From 1876aff99c8349ca50ac562e369f16fc0ba03909 Mon Sep 17 00:00:00 2001
From: Bill Zissimopoulos <billziss@navimatics.com>
Date: Sun, 10 Apr 2016 18:50:12 -0700
Subject: [PATCH] sys: FspVolumeCreate: check VolumeParams->Prefix for proper
 syntax

---
 src/sys/volume.c | 13 +++++++++++++
 1 file changed, 13 insertions(+)

diff --git a/src/sys/volume.c b/src/sys/volume.c
index 775768b5..5bcb61eb 100644
--- a/src/sys/volume.c
+++ b/src/sys/volume.c
@@ -115,8 +115,21 @@ NTSTATUS FspVolumeCreate(
         for (; 0 < PrefixLength && L'\\' == VolumeParams.Prefix[PrefixLength - 1]; PrefixLength--)
             ;
         VolumeParams.Prefix[PrefixLength] = L'\0';
+
+        /* volume prefix cannot be the empty string */
         if (0 == PrefixLength)
             return STATUS_INVALID_PARAMETER;
+
+        /* volume prefix must start with exactly one backslash */
+        if (L'\\' != VolumeParams.Prefix[0] || L'\\' == VolumeParams.Prefix[1])
+            return STATUS_INVALID_PARAMETER;
+
+        /* volume prefix must have at least one other backslash */
+        USHORT I;
+        for (I = 1; L'\0' != VolumeParams.Prefix[I] && L'\\' != VolumeParams.Prefix[I]; I++)
+            ;
+        if (I == PrefixLength)
+            return STATUS_INVALID_PARAMETER;
     }
 
     /* create volume guid */