Windows: correct ordering of reparse point tests

Test for whether an object is a reparse point before testing
whether the provided buffer is large enough to hold the result
if it is.

FSCTL_GET_REPARSE_POINT
FSCTL_SET_REPARSE_POINT
FSCTL_DELETE_REPARSE_POINT

Change-Id: If6c1b9b6e5853d7759f169943310321d408190e0
Reviewed-on: http://gerrit.openafs.org/5748
Reviewed-by: Rod Widdowson <rdw@steadingsoftware.com>
Reviewed-by: Jeffrey Altman <jaltman@secure-endpoints.com>
Tested-by: Jeffrey Altman <jaltman@secure-endpoints.com>

diff --git a/src/WINNT/afsrdr/kernel/lib/AFSFSControl.cpp b/src/WINNT/afsrdr/kernel/lib/AFSFSControl.cpp
index 546cd0e..659454e 100644 (file)
--- a/src/WINNT/afsrdr/kernel/lib/AFSFSControl.cpp
+++ b/src/WINNT/afsrdr/kernel/lib/AFSFSControl.cpp
@@ -309,18 +309,6 @@ AFSProcessUserFsRequest( IN PIRP Irp)
                               AFS_TRACE_LEVEL_VERBOSE_2,
                               "AFSProcessUserFsRequest Processing FSCTL_GET_REPARSE_POINT request\n");
 
-                if( ulOutputBufferLen < FIELD_OFFSET( REPARSE_GUID_DATA_BUFFER, GenericReparseBuffer.DataBuffer))
-                {
-
-                    ntStatus = STATUS_BUFFER_TOO_SMALL;
-
-                    Irp->IoStatus.Information = FIELD_OFFSET( REPARSE_GUID_DATA_BUFFER, GenericReparseBuffer.DataBuffer);
-
-                    break;
-                }
-
-                ulRemainingLen -= FIELD_OFFSET( REPARSE_GUID_DATA_BUFFER, GenericReparseBuffer.DataBuffer);
-
                 //
                 // Check if we have the reparse entry set on the entry
                 //
@@ -333,6 +321,18 @@ AFSProcessUserFsRequest( IN PIRP Irp)
                     break;
                 }
 
+                if( ulOutputBufferLen < FIELD_OFFSET( REPARSE_GUID_DATA_BUFFER, GenericReparseBuffer.DataBuffer))
+                {
+
+                    ntStatus = STATUS_BUFFER_TOO_SMALL;
+
+                    Irp->IoStatus.Information = FIELD_OFFSET( REPARSE_GUID_DATA_BUFFER, GenericReparseBuffer.DataBuffer);
+
+                    break;
+                }
+
+                ulRemainingLen -= FIELD_OFFSET( REPARSE_GUID_DATA_BUFFER, GenericReparseBuffer.DataBuffer);
+
                 //
                 // Populate the data in the reparse buffer
                 //
@@ -554,14 +554,6 @@ AFSProcessUserFsRequest( IN PIRP Irp)
                               AFS_TRACE_LEVEL_VERBOSE_2,
                               "AFSProcessUserFsRequest Processing FSCTL_SET_REPARSE_POINT request\n");
 
-                if( ulInputBufferLen < FIELD_OFFSET( REPARSE_GUID_DATA_BUFFER, GenericReparseBuffer.DataBuffer))
-                {
-
-                    ntStatus = STATUS_INVALID_PARAMETER;
-
-                    break;
-                }
-
                 //
                 // Check if we have the reparse entry set on the entry
                 //
@@ -574,6 +566,14 @@ AFSProcessUserFsRequest( IN PIRP Irp)
                     break;
                 }
 
+                if( ulInputBufferLen < FIELD_OFFSET( REPARSE_GUID_DATA_BUFFER, GenericReparseBuffer.DataBuffer))
+                {
+
+                    ntStatus = STATUS_INVALID_PARAMETER;
+
+                    break;
+                }
+
                 if( pReparseBuffer->ReparseTag != IO_REPARSE_TAG_OPENAFS_DFS)
                 {
 
@@ -608,14 +608,6 @@ AFSProcessUserFsRequest( IN PIRP Irp)
                               AFS_TRACE_LEVEL_VERBOSE_2,
                               "AFSProcessUserFsRequest Processing FSCTL_DELETE_REPARSE_POINT request\n");
 
-                if( ulInputBufferLen < FIELD_OFFSET( REPARSE_GUID_DATA_BUFFER, GenericReparseBuffer.DataBuffer))
-                {
-
-                    ntStatus = STATUS_INVALID_PARAMETER;
-
-                    break;
-                }
-
                 //
                 // Check if we have the reparse entry set on the entry
                 //
@@ -628,6 +620,14 @@ AFSProcessUserFsRequest( IN PIRP Irp)
                     break;
                 }
 
+                if( ulInputBufferLen < FIELD_OFFSET( REPARSE_GUID_DATA_BUFFER, GenericReparseBuffer.DataBuffer))
+                {
+
+                    ntStatus = STATUS_INVALID_PARAMETER;
+
+                    break;
+                }
+
                 if( pReparseBuffer->ReparseTag != IO_REPARSE_TAG_OPENAFS_DFS)
                 {