From 5a28e79cccabfe38a24c26ec0ba2b5fb0a17bc18 Mon Sep 17 00:00:00 2001
From: Thomas Faber <thomas.faber@reactos.org>
Date: Mon, 16 Nov 2015 11:01:36 +0000
Subject: [PATCH] [CDFS] - Don't access file name buffer if its Length is zero
 in CdfsMakeAbsoluteFilename CORE-10459

svn path=/trunk/; revision=69896
---
 reactos/drivers/filesystems/cdfs/create.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/reactos/drivers/filesystems/cdfs/create.c b/reactos/drivers/filesystems/cdfs/create.c
index d0c8010742b..1cac86cfbec 100644
--- a/reactos/drivers/filesystems/cdfs/create.c
+++ b/reactos/drivers/filesystems/cdfs/create.c
@@ -50,7 +50,8 @@ CdfsMakeAbsoluteFilename(PFILE_OBJECT FileObject,
     /* verify related object is a directory and target name
     don't start with \. */
     if ((Fcb->Entry.FileFlags & FILE_FLAG_DIRECTORY) == 0 ||
-        RelativeFileName->Buffer[0] == L'\\')
+        (RelativeFileName->Length >= sizeof(WCHAR) &&
+         RelativeFileName->Buffer[0] == L'\\'))
     {
         return STATUS_INVALID_PARAMETER;
     }
-- 
2.17.1