From 6fcab431205e99dccf3e47d45b5a7c6562ef0d67 Mon Sep 17 00:00:00 2001
From: Bill Zissimopoulos <billziss@navimatics.com>
Date: Mon, 7 Dec 2015 13:01:40 -0800
Subject: [PATCH] sys: IRP_MJ_CREATE

---
 inc/winfsp/fsctl.h | 7 ++++---
 src/sys/create.c   | 9 +++++++++
 2 files changed, 13 insertions(+), 3 deletions(-)

diff --git a/inc/winfsp/fsctl.h b/inc/winfsp/fsctl.h
index c9b3f543..46a9c68d 100644
--- a/inc/winfsp/fsctl.h
+++ b/inc/winfsp/fsctl.h
@@ -104,9 +104,10 @@ typedef struct
             UINT16 Ea;                  /* reserved; not currently implemented */
             UINT16 EaSize;              /* reserved; not currently implemented */
             UINT32 UserMode:1;          /* request originated in user mode */
-            UINT32 HasTraversePrivilege:1; /* requestor has TOKEN_HAS_TRAVERSE_PRIVILEGE */
-            UINT32 OpenTargetDirectory:1; /* open target dir and report FILE_{EXISTS,DOES_NOT_EXIST} */
-            UINT32 CaseSensitive:1;     /* filename comparisons should be case-sensitive */
+            UINT32 HasTraversePrivilege:1;  /* requestor has TOKEN_HAS_TRAVERSE_PRIVILEGE */
+            UINT32 OpenTargetDirectory:1;   /* open target dir and report FILE_{EXISTS,DOES_NOT_EXIST} */
+            UINT32 HasTrailingBackslash:1;  /* original FileName (sent by CreateFile) has trailing backslash */
+            UINT32 CaseSensitive:1;         /* FileName comparisons should be case-sensitive */
         } Create;
         struct
         {
diff --git a/src/sys/create.c b/src/sys/create.c
index 7df70c54..ea37f2bb 100644
--- a/src/sys/create.c
+++ b/src/sys/create.c
@@ -268,6 +268,7 @@ static NTSTATUS FspFsvolCreate(
         Request->Req.Create.UserMode = UserMode == RequestorMode;
         Request->Req.Create.HasTraversePrivilege = HasTraversePrivilege;
         Request->Req.Create.OpenTargetDirectory = BooleanFlagOn(Flags, SL_OPEN_TARGET_DIRECTORY);
+        Request->Req.Create.HasTrailingBackslash = HasTrailingBackslash;
         Request->Req.Create.CaseSensitive = BooleanFlagOn(Flags, SL_CASE_SENSITIVE);
 
         /* copy the security descriptor into the request */
@@ -387,6 +388,8 @@ VOID FspFsvolCreateComplete(
     ULONG Flags = IrpSp->Flags;
     KPROCESSOR_MODE RequestorMode =
         FlagOn(Flags, SL_FORCE_ACCESS_CHECK) ? UserMode : Irp->RequestorMode;
+    BOOLEAN HasTrailingBackslash =
+        0 != ((FSP_FSCTL_TRANSACT_REQ *)Irp->Tail.Overlay.DriverContext[0])->Req.Create.HasTrailingBackslash;
     FSP_FILE_CONTEXT *FsContext = FileObject->FsContext;
     ACCESS_MASK GrantedAccess;
     BOOLEAN Inserted = FALSE;
@@ -511,6 +514,12 @@ VOID FspFsvolCreateComplete(
         FspFsvolCreateClose(Irp, Response);
         FSP_RETURN(Result = STATUS_FILE_IS_A_DIRECTORY);
     }
+    if (HasTrailingBackslash &&
+        !FlagOn(ResponseFileAttributes, FILE_ATTRIBUTE_DIRECTORY))
+    {
+        FspFsvolCreateClose(Irp, Response);
+        FSP_RETURN(Result = STATUS_OBJECT_NAME_INVALID);
+    }
 
     /* record the user-mode file system contexts */
     FsContext->UserContext = Response->Rsp.Create.Opened.UserContext;