From 2210561b659d0d8893a504c66c6de4daad3c9d5a Mon Sep 17 00:00:00 2001
From: Bill Zissimopoulos <billziss@navimatics.com>
Date: Sat, 31 Dec 2016 11:22:27 -0800
Subject: [PATCH] sys: FspIopDispatchComplete: check user mode file system
 response

---
 src/sys/driver.h | 2 +-
 src/sys/iop.c    | 7 +++++--
 2 files changed, 6 insertions(+), 3 deletions(-)

diff --git a/src/sys/driver.h b/src/sys/driver.h
index 216bc0b8..f160beb6 100644
--- a/src/sys/driver.h
+++ b/src/sys/driver.h
@@ -914,7 +914,7 @@ BOOLEAN FspIopRetryCompleteIrp(PIRP Irp, const FSP_FSCTL_TRANSACT_RSP *Response,
 VOID FspIopSetIrpResponse(PIRP Irp, const FSP_FSCTL_TRANSACT_RSP *Response);
 FSP_FSCTL_TRANSACT_RSP *FspIopIrpResponse(PIRP Irp);
 NTSTATUS FspIopDispatchPrepare(PIRP Irp, FSP_FSCTL_TRANSACT_REQ *Request);
-NTSTATUS FspIopDispatchComplete(PIRP Irp, const FSP_FSCTL_TRANSACT_RSP *Response);
+NTSTATUS FspIopDispatchComplete(PIRP Irp, FSP_FSCTL_TRANSACT_RSP *Response);
 static inline
 VOID FspIrpDeleteRequest(PIRP Irp)
 {
diff --git a/src/sys/iop.c b/src/sys/iop.c
index 58f466ad..53b6603b 100644
--- a/src/sys/iop.c
+++ b/src/sys/iop.c
@@ -33,7 +33,7 @@ BOOLEAN FspIopRetryCompleteIrp(PIRP Irp, const FSP_FSCTL_TRANSACT_RSP *Response,
 VOID FspIopSetIrpResponse(PIRP Irp, const FSP_FSCTL_TRANSACT_RSP *Response);
 FSP_FSCTL_TRANSACT_RSP *FspIopIrpResponse(PIRP Irp);
 NTSTATUS FspIopDispatchPrepare(PIRP Irp, FSP_FSCTL_TRANSACT_REQ *Request);
-NTSTATUS FspIopDispatchComplete(PIRP Irp, const FSP_FSCTL_TRANSACT_RSP *Response);
+NTSTATUS FspIopDispatchComplete(PIRP Irp, FSP_FSCTL_TRANSACT_RSP *Response);
 
 #ifdef ALLOC_PRAGMA
 #pragma alloc_text(PAGE, FspIopCreateRequestFunnel)
@@ -448,7 +448,7 @@ NTSTATUS FspIopDispatchPrepare(PIRP Irp, FSP_FSCTL_TRANSACT_REQ *Request)
         return STATUS_SUCCESS;
 }
 
-NTSTATUS FspIopDispatchComplete(PIRP Irp, const FSP_FSCTL_TRANSACT_RSP *Response)
+NTSTATUS FspIopDispatchComplete(PIRP Irp, FSP_FSCTL_TRANSACT_RSP *Response)
 {
     PAGED_CODE();
 
@@ -457,6 +457,9 @@ NTSTATUS FspIopDispatchComplete(PIRP Irp, const FSP_FSCTL_TRANSACT_RSP *Response
     ASSERT(IRP_MJ_MAXIMUM_FUNCTION >= IrpSp->MajorFunction);
     ASSERT(0 != FspIopCompleteFunction[IrpSp->MajorFunction]);
 
+    if (STATUS_PENDING == Response->IoStatus.Status ||
+        FlagOn(Response->IoStatus.Status, FSP_STATUS_PRIVATE_BIT | FSP_STATUS_IGNORE_BIT))
+        Response->IoStatus.Status = (UINT32)STATUS_INTERNAL_ERROR;
     return FspIopCompleteFunction[IrpSp->MajorFunction](Irp, Response);
 }