wine/wine-staging
0
0
Fork 0
mirror of https://gitlab.winehq.org/wine/wine-staging.git synced 2025-04-13 14:42:51 -07:00
Code Issues Packages Projects Releases Wiki Activity

Fix invalid memory access and handle leak in Fix_Free / Junction_Point patches.

Browse Source
This commit is contained in:
Sebastian Lackner
2014-08-28 05:48:06 +02:00
parent f6566f892d
commit 9e6408add9
4 changed files with 68 additions and 21 deletions
Download Patch File Download Diff File Expand all files Collapse all files

35
patches/ntdll-Junction_Points/0005-kernel32-ntdll-Add-support-for-deleting-junction-poi.patch
View File

@@ -21,29 +21,28 @@ index eeba48a..b0b5ae9 100644
OBJECT_ATTRIBUTES attr;
UNICODE_STRING nt_name;
ANSI_STRING unix_name;
@@ -1614,16 +1615,23 @@ BOOL WINAPI RemoveDirectoryW( LPCWSTR path )
FILE_DIRECTORY_FILE | FILE_SYNCHRONOUS_IO_NONALERT );
if (status == STATUS_SUCCESS)
status = wine_nt_to_unix_file_name( &nt_name, &unix_name, FILE_OPEN, FALSE );
@@ -1620,13 +1621,21 @@ BOOL WINAPI RemoveDirectoryW( LPCWSTR path )
}
status = wine_nt_to_unix_file_name( &nt_name, &unix_name, FILE_OPEN, FALSE );
- RtlFreeUnicodeString( &nt_name );
if (status != STATUS_SUCCESS)
{
+ RtlFreeUnicodeString( &nt_name );
SetLastError( RtlNtStatusToDosError(status) );
RtlFreeAnsiString( &unix_name );
return FALSE;
}
- if (!(ret = (rmdir( unix_name.Buffer ) != -1))) FILE_SetDosError();
+ status = NtQueryAttributesFile( &attr, &info );
+ RtlFreeUnicodeString( &nt_name );
+ if ((info.FileAttributes & FILE_ATTRIBUTE_REPARSE_POINT) && (info.FileAttributes & FILE_ATTRIBUTE_DIRECTORY))
+ ret = (unlink( unix_name.Buffer ) != -1);
- else if (!(ret = (rmdir( unix_name.Buffer ) != -1)))
- FILE_SetDosError();
+ else
+ ret = (rmdir( unix_name.Buffer ) != -1);
+ if (!ret) FILE_SetDosError();
+
+ {
+ status = NtQueryAttributesFile( &attr, &info );
+ if (status == STATUS_SUCCESS && (info.FileAttributes & FILE_ATTRIBUTE_REPARSE_POINT) &&
+ (info.FileAttributes & FILE_ATTRIBUTE_DIRECTORY))
+ ret = (unlink( unix_name.Buffer ) != -1);
+ else
+ ret = (rmdir( unix_name.Buffer ) != -1);
+ if (!ret) FILE_SetDosError();
+ }
+ RtlFreeUnicodeString( &nt_name );
RtlFreeAnsiString( &unix_name );
NtClose( handle );
return ret;