sys: FspFileNameIsValid, FspFileNameIsValidPattern: check path component length

tst: memfs: allow filenames to be 512 chars long
2025-07-02 17:02:57 -05:00 · 2016-12-18 11:51:23 -08:00
parent c780912810
commit 94ea4f65f7
7 changed files with 57 additions and 23 deletions
--- a/src/sys/create.c
+++ b/src/sys/create.c
@ -299,7 +299,7 @@ static NTSTATUS FspFsvolCreateNoLock(
    ASSERT(NT_SUCCESS(Result));

    /* check filename validity */
-    if (!FspFileNameIsValid(&FileNode->FileName,
+    if (!FspFileNameIsValid(&FileNode->FileName, FsvolDeviceExtension->VolumeParams.MaxComponentLength,
        FsvolDeviceExtension->VolumeParams.NamedStreams ? &StreamPart : 0,
        &StreamType))
    {
--- a/src/sys/dirctl.c
+++ b/src/sys/dirctl.c
@ -617,6 +617,7 @@ static NTSTATUS FspFsvolQueryDirectory(
        return STATUS_INVALID_DEVICE_REQUEST;

    NTSTATUS Result;
+    FSP_FSVOL_DEVICE_EXTENSION *FsvolDeviceExtension = FspFsvolDeviceExtension(FsvolDeviceObject);
    PFILE_OBJECT FileObject = IrpSp->FileObject;
    FSP_FILE_NODE *FileNode = FileObject->FsContext;
    FILE_INFORMATION_CLASS FileInformationClass = IrpSp->Parameters.QueryDirectory.FileInformationClass;
@ -636,7 +637,8 @@ static NTSTATUS FspFsvolQueryDirectory(
        return STATUS_INVALID_PARAMETER;

    /* check that FileName is valid (if supplied) */
-    if (0 != FileName && !FspFileNameIsValidPattern(FileName))
+    if (0 != FileName &&
+        !FspFileNameIsValidPattern(FileName, FsvolDeviceExtension->VolumeParams.MaxComponentLength))
        return STATUS_INVALID_PARAMETER;

    /* is this an allowed file information class? */
--- a/src/sys/driver.h
+++ b/src/sys/driver.h
@ -437,8 +437,9 @@ enum
    FspFileNameStreamTypeNone           = 0,
    FspFileNameStreamTypeData           = 1,
 };
-BOOLEAN FspFileNameIsValid(PUNICODE_STRING Path, PUNICODE_STRING StreamPart, PULONG StreamType);
-BOOLEAN FspFileNameIsValidPattern(PUNICODE_STRING Pattern);
+BOOLEAN FspFileNameIsValid(PUNICODE_STRING Path, ULONG MaxComponentLength,
+    PUNICODE_STRING StreamPart, PULONG StreamType);
+BOOLEAN FspFileNameIsValidPattern(PUNICODE_STRING Pattern, ULONG MaxComponentLength);
 VOID FspFileNameSuffix(PUNICODE_STRING Path, PUNICODE_STRING Remain, PUNICODE_STRING Suffix);
 #if 0
 NTSTATUS FspFileNameUpcase(
--- a/src/sys/file.c
+++ b/src/sys/file.c
@ -1911,7 +1911,9 @@ NTSTATUS FspMainFileOpen(
    PFILE_OBJECT MainFileObject;

    /* assert that the supplied name is actually a main file name */
-    ASSERT(FspFileNameIsValid(MainFileName, 0, 0));
+    ASSERT(FspFileNameIsValid(MainFileName,
+        FsvolDeviceExtension->VolumeParams.MaxComponentLength,
+        0, 0));

    *PMainFileHandle = 0;
    *PMainFileObject = 0;
--- a/src/sys/fileinfo.c
+++ b/src/sys/fileinfo.c
@ -1170,6 +1170,7 @@ static NTSTATUS FspFsvolSetRenameInformation(
    PAGED_CODE();

    NTSTATUS Result;
+    FSP_FSVOL_DEVICE_EXTENSION *FsvolDeviceExtension = FspFsvolDeviceExtension(FsvolDeviceObject);
    PFILE_OBJECT FileObject = IrpSp->FileObject;
    PFILE_OBJECT TargetFileObject = IrpSp->Parameters.SetFile.FileObject;
    BOOLEAN ReplaceIfExists = IrpSp->Parameters.SetFile.ReplaceIfExists;
@ -1195,7 +1196,9 @@ static NTSTATUS FspFsvolSetRenameInformation(
    if (FileNode->IsRootDirectory)
        /* cannot rename root directory */
        return STATUS_INVALID_PARAMETER;
-    if (!FspFileNameIsValid(&FileNode->FileName, 0, 0))
+    if (!FspFileNameIsValid(&FileNode->FileName,
+        FsvolDeviceExtension->VolumeParams.MaxComponentLength,
+        0, 0))
        /* cannot rename streams (WinFsp limitation) */
        return STATUS_INVALID_PARAMETER;

@ -1229,7 +1232,12 @@ retry:
            }
        Suffix.MaximumLength = Suffix.Length;

-        if (!FspFileNameIsValid(&Remain, 0, 0) || !FspFileNameIsValid(&Suffix, 0, 0))
+        if (!FspFileNameIsValid(&Remain,
+                FsvolDeviceExtension->VolumeParams.MaxComponentLength,
+                0, 0) ||
+            !FspFileNameIsValid(&Suffix,
+                FsvolDeviceExtension->VolumeParams.MaxComponentLength,
+                0, 0))
        {
            /* cannot rename streams (WinFsp limitation) */
            Result = STATUS_INVALID_PARAMETER;
--- a/src/sys/name.c
+++ b/src/sys/name.c
@ -17,8 +17,9 @@

 #include <sys/driver.h>

-BOOLEAN FspFileNameIsValid(PUNICODE_STRING Path, PUNICODE_STRING StreamPart, PULONG StreamType);
-BOOLEAN FspFileNameIsValidPattern(PUNICODE_STRING Pattern);
+BOOLEAN FspFileNameIsValid(PUNICODE_STRING Path, ULONG MaxComponentLength,
+    PUNICODE_STRING StreamPart, PULONG StreamType);
+BOOLEAN FspFileNameIsValidPattern(PUNICODE_STRING Pattern, ULONG MaxComponentLength);
 VOID FspFileNameSuffix(PUNICODE_STRING Path, PUNICODE_STRING Remain, PUNICODE_STRING Suffix);
 NTSTATUS FspFileNameInExpression(
    PUNICODE_STRING Expression,
@ -34,7 +35,8 @@ NTSTATUS FspFileNameInExpression(
 #pragma alloc_text(PAGE, FspFileNameInExpression)
 #endif

-BOOLEAN FspFileNameIsValid(PUNICODE_STRING Path, PUNICODE_STRING StreamPart, PULONG StreamType)
+BOOLEAN FspFileNameIsValid(PUNICODE_STRING Path, ULONG MaxComponentLength,
+    PUNICODE_STRING StreamPart, PULONG StreamType)
 {
    PAGED_CODE();

@ -44,7 +46,7 @@ BOOLEAN FspFileNameIsValid(PUNICODE_STRING Path, PUNICODE_STRING StreamPart, PUL
    if (0 == Path->Length || 0 != Path->Length % sizeof(WCHAR))
        return FALSE;

-    PWSTR PathBgn, PathEnd, PathPtr, StreamTypeStr = 0;
+    PWSTR PathBgn, PathEnd, PathPtr, ComponentPtr, StreamTypeStr = 0;
    UCHAR Flags = FSRTL_NTFS_LEGAL;
    ULONG Colons = 0;
    WCHAR Char;
@ -52,6 +54,7 @@ BOOLEAN FspFileNameIsValid(PUNICODE_STRING Path, PUNICODE_STRING StreamPart, PUL
    PathBgn = Path->Buffer;
    PathEnd = (PWSTR)((PUINT8)PathBgn + Path->Length);
    PathPtr = PathBgn;
+    ComponentPtr = PathPtr;

    while (PathEnd > PathPtr)
    {
@ -63,7 +66,12 @@ BOOLEAN FspFileNameIsValid(PUNICODE_STRING Path, PUNICODE_STRING StreamPart, PUL
            if (0 < Colons)
                return FALSE;

+            /* path component cannot be longer than MaxComponentLength */
+            if (PathPtr - ComponentPtr > MaxComponentLength)
+                return FALSE;
+
            PathPtr++;
+            ComponentPtr = PathPtr;

            /* don't like multiple backslashes */
            if (PathEnd > PathPtr && L'\\' == *PathPtr)
@ -106,6 +114,10 @@ BOOLEAN FspFileNameIsValid(PUNICODE_STRING Path, PUNICODE_STRING StreamPart, PUL
            PathPtr++;
    }

+    /* path component cannot be longer than MaxComponentLength */
+    if (PathPtr - ComponentPtr > MaxComponentLength)
+        return FALSE;
+
    /* if we had no colons the path is valid */
    if (0 == Colons)
        return TRUE;
@ -133,19 +145,20 @@ BOOLEAN FspFileNameIsValid(PUNICODE_STRING Path, PUNICODE_STRING StreamPart, PUL
    return FALSE;
 }

-BOOLEAN FspFileNameIsValidPattern(PUNICODE_STRING Path)
+BOOLEAN FspFileNameIsValidPattern(PUNICODE_STRING Path, ULONG MaxComponentLength)
 {
    PAGED_CODE();

    if (0 != Path->Length % sizeof(WCHAR))
        return FALSE;

-    PWSTR PathBgn, PathEnd, PathPtr;
+    PWSTR PathBgn, PathEnd, PathPtr, ComponentPtr;
    WCHAR Char;

    PathBgn = Path->Buffer;
    PathEnd = (PWSTR)((PUINT8)PathBgn + Path->Length);
    PathPtr = PathBgn;
+    ComponentPtr = PathPtr;

    while (PathEnd > PathPtr)
    {
@ -167,6 +180,10 @@ BOOLEAN FspFileNameIsValidPattern(PUNICODE_STRING Path)
            PathPtr++;
    }

+    /* path component cannot be longer than MaxComponentLength */
+    if (PathPtr - ComponentPtr > MaxComponentLength)
+        return FALSE;
+
    return TRUE;
 }