.version>
 		<slf4j.version>2.0.3</slf4j.version>
 

src/main/java/org/cryptomator/cryptofs/fh/ChunkCache.java

@@ -86,9 +86,10 @@ public Chunk putChunk(long chunkIndex, ByteBuffer chunkData) throws IllegalArgum
 				if (chunk == null) {
 					chunk = new Chunk(chunkData, true, () -> releaseChunk(chunkIndex));
 				} else {
-					var dst = chunk.data().duplicate().clear();
+					var dst = chunk.data().clear();
 					Preconditions.checkArgument(chunkData.remaining() == dst.remaining());
-					dst.put(chunkData);
+					dst.put(chunkData) //
+							.flip();
 					chunk.dirty().set(true);
 				}
 				chunk.currentAccesses().incrementAndGet();

src/test/java/org/cryptomator/cryptofs/CryptoFileChannelWriteReadIntegrationTest.java

@@ -53,7 +53,6 @@
 import java.util.concurrent.Executors;
 import java.util.concurrent.TimeUnit;
 import java.util.concurrent.atomic.AtomicBoolean;
-import java.util.concurrent.atomic.AtomicInteger;
 import java.util.stream.IntStream;
 import java.util.stream.Stream;
 
@@ -175,6 +174,25 @@ public void afterEach() throws IOException {
 			Files.deleteIfExists(file);
 		}
 
+		//https://github.com/cryptomator/cryptofs/issues/173
+		@Test
+		@DisplayName("First incomplete, then completely filled chunks are stored completely")
+		public void testFullChunksAreSavedCompletely() throws IOException {
+			int halfAChunk = 16_384; //half of cleartext chunk size
+			try (var writer = FileChannel.open(file, CREATE, WRITE)) {
+				writer.write(ByteBuffer.allocate(3 * halfAChunk), 0); //fill chunk 0, half fill chunk 1
+				writer.write(ByteBuffer.allocate(5 * halfAChunk), 0); //fill chunks 0 and 1, half fill chunk 2
+			}
+
+			try (var reader = FileChannel.open(file, CREATE, READ)) {
+				Assertions.assertAll(() -> reader.read(ByteBuffer.allocate(2 * halfAChunk), 0), //read chunk 0
+						() -> reader.read(ByteBuffer.allocate(2 * halfAChunk), 2 * halfAChunk), //read chunk 1
+						() -> reader.read(ByteBuffer.allocate(halfAChunk), 4 * halfAChunk) //read chunk 2
+				);
+			}
+
+		}
+
 		@Test
 		public void testLockEmptyChannel() throws IOException {
 			try (FileChannel ch = FileChannel.open(file, CREATE, WRITE)) {

src/test/java/org/cryptomator/cryptofs/CryptoFileSystemsTest.java

@@ -70,9 +70,9 @@ public class CryptoFileSystemsTest {
 	@BeforeEach
 	public void setup() throws IOException, MasterkeyLoadingFailedException {
 		vaultConficClass = Mockito.mockStatic(VaultConfig.class);
-		filesClass = Mockito.mockStatic(Files.class);
 		cryptorProviderClass = Mockito.mockStatic(CryptorProvider.class);
 		backupHelperClass = Mockito.mockStatic(BackupHelper.class);
+		filesClass = Mockito.mockStatic(Files.class);
 
 		when(pathToVault.normalize()).thenReturn(normalizedPathToVault);
 		when(normalizedPathToVault.resolve("vault.cryptomator")).thenReturn(configFilePath);

suppression.xml

@@ -9,12 +9,4 @@
 		<cpe>cpe:/a:cryptomator:cryptomator</cpe>
 		<cve>CVE-2022-25366</cve>
 	</suppress>
-	<suppress>
-		<notes><![CDATA[
-  		Suppress false positive, because com.google.common.io.Files.createTempDir() is not used
-   ]]></notes>
-		<packageUrl regex="true">^pkg:maven/com\.google\.guava/guava@.*$</packageUrl>
-		<vulnerabilityName>CVE-2020-8908</vulnerabilityName>
-		<cve>CVE-2020-8908</cve>
-	</suppress>
 </suppressions>