From f910f0bacc1469816d57c6e4ffff41f50e477dae Mon Sep 17 00:00:00 2001
From: Bill Zissimopoulos <billziss@navimatics.com>
Date: Mon, 30 Nov 2015 17:43:14 -0800
Subject: [PATCH] dll: fsctl: testing

---
 inc/winfsp/fsctl.h | 3 +++
 src/dll/fsctl.c    | 5 +++--
 src/sys/fsctl.c    | 2 +-
 3 files changed, 7 insertions(+), 3 deletions(-)

diff --git a/inc/winfsp/fsctl.h b/inc/winfsp/fsctl.h
index 7ec3a279..251291ab 100644
--- a/inc/winfsp/fsctl.h
+++ b/inc/winfsp/fsctl.h
@@ -35,6 +35,9 @@ extern const __declspec(selectany) GUID FspFsvrtDeviceClassGuid =
 
 #define FSP_FSCTL_CREATE_BUFFER_SIZE    128
 #define FSP_FSCTL_TRANSACT_BUFFER_SIZE  (16 * 1024)
+
+#define FSP_FSCTL_VOLUME_PARAMS_SIZE    \
+    FSP_FSCTL_ALIGN_UP(sizeof(FSP_FSCTL_VOLUME_PARAMS), FSP_FSCTL_DEFAULT_ALIGNMENT)
 #define FSP_FSCTL_TRANSACT_REQ_SIZEMAX  \
     FSP_FSCTL_ALIGN_UP(sizeof(FSP_FSCTL_TRANSACT_REQ) + 1024 * sizeof(WCHAR), FSP_FSCTL_DEFAULT_ALIGNMENT)
 #define FSP_FSCTL_TRANSACT_RSP_SIZEMAX  \
diff --git a/src/dll/fsctl.c b/src/dll/fsctl.c
index 28bf80e2..d3e498a7 100644
--- a/src/dll/fsctl.c
+++ b/src/dll/fsctl.c
@@ -86,13 +86,14 @@ FSP_API NTSTATUS FspFsctlCreateVolume(PWSTR DevicePath,
         Result = FspNtStatusFromWin32(GetLastError());
         goto exit;
     }
-    ParamsBuf = malloc(sizeof *ParamsBuf + SecurityDescriptorSize);
+    ParamsBuf = malloc(FSP_FSCTL_VOLUME_PARAMS_SIZE + SecurityDescriptorSize);
     if (0 == ParamsBuf)
     {
         Result = STATUS_INSUFFICIENT_RESOURCES;
         goto exit;
     }
-    SecurityDescriptorBuf = (PVOID)(ParamsBuf + 1);
+    memset(ParamsBuf, 0, FSP_FSCTL_VOLUME_PARAMS_SIZE);
+    SecurityDescriptorBuf = (PVOID)((PUINT8)ParamsBuf + FSP_FSCTL_VOLUME_PARAMS_SIZE);
     if (!MakeSelfRelativeSD(SecurityDescriptor, SecurityDescriptorBuf, &SecurityDescriptorSize))
     {
         Result = FspNtStatusFromWin32(GetLastError());
diff --git a/src/sys/fsctl.c b/src/sys/fsctl.c
index 881366a2..23a67c6e 100644
--- a/src/sys/fsctl.c
+++ b/src/sys/fsctl.c
@@ -107,7 +107,7 @@ static NTSTATUS FspFsctlCreateVolume(
     ULONG OutputBufferLength = IrpSp->Parameters.FileSystemControl.OutputBufferLength;
     PVOID SystemBuffer = Irp->AssociatedIrp.SystemBuffer;
     const FSP_FSCTL_VOLUME_PARAMS *Params = SystemBuffer;
-    PSECURITY_DESCRIPTOR SecurityDescriptor = (PVOID)(Params + 1);
+    PSECURITY_DESCRIPTOR SecurityDescriptor = (PVOID)((PUINT8)Params + FSP_FSCTL_VOLUME_PARAMS_SIZE);
     DWORD SecurityDescriptorSize = InputBufferLength - sizeof *Params;
     if (sizeof *Params >= InputBufferLength || 0 == SystemBuffer ||
         !FspValidRelativeSecurityDescriptor(SecurityDescriptor, SecurityDescriptorSize,