projects / reactos.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
[NTOSKRNL] In IopQueryNameInternal() don't copy name if it's not valid
[reactos.git] / ntoskrnl / io / iomgr / file.c
diff --git a/ntoskrnl/io/iomgr/file.c b/ntoskrnl/io/iomgr/file.c
index 1fb6918..0fbac2c 100644 (file)
--- a/ntoskrnl/io/iomgr/file.c
+++ b/ntoskrnl/io/iomgr/file.c
@@ -2004,6 +2004,14 @@ IopQueryNameInternal(IN PVOID ObjectBody,
                                 (ULONG_PTR)ObjectNameInfo +
                                 LocalFileInfo->FileNameLength);
 
+    /* Don't copy the name if it's not valid */
+    if (LocalFileInfo->FileName[0] != OBJ_NAME_PATH_SEPARATOR)
+    {
+        /* Free the allocated buffer and return failure */
+        ExFreePoolWithTag(LocalInfo, TAG_IO);
+        return STATUS_OBJECT_PATH_INVALID;
+    }
+
     /* Write the Name and null-terminate it */
     RtlCopyMemory(p, LocalFileInfo->FileName, FileLength);
     p += (FileLength / sizeof(WCHAR));
A free Windows-compatible Operating System