mirrors/reactos
0
0
Fork 0
mirror of https://github.com/reactos/reactos.git synced 2024-11-30 23:13:31 +08:00
Code Issues Packages Projects Releases Wiki Activity

[MOUNTMGR] Fix bugs in MountMgrQueryDosVolumePath

Browse Source 
- Do not access uninitialized SymlinkInformation on failure case
  and just return
- Do not make an assumption that MOUNTMGR_TARGET_NAME has a zero-string
This commit is contained in:
Victor Perevertkin 2020-12-16 01:12:26 +03:00
parent 96ae15ac4b
commit f9f5a78715
No known key found for this signature in database
GPG Key ID: C750B7222E9C7830
1 changed files with 4 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
drivers/storage/mountmgr/device.c
View File

@ -865,7 +865,8 @@ MountMgrQueryDosVolumePath(IN PDEVICE_EXTENSION DeviceExtension,
}
/* Validate the entry structure size */
if (Target->DeviceNameLength + sizeof(UNICODE_NULL) > Stack->Parameters.DeviceIoControl.InputBufferLength)
if ((FIELD_OFFSET(MOUNTMGR_TARGET_NAME, DeviceNameLength) + Target->DeviceNameLength) >
Stack->Parameters.DeviceIoControl.InputBufferLength)
{
return STATUS_INVALID_PARAMETER;
}
@ -878,7 +879,7 @@ MountMgrQueryDosVolumePath(IN PDEVICE_EXTENSION DeviceExtension,
/* Construct string for query */
SymbolicName.Length = Target->DeviceNameLength;
SymbolicName.MaximumLength = Target->DeviceNameLength + sizeof(UNICODE_NULL);
SymbolicName.MaximumLength = Target->DeviceNameLength;
SymbolicName.Buffer = Target->DeviceName;
/* Find device with our info */
@ -911,7 +912,7 @@ MountMgrQueryDosVolumePath(IN PDEVICE_EXTENSION DeviceExtension,
/* We didn't find, break */
if (SymlinksEntry == &(DeviceInformation->SymbolicLinksListHead))
{
break;
return STATUS_NOT_FOUND;
}
/* It doesn't have associated device, go to fallback method */