From: Peter Scott Date: Mon, 31 Oct 2011 22:07:23 +0000 (-0400) Subject: Windows: correct ordering of reparse point tests X-Git-Tag: upstream/1.8.0_pre1^2~3106 X-Git-Url: https://git.michaelhowe.org/gitweb/?a=commitdiff_plain;h=ee8b6d34fa7d562f94469e2b8098ccc0507d5876;p=packages%2Fo%2Fopenafs.git Windows: correct ordering of reparse point tests Test for whether an object is a reparse point before testing whether the provided buffer is large enough to hold the result if it is. FSCTL_GET_REPARSE_POINT FSCTL_SET_REPARSE_POINT FSCTL_DELETE_REPARSE_POINT Change-Id: If6c1b9b6e5853d7759f169943310321d408190e0 Reviewed-on: http://gerrit.openafs.org/5748 Reviewed-by: Rod Widdowson Reviewed-by: Jeffrey Altman Tested-by: Jeffrey Altman --- diff --git a/src/WINNT/afsrdr/kernel/lib/AFSFSControl.cpp b/src/WINNT/afsrdr/kernel/lib/AFSFSControl.cpp index 546cd0e33..659454ee5 100644 --- a/src/WINNT/afsrdr/kernel/lib/AFSFSControl.cpp +++ b/src/WINNT/afsrdr/kernel/lib/AFSFSControl.cpp @@ -309,18 +309,6 @@ AFSProcessUserFsRequest( IN PIRP Irp) AFS_TRACE_LEVEL_VERBOSE_2, "AFSProcessUserFsRequest Processing FSCTL_GET_REPARSE_POINT request\n"); - if( ulOutputBufferLen < FIELD_OFFSET( REPARSE_GUID_DATA_BUFFER, GenericReparseBuffer.DataBuffer)) - { - - ntStatus = STATUS_BUFFER_TOO_SMALL; - - Irp->IoStatus.Information = FIELD_OFFSET( REPARSE_GUID_DATA_BUFFER, GenericReparseBuffer.DataBuffer); - - break; - } - - ulRemainingLen -= FIELD_OFFSET( REPARSE_GUID_DATA_BUFFER, GenericReparseBuffer.DataBuffer); - // // Check if we have the reparse entry set on the entry // @@ -333,6 +321,18 @@ AFSProcessUserFsRequest( IN PIRP Irp) break; } + if( ulOutputBufferLen < FIELD_OFFSET( REPARSE_GUID_DATA_BUFFER, GenericReparseBuffer.DataBuffer)) + { + + ntStatus = STATUS_BUFFER_TOO_SMALL; + + Irp->IoStatus.Information = FIELD_OFFSET( REPARSE_GUID_DATA_BUFFER, GenericReparseBuffer.DataBuffer); + + break; + } + + ulRemainingLen -= FIELD_OFFSET( REPARSE_GUID_DATA_BUFFER, GenericReparseBuffer.DataBuffer); + // // Populate the data in the reparse buffer // @@ -554,14 +554,6 @@ AFSProcessUserFsRequest( IN PIRP Irp) AFS_TRACE_LEVEL_VERBOSE_2, "AFSProcessUserFsRequest Processing FSCTL_SET_REPARSE_POINT request\n"); - if( ulInputBufferLen < FIELD_OFFSET( REPARSE_GUID_DATA_BUFFER, GenericReparseBuffer.DataBuffer)) - { - - ntStatus = STATUS_INVALID_PARAMETER; - - break; - } - // // Check if we have the reparse entry set on the entry // @@ -574,6 +566,14 @@ AFSProcessUserFsRequest( IN PIRP Irp) break; } + if( ulInputBufferLen < FIELD_OFFSET( REPARSE_GUID_DATA_BUFFER, GenericReparseBuffer.DataBuffer)) + { + + ntStatus = STATUS_INVALID_PARAMETER; + + break; + } + if( pReparseBuffer->ReparseTag != IO_REPARSE_TAG_OPENAFS_DFS) { @@ -608,14 +608,6 @@ AFSProcessUserFsRequest( IN PIRP Irp) AFS_TRACE_LEVEL_VERBOSE_2, "AFSProcessUserFsRequest Processing FSCTL_DELETE_REPARSE_POINT request\n"); - if( ulInputBufferLen < FIELD_OFFSET( REPARSE_GUID_DATA_BUFFER, GenericReparseBuffer.DataBuffer)) - { - - ntStatus = STATUS_INVALID_PARAMETER; - - break; - } - // // Check if we have the reparse entry set on the entry // @@ -628,6 +620,14 @@ AFSProcessUserFsRequest( IN PIRP Irp) break; } + if( ulInputBufferLen < FIELD_OFFSET( REPARSE_GUID_DATA_BUFFER, GenericReparseBuffer.DataBuffer)) + { + + ntStatus = STATUS_INVALID_PARAMETER; + + break; + } + if( pReparseBuffer->ReparseTag != IO_REPARSE_TAG_OPENAFS_DFS) {