https://git.reactos.org/?p=reactos.git;a=commitdiff;h=ede7a20a17e59476a181b326d6050b12580f7813
commit ede7a20a17e59476a181b326d6050b12580f7813 Author: Nguyen Trung Khanh <[email protected]> AuthorDate: Fri Sep 11 19:47:43 2020 +0700 Commit: GitHub <[email protected]> CommitDate: Fri Sep 11 15:47:43 2020 +0300 [FILESYSTEMS] Fix pool memory disclosure in NtQueryAttributesFile handlers (#2926) Fix pool memory disclosure caused by alignment bytes at the end of the _FILE_BASIC_INFORMATION structure --- drivers/filesystems/cdfs/fileinfo.c | 2 ++ drivers/filesystems/fastfat/finfo.c | 2 ++ drivers/filesystems/ntfs/finfo.c | 2 ++ drivers/filesystems/reiserfs/src/fileinfo.c | 4 +++- 4 files changed, 9 insertions(+), 1 deletion(-) diff --git a/drivers/filesystems/cdfs/fileinfo.c b/drivers/filesystems/cdfs/fileinfo.c index 62c929bac4a..40056c586f6 100644 --- a/drivers/filesystems/cdfs/fileinfo.c +++ b/drivers/filesystems/cdfs/fileinfo.c @@ -899,6 +899,8 @@ Return Value: // We only support creation, last modify and last write times on Cdfs. // + RtlZeroMemory(Buffer, sizeof(FILE_BASIC_INFORMATION)); + Buffer->LastWriteTime.QuadPart = Buffer->CreationTime.QuadPart = Buffer->ChangeTime.QuadPart = Fcb->CreationTime; diff --git a/drivers/filesystems/fastfat/finfo.c b/drivers/filesystems/fastfat/finfo.c index 576adb2e18d..755ba6a9917 100644 --- a/drivers/filesystems/fastfat/finfo.c +++ b/drivers/filesystems/fastfat/finfo.c @@ -293,6 +293,8 @@ VfatGetBasicInformation( if (*BufferLength < sizeof(FILE_BASIC_INFORMATION)) return STATUS_BUFFER_OVERFLOW; + RtlZeroMemory(BasicInfo, sizeof(FILE_BASIC_INFORMATION)); + if (vfatVolumeIsFatX(DeviceExt)) { FsdDosDateTimeToSystemTime(DeviceExt, diff --git a/drivers/filesystems/ntfs/finfo.c b/drivers/filesystems/ntfs/finfo.c index d7a55cbad39..757c971e159 100644 --- a/drivers/filesystems/ntfs/finfo.c +++ b/drivers/filesystems/ntfs/finfo.c @@ -107,6 +107,8 @@ NtfsGetBasicInformation(PFILE_OBJECT FileObject, if (*BufferLength < sizeof(FILE_BASIC_INFORMATION)) return STATUS_BUFFER_TOO_SMALL; + RtlZeroMemory(BasicInfo, sizeof(FILE_BASIC_INFORMATION)); + BasicInfo->CreationTime.QuadPart = FileName->CreationTime; BasicInfo->LastAccessTime.QuadPart = FileName->LastAccessTime; BasicInfo->LastWriteTime.QuadPart = FileName->LastWriteTime; diff --git a/drivers/filesystems/reiserfs/src/fileinfo.c b/drivers/filesystems/reiserfs/src/fileinfo.c index 4e24380b68b..8e7c16b94d5 100644 --- a/drivers/filesystems/reiserfs/src/fileinfo.c +++ b/drivers/filesystems/reiserfs/src/fileinfo.c @@ -3,7 +3,7 @@ * PROJECT: ReiserFs file system driver for Windows NT/2000/XP/Vista. * FILE: fileinfo.c * PURPOSE: - * PROGRAMMER: Mark Piper, Matt Wu, Bo Brant�n. + * PROGRAMMER: Mark Piper, Matt Wu, Bo Brantén. * HOMEPAGE: * UPDATE HISTORY: */ @@ -140,6 +140,8 @@ RfsdQueryInformation (IN PRFSD_IRP_CONTEXT IrpContext) } FileBasicInformation = (PFILE_BASIC_INFORMATION) Buffer; + + RtlZeroMemory(FileBasicInformation, sizeof(FILE_BASIC_INFORMATION)); FileBasicInformation->CreationTime = RfsdSysTime(Fcb->Inode->i_ctime);
