sys: IRP_MJ_CREATE: disallow trailing backslash without FILE_DIRECTORY_FILE

2025-04-22 08:23:05 -05:00 · 2015-12-07 20:33:02 -08:00 · 2015-12-07 20:33:02 -08:00 · 6c29a98e90
commit 6c29a98e90
parent c381549efc
2 changed files with 5 additions and 11 deletions
--- a/inc/winfsp/fsctl.h
+++ b/inc/winfsp/fsctl.h
@ -107,7 +107,6 @@ typedef struct
            UINT32 HasTraversePrivilege:1;  /* requestor has TOKEN_HAS_TRAVERSE_PRIVILEGE */
            UINT32 OpenTargetDirectory:1;   /* open target dir and report FILE_{EXISTS,DOES_NOT_EXIST} */
            UINT32 CaseSensitive:1;         /* FileName comparisons should be case-sensitive */
-            UINT32 HasTrailingBackslash:1;  /* reserved: do not use */
        } Create;
        struct
        {
--- a/src/sys/create.c
+++ b/src/sys/create.c
@ -179,6 +179,11 @@ static NTSTATUS FspFsvolCreate(
                goto exit;
            }
        }
+        if (HasTrailingBackslash && !FlagOn(CreateOptions, FILE_DIRECTORY_FILE))
+        {
+            Result = STATUS_OBJECT_NAME_INVALID;
+            goto exit;
+        }

        /* is this a relative or absolute open? */
        if (0 != RelatedFileObject)
@ -268,7 +273,6 @@ static NTSTATUS FspFsvolCreate(
        Request->Req.Create.UserMode = UserMode == RequestorMode;
        Request->Req.Create.HasTraversePrivilege = HasTraversePrivilege;
        Request->Req.Create.OpenTargetDirectory = BooleanFlagOn(Flags, SL_OPEN_TARGET_DIRECTORY);
-        Request->Req.Create.HasTrailingBackslash = HasTrailingBackslash;
        Request->Req.Create.CaseSensitive = BooleanFlagOn(Flags, SL_CASE_SENSITIVE);

        /* copy the security descriptor into the request */
@ -389,7 +393,6 @@ VOID FspFsvolCreateComplete(
    ULONG Flags = IrpSp->Flags;
    KPROCESSOR_MODE RequestorMode =
        FlagOn(Flags, SL_FORCE_ACCESS_CHECK) ? UserMode : Irp->RequestorMode;
-    BOOLEAN HasTrailingBackslash = 0 != FspIrpContextRequest(Irp)->Req.Create.HasTrailingBackslash;
    FSP_FILE_CONTEXT *FsContext = FileObject->FsContext;
    ACCESS_MASK GrantedAccess;
    BOOLEAN Inserted = FALSE;
@ -459,14 +462,6 @@ VOID FspFsvolCreateComplete(
    FsContext->UserContext = Response->Rsp.Create.Opened.UserContext;
    FileObject->FsContext2 = (PVOID)(UINT_PTR)Response->Rsp.Create.Opened.UserContext2;

-    /* check for trailing backslash */
-    if (HasTrailingBackslash &&
-        !FileCreated && !FlagOn(ResponseFileAttributes, FILE_ATTRIBUTE_DIRECTORY))
-    {
-        FspFsvolCreateClose(Irp, Response);
-        FSP_RETURN(Result = STATUS_OBJECT_NAME_INVALID);
-    }
-
    /* are we doing access checks? */
    if (!FsvrtDeviceExtension->VolumeParams.NoSystemAccessCheck)
    {