Windows: AFSRetrieveParentPath handle no parent

AFSRetrieveParentPath() when presented with a relative path that has no
parent will walk off the front of the FullFileName buffer.  Add checks to
ensure that Length never becomes less than zero.

Change-Id: I7d619dc569d6c002b1d236a9340921414c51647f
Reviewed-on: http://gerrit.openafs.org/11888
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Jeffrey Altman <jaltman@your-file-system.com>

diff --git a/src/WINNT/afsrdr/kernel/lib/AFSGeneric.cpp b/src/WINNT/afsrdr/kernel/lib/AFSGeneric.cpp
index f2ea340..2594416 100644 (file)
--- a/src/WINNT/afsrdr/kernel/lib/AFSGeneric.cpp
+++ b/src/WINNT/afsrdr/kernel/lib/AFSGeneric.cpp
@@ -9117,12 +9117,14 @@ AFSRetrieveParentPath( IN UNICODE_STRING *FullFileName,
     // If the final character is a \, jump over it
     //
 
-    if( ParentPath->Buffer[ (ParentPath->Length/sizeof( WCHAR)) - 1] == L'\\')
+    if( ParentPath->Length >= sizeof( WCHAR)
+       && ParentPath->Buffer[ (ParentPath->Length/sizeof( WCHAR)) - 1] == L'\\')
     {
         ParentPath->Length -= sizeof( WCHAR);
     }
 
-    while( ParentPath->Buffer[ (ParentPath->Length/sizeof( WCHAR)) - 1] != L'\\')
+    while( ParentPath->Length >= sizeof( WCHAR)
+          && ParentPath->Buffer[ (ParentPath->Length/sizeof( WCHAR)) - 1] != L'\\')
     {
         ParentPath->Length -= sizeof( WCHAR);
     }
@@ -9131,7 +9133,10 @@ AFSRetrieveParentPath( IN UNICODE_STRING *FullFileName,
     // And the separator
     //
 
-    ParentPath->Length -= sizeof( WCHAR);
+    if ( ParentPath->Length >= sizeof( WCHAR))
+    {
+       ParentPath->Length -= sizeof( WCHAR);
+    }
 
     return;
 }