X-Git-Url: https://wimlib.net/git/?p=wimlib;a=blobdiff_plain;f=src%2Fwin32_capture.c;h=e89d098ccae37a79f1102450192c18c97298b19f;hp=4556ba915c85ff833d537988a51a21462e244d3c;hb=55a72fc546978ea0502ef0d0eba73ffd6c3ee785;hpb=067245fb775d108fd06b0628935ece5dd94b58ce diff --git a/src/win32_capture.c b/src/win32_capture.c index 4556ba91..e89d098c 100644 --- a/src/win32_capture.c +++ b/src/win32_capture.c @@ -7,20 +7,18 @@ /* * Copyright (C) 2013, 2014 Eric Biggers * - * This file is part of wimlib, a library for working with WIM files. + * This file is free software; you can redistribute it and/or modify it under + * the terms of the GNU Lesser General Public License as published by the Free + * Software Foundation; either version 3 of the License, or (at your option) any + * later version. * - * wimlib is free software; you can redistribute it and/or modify it under the - * terms of the GNU General Public License as published by the Free - * Software Foundation; either version 3 of the License, or (at your option) - * any later version. - * - * wimlib is distributed in the hope that it will be useful, but WITHOUT ANY - * WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR - * A PARTICULAR PURPOSE. See the GNU General Public License for more + * This file is distributed in the hope that it will be useful, but WITHOUT + * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS + * FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more * details. * - * You should have received a copy of the GNU General Public License - * along with wimlib; if not, see http://www.gnu.org/licenses/. + * You should have received a copy of the GNU Lesser General Public License + * along with this file; if not, see http://www.gnu.org/licenses/. */ #ifdef __WIN32__ @@ -29,8 +27,11 @@ # include "config.h" #endif +#include + #include "wimlib/win32_common.h" +#include "wimlib/assert.h" #include "wimlib/capture.h" #include "wimlib/dentry.h" #include "wimlib/encoding.h" @@ -40,12 +41,9 @@ #include "wimlib/paths.h" #include "wimlib/reparse.h" -#include - struct winnt_scan_stats { unsigned long num_get_sd_access_denied; unsigned long num_get_sacl_priv_notheld; - unsigned long num_long_path_warnings; }; static inline const wchar_t * @@ -225,7 +223,7 @@ read_win32_encrypted_file_prefix(const struct wim_lookup_table_entry *lte, ret = WIMLIB_ERR_READ; } else if (export_ctx.bytes_remaining != 0) { ERROR("Only could read %"PRIu64" of %"PRIu64" bytes from " - "encryted file \"%ls\"", + "encrypted file \"%ls\"", size - export_ctx.bytes_remaining, size, printable_path(lte->file_on_disk)); ret = WIMLIB_ERR_READ; @@ -264,7 +262,7 @@ winnt_get_short_name(HANDLE h, struct wim_dentry *dentry) } /* - * Load the security descriptor of a file into the corresponding inode, and the + * Load the security descriptor of a file into the corresponding inode and the * WIM image's security descriptor set. */ static NTSTATUS @@ -279,10 +277,27 @@ winnt_get_security_descriptor(HANDLE h, struct wim_inode *inode, ULONG len_needed; NTSTATUS status; - requestedInformation = DACL_SECURITY_INFORMATION | + /* + * LABEL_SECURITY_INFORMATION is needed on Windows Vista and 7 because + * Microsoft decided to add mandatory integrity labels to the SACL but + * not have them returned by SACL_SECURITY_INFORMATION. + * + * BACKUP_SECURITY_INFORMATION is needed on Windows 8 because Microsoft + * decided to add even more stuff to the SACL and still not have it + * returned by SACL_SECURITY_INFORMATION; but they did remember that + * backup applications exist and simply want to read the stupid thing + * once and for all, so they added a flag to read the entire security + * descriptor. + * + * Older versions of Windows tolerate these new flags being passed in. + */ + requestedInformation = OWNER_SECURITY_INFORMATION | + GROUP_SECURITY_INFORMATION | + DACL_SECURITY_INFORMATION | SACL_SECURITY_INFORMATION | - OWNER_SECURITY_INFORMATION | - GROUP_SECURITY_INFORMATION; + LABEL_SECURITY_INFORMATION | + BACKUP_SECURITY_INFORMATION; + buf = _buf; bufsize = sizeof(_buf); @@ -340,7 +355,9 @@ winnt_get_security_descriptor(HANDLE h, struct wim_inode *inode, if (requestedInformation & SACL_SECURITY_INFORMATION) { /* Try again without the SACL. */ stats->num_get_sacl_priv_notheld++; - requestedInformation &= ~SACL_SECURITY_INFORMATION; + requestedInformation &= ~(SACL_SECURITY_INFORMATION | + LABEL_SECURITY_INFORMATION | + BACKUP_SECURITY_INFORMATION); break; } /* Fake success (useful when capturing as @@ -369,7 +386,7 @@ winnt_build_dentry_tree_recursive(struct wim_dentry **root_ret, size_t full_path_nchars, const wchar_t *filename, size_t filename_nchars, - struct add_image_params *params, + struct capture_params *params, struct winnt_scan_stats *stats, u32 vol_flags); @@ -378,7 +395,7 @@ winnt_recurse_directory(HANDLE h, wchar_t *full_path, size_t full_path_nchars, struct wim_dentry *parent, - struct add_image_params *params, + struct capture_params *params, struct winnt_scan_stats *stats, u32 vol_flags) { @@ -407,11 +424,18 @@ winnt_recurse_directory(HANDLE h, info->FileName[1] == L'.')) { wchar_t *p; + wchar_t *filename; struct wim_dentry *child; p = full_path + full_path_nchars; - *p++ = L'\\'; - p = wmempcpy(p, info->FileName, + /* Only add a backslash if we don't already have + * one. This prevents a duplicate backslash + * from being added when the path to the capture + * dir had a trailing backslash. */ + if (*(p - 1) != L'\\') + *p++ = L'\\'; + filename = p; + p = wmempcpy(filename, info->FileName, info->FileNameLength / 2); *p = '\0'; @@ -420,7 +444,7 @@ winnt_recurse_directory(HANDLE h, h, full_path, p - full_path, - full_path + full_path_nchars + 1, + filename, info->FileNameLength / 2, params, stats, @@ -454,9 +478,6 @@ out_free_buf: /* Reparse point fixup status code */ enum rp_status { - /* Reparse point should be excluded from capture */ - RP_EXCLUDED = -0, - /* Reparse point will be captured literally (no fixup) */ RP_NOT_FIXED = -1, @@ -589,13 +610,29 @@ out_close_root_dir: return p; } -static enum rp_status +static int +winnt_rpfix_progress(struct capture_params *params, const wchar_t *path, + const struct reparse_data *rpdata, int scan_status) +{ + size_t print_name_nchars = rpdata->print_name_nbytes / sizeof(wchar_t); + wchar_t print_name0[print_name_nchars + 1]; + + wmemcpy(print_name0, rpdata->print_name, print_name_nchars); + print_name0[print_name_nchars] = L'\0'; + + params->progress.scan.cur_path = printable_path(path); + params->progress.scan.symlink_target = print_name0; + return do_capture_progress(params, scan_status, NULL); +} + +static int winnt_try_rpfix(u8 *rpbuf, u16 *rpbuflen_p, u64 capture_root_ino, u64 capture_root_dev, - const wchar_t *path, struct add_image_params *params) + const wchar_t *path, struct capture_params *params) { struct reparse_data rpdata; const wchar_t *rel_target; + int ret; if (parse_reparse_data(rpbuf, *rpbuflen_p, &rpdata)) { /* Couldn't even understand the reparse data. Don't try the @@ -634,18 +671,13 @@ winnt_try_rpfix(u8 *rpbuf, u16 *rpbuflen_p, capture_root_ino, capture_root_dev); if (!rel_target) { - /* Target points outside of the tree being captured. Exclude - * this reparse point from the capture (but inform the library - * user). */ - size_t print_name_nchars = rpdata.print_name_nbytes / sizeof(wchar_t); - wchar_t print_name0[print_name_nchars + 1]; - print_name0[print_name_nchars] = L'\0'; - wmemcpy(print_name0, rpdata.print_name, print_name_nchars); - - params->progress.scan.cur_path = printable_path(path); - params->progress.scan.symlink_target = print_name0; - do_capture_progress(params, WIMLIB_SCAN_DENTRY_EXCLUDED_SYMLINK, NULL); - return RP_EXCLUDED; + /* Target points outside of the tree being captured. Don't + * adjust it. */ + ret = winnt_rpfix_progress(params, path, &rpdata, + WIMLIB_SCAN_DENTRY_NOT_FIXED_SYMLINK); + if (ret) + return ret; + return RP_NOT_FIXED; } if (rel_target == rpdata.substitute_name) { @@ -655,7 +687,7 @@ winnt_try_rpfix(u8 *rpbuf, u16 *rpbuflen_p, } /* We have an absolute target pointing within the directory being - * captured, @rel_target is the suffix of the link target that is the + * captured. @rel_target is the suffix of the link target that is the * part relative to the directory being captured. * * We will cut off the prefix before this part (which is the path to the @@ -684,6 +716,10 @@ winnt_try_rpfix(u8 *rpbuf, u16 *rpbuflen_p, if (make_reparse_buffer(&rpdata, rpbuf, rpbuflen_p)) return RP_NOT_FIXED; } + ret = winnt_rpfix_progress(params, path, &rpdata, + WIMLIB_SCAN_DENTRY_FIXED_SYMLINK); + if (ret) + return ret; return RP_FIXED; } @@ -698,7 +734,7 @@ winnt_try_rpfix(u8 *rpbuf, u16 *rpbuflen_p, * Path to the reparse point file. * @params: * Capture parameters. add_flags, capture_root_ino, capture_root_dev, - * progress_func, and progress are used. + * progfunc, progctx, and progress are used. * @rpbuf: * Buffer of length at least REPARSE_POINT_MAX_SIZE bytes into which the * reparse point buffer will be loaded. @@ -706,12 +742,12 @@ winnt_try_rpfix(u8 *rpbuf, u16 *rpbuflen_p, * On success, the length of the reparse point buffer in bytes is written * to this location. * - * On success, returns a nonpositive `enum rp_status' value. + * On success, returns a negative `enum rp_status' value. * On failure, returns a positive error code. */ static int winnt_get_reparse_data(HANDLE h, const wchar_t *path, - struct add_image_params *params, + struct capture_params *params, u8 *rpbuf, u16 *rpbuflen_ret) { DWORD bytes_returned; @@ -785,6 +821,39 @@ win32_get_encrypted_file_size(const wchar_t *path, u64 *size_ret) return ret; } +static int +winnt_load_encrypted_stream_info(struct wim_inode *inode, const wchar_t *nt_path, + struct list_head *unhashed_streams) +{ + struct wim_lookup_table_entry *lte = new_lookup_table_entry(); + int ret; + + if (unlikely(!lte)) + return WIMLIB_ERR_NOMEM; + + lte->file_on_disk = WCSDUP(nt_path); + if (unlikely(!lte->file_on_disk)) { + free_lookup_table_entry(lte); + return WIMLIB_ERR_NOMEM; + } + lte->resource_location = RESOURCE_WIN32_ENCRYPTED; + + /* OpenEncryptedFileRaw() expects a Win32 name. */ + wimlib_assert(!wmemcmp(lte->file_on_disk, L"\\??\\", 4)); + lte->file_on_disk[1] = L'\\'; + + ret = win32_get_encrypted_file_size(lte->file_on_disk, <e->size); + if (unlikely(ret)) { + free_lookup_table_entry(lte); + return ret; + } + + lte->file_inode = inode; + add_unhashed_stream(lte, inode, 0, unhashed_streams); + inode->i_lte = lte; + return 0; +} + static bool get_data_stream_name(const wchar_t *raw_stream_name, size_t raw_stream_name_nchars, const wchar_t **stream_name_ret, size_t *stream_name_nchars_ret) @@ -869,6 +938,12 @@ winnt_scan_stream(const wchar_t *path, size_t path_nchars, sizeof(wchar_t)); if (!ads_entry) return WIMLIB_ERR_NOMEM; + } else if (inode->i_attributes & (FILE_ATTRIBUTE_REPARSE_POINT | + FILE_ATTRIBUTE_ENCRYPTED)) + { + /* Ignore unnamed data stream of reparse point or encrypted file + */ + return 0; } else { ads_entry = NULL; } @@ -894,27 +969,6 @@ winnt_scan_stream(const wchar_t *path, size_t path_nchars, lte->file_on_disk = stream_path; lte->resource_location = RESOURCE_IN_WINNT_FILE_ON_DISK; lte->size = stream_size; - if ((inode->i_attributes & FILE_ATTRIBUTE_ENCRYPTED) && !ads_entry) { - /* Special case for encrypted file. */ - - /* OpenEncryptedFileRaw() expects Win32 name, not NT name. - * Change \??\ into \\?\ */ - lte->file_on_disk[1] = L'\\'; - wimlib_assert(!wmemcmp(lte->file_on_disk, L"\\\\?\\", 4)); - - u64 encrypted_size; - int ret; - - ret = win32_get_encrypted_file_size(lte->file_on_disk, - &encrypted_size); - if (ret) { - free_lookup_table_entry(lte); - return ret; - } - lte->size = encrypted_size; - lte->resource_location = RESOURCE_WIN32_ENCRYPTED; - } - if (ads_entry) { stream_id = ads_entry->stream_id; ads_entry->lte = lte; @@ -922,6 +976,7 @@ winnt_scan_stream(const wchar_t *path, size_t path_nchars, stream_id = 0; inode->i_lte = lte; } + lte->file_inode = inode; add_unhashed_stream(lte, inode, stream_id, unhashed_streams); return 0; } @@ -941,7 +996,7 @@ winnt_scan_stream(const wchar_t *path, size_t path_nchars, * already present in Windows XP. */ static int -winnt_scan_streams(HANDLE *hFile_p, const wchar_t *path, size_t path_nchars, +winnt_scan_streams(HANDLE h, const wchar_t *path, size_t path_nchars, struct wim_inode *inode, struct list_head *unhashed_streams, u64 file_size, u32 vol_flags) { @@ -960,7 +1015,7 @@ winnt_scan_streams(HANDLE *hFile_p, const wchar_t *path, size_t path_nchars, goto unnamed_only; /* Get a buffer containing the stream information. */ - while (!NT_SUCCESS(status = (*func_NtQueryInformationFile)(*hFile_p, + while (!NT_SUCCESS(status = (*func_NtQueryInformationFile)(h, &iosb, buf, bufsize, @@ -1004,14 +1059,6 @@ winnt_scan_streams(HANDLE *hFile_p, const wchar_t *path, size_t path_nchars, goto out_free_buf; } - if (unlikely(inode->i_attributes & FILE_ATTRIBUTE_ENCRYPTED)) { - /* OpenEncryptedFileRaw() seems to fail with - * ERROR_SHARING_VIOLATION if there are any handles opened to - * the file. */ - (*func_NtClose)(*hFile_p); - *hFile_p = INVALID_HANDLE_VALUE; - } - /* Parse one or more stream information structures. */ info = (const FILE_STREAM_INFORMATION *)buf; for (;;) { @@ -1061,39 +1108,61 @@ winnt_build_dentry_tree_recursive(struct wim_dentry **root_ret, size_t full_path_nchars, const wchar_t *filename, size_t filename_nchars, - struct add_image_params *params, + struct capture_params *params, struct winnt_scan_stats *stats, u32 vol_flags) { struct wim_dentry *root = NULL; struct wim_inode *inode = NULL; - HANDLE h = INVALID_HANDLE_VALUE; + HANDLE h = NULL; int ret; NTSTATUS status; FILE_ALL_INFORMATION file_info; u8 *rpbuf; u16 rpbuflen; u16 not_rpfixed; + ACCESS_MASK requestedPerms; - if (should_exclude_path(full_path + params->capture_root_nchars, - full_path_nchars - params->capture_root_nchars, - params->config)) - { - ret = 0; + ret = try_exclude(full_path, full_path_nchars, params); + if (ret < 0) /* Excluded? */ goto out_progress; - } + if (ret > 0) /* Error? */ + goto out; /* Open the file. */ + requestedPerms = FILE_READ_DATA | + FILE_READ_ATTRIBUTES | + READ_CONTROL | + ACCESS_SYSTEM_SECURITY | + SYNCHRONIZE; +retry_open: status = winnt_openat(cur_dir, (cur_dir ? filename : full_path), (cur_dir ? filename_nchars : full_path_nchars), - FILE_READ_DATA | - FILE_READ_ATTRIBUTES | - READ_CONTROL | - ACCESS_SYSTEM_SECURITY | - SYNCHRONIZE, + requestedPerms, &h); if (unlikely(!NT_SUCCESS(status))) { + if (status == STATUS_DELETE_PENDING) { + WARNING("\"%ls\": Deletion pending; skipping file", + printable_path(full_path)); + ret = 0; + goto out; + } + if (status == STATUS_ACCESS_DENIED && + (requestedPerms & FILE_READ_DATA)) { + /* This happens on encrypted files. */ + requestedPerms &= ~FILE_READ_DATA; + goto retry_open; + } + + if (status == STATUS_FVE_LOCKED_VOLUME) { + ERROR("\"%ls\": Can't open file " + "(encrypted volume has not been unlocked)", + printable_path(full_path)); + ret = WIMLIB_ERR_FVE_LOCKED_VOLUME; + goto out; + } + set_errno_from_nt_status(status); ERROR_WITH_ERRNO("\"%ls\": Can't open file " "(status=0x%08"PRIx32")", @@ -1123,6 +1192,15 @@ winnt_build_dentry_tree_recursive(struct wim_dentry **root_ret, } } + if (unlikely(!(requestedPerms & FILE_READ_DATA)) && + !(file_info.BasicInformation.FileAttributes & FILE_ATTRIBUTE_ENCRYPTED)) + { + ERROR("\"%ls\": Permission to read data was denied", + printable_path(full_path)); + ret = WIMLIB_ERR_OPEN; + goto out; + } + if (unlikely(!cur_dir)) { /* Root of tree being captured; get volume information. */ @@ -1188,9 +1266,6 @@ winnt_build_dentry_tree_recursive(struct wim_dentry **root_ret, ret = winnt_get_reparse_data(h, full_path, params, rpbuf, &rpbuflen); switch (ret) { - case RP_EXCLUDED: - ret = 0; - goto out; case RP_FIXED: not_rpfixed = 0; break; @@ -1209,13 +1284,17 @@ winnt_build_dentry_tree_recursive(struct wim_dentry **root_ret, * However, we need to explicitly check for directories and files with * only 1 link and refuse to hard link them. This is because Windows * has a bug where it can return duplicate File IDs for files and - * directories on the FAT filesystem. */ + * directories on the FAT filesystem. + * + * Since we don't follow mount points on Windows, we don't need to query + * the volume ID per-file. Just once, for the root, is enough. But we + * can't simply pass 0, because then there could be inode collisions + * among multiple calls to win32_build_dentry_tree() that are scanning + * files on different volumes. */ ret = inode_table_new_dentry(params->inode_table, filename, file_info.InternalInformation.IndexNumber.QuadPart, - 0, /* We don't follow mount points, so we - currently don't need to get the - volume ID / device number. */ + params->capture_root_dev, (file_info.StandardInformation.NumberOfLinks <= 1 || (file_info.BasicInformation.FileAttributes & FILE_ATTRIBUTE_DIRECTORY)), @@ -1240,7 +1319,6 @@ winnt_build_dentry_tree_recursive(struct wim_dentry **root_ret, if (inode->i_nlink > 1) { /* Shared inode (hard link); skip reading per-inode information. */ - ret = 0; goto out_progress; } @@ -1261,7 +1339,7 @@ winnt_build_dentry_tree_recursive(struct wim_dentry **root_ret, if (!NT_SUCCESS(status)) { set_errno_from_nt_status(status); ERROR_WITH_ERRNO("\"%ls\": Can't read security " - "descriptor (status=0x%08"PRIu32")", + "descriptor (status=0x%08"PRIx32")", printable_path(full_path), (u32)status); ret = WIMLIB_ERR_STAT; @@ -1271,7 +1349,7 @@ winnt_build_dentry_tree_recursive(struct wim_dentry **root_ret, /* Load information about the unnamed data stream and any named data * streams. */ - ret = winnt_scan_streams(&h, + ret = winnt_scan_streams(h, full_path, full_path_nchars, inode, @@ -1281,21 +1359,42 @@ winnt_build_dentry_tree_recursive(struct wim_dentry **root_ret, if (ret) goto out; - if (unlikely(inode->i_attributes & FILE_ATTRIBUTE_REPARSE_POINT)) { - - /* Reparse point: set the reparse data (already read). */ - - inode->i_not_rpfixed = not_rpfixed; - inode->i_reparse_tag = le32_to_cpu(*(le32*)rpbuf); - ret = inode_set_unnamed_stream(inode, rpbuf + 8, rpbuflen - 8, - params->lookup_table); + if (unlikely(inode->i_attributes & FILE_ATTRIBUTE_ENCRYPTED)) { + /* Load information about the raw encrypted data. This is + * needed for any directory or non-directory that has + * FILE_ATTRIBUTE_ENCRYPTED set. + * + * Note: since OpenEncryptedFileRaw() fails with + * ERROR_SHARING_VIOLATION if there are any open handles to the + * file, we have to close the file and re-open it later if + * needed. */ + (*func_NtClose)(h); + h = NULL; + ret = winnt_load_encrypted_stream_info(inode, full_path, + params->unhashed_streams); if (ret) goto out; + } + + if (unlikely(inode->i_attributes & FILE_ATTRIBUTE_REPARSE_POINT)) { + if (unlikely(inode->i_attributes & FILE_ATTRIBUTE_ENCRYPTED)) { + WARNING("Ignoring reparse data of encrypted reparse point file \"%ls\"", + printable_path(full_path)); + } else { + /* Reparse point: set the reparse data (already read). */ + + inode->i_not_rpfixed = not_rpfixed; + inode->i_reparse_tag = le32_to_cpu(*(le32*)rpbuf); + ret = inode_set_unnamed_stream(inode, rpbuf + 8, rpbuflen - 8, + params->lookup_table); + if (ret) + goto out; + } } else if (inode->i_attributes & FILE_ATTRIBUTE_DIRECTORY) { /* Directory: recurse to children. */ - if (unlikely(h == INVALID_HANDLE_VALUE)) { + if (unlikely(!h)) { /* Re-open handle that was closed to read raw encrypted * data. */ status = winnt_openat(cur_dir, @@ -1329,16 +1428,18 @@ winnt_build_dentry_tree_recursive(struct wim_dentry **root_ret, out_progress: params->progress.scan.cur_path = printable_path(full_path); if (likely(root)) - do_capture_progress(params, WIMLIB_SCAN_DENTRY_OK, inode); + ret = do_capture_progress(params, WIMLIB_SCAN_DENTRY_OK, inode); else - do_capture_progress(params, WIMLIB_SCAN_DENTRY_EXCLUDED, NULL); + ret = do_capture_progress(params, WIMLIB_SCAN_DENTRY_EXCLUDED, NULL); out: - if (likely(h != INVALID_HANDLE_VALUE)) + if (likely(h)) (*func_NtClose)(h); - if (likely(ret == 0)) - *root_ret = root; - else + if (unlikely(ret)) { free_dentry_tree(root, params->lookup_table); + root = NULL; + ret = report_capture_error(params, ret, full_path); + } + *root_ret = root; return ret; } @@ -1370,13 +1471,13 @@ winnt_do_scan_warnings(const wchar_t *path, const struct winnt_scan_stats *stats int win32_build_dentry_tree(struct wim_dentry **root_ret, const wchar_t *root_disk_path, - struct add_image_params *params) + struct capture_params *params) { wchar_t *path; - DWORD dret; - size_t path_nchars; int ret; + UNICODE_STRING ntpath; struct winnt_scan_stats stats; + size_t ntpath_nchars; /* WARNING: There is no check for overflow later when this buffer is * being used! But it's as long as the maximum path length understood @@ -1385,33 +1486,36 @@ win32_build_dentry_tree(struct wim_dentry **root_ret, if (!path) return WIMLIB_ERR_NOMEM; - /* Translate into full path. */ - dret = GetFullPathName(root_disk_path, WINDOWS_NT_MAX_PATH - 3, - &path[4], NULL); - - if (unlikely(dret == 0 || dret >= WINDOWS_NT_MAX_PATH - 3)) { - ERROR("Can't get full path name for \"%ls\"", root_disk_path); - return WIMLIB_ERR_UNSUPPORTED; - } - - /* Add \??\ prefix to form the NT namespace path. */ - wmemcpy(path, L"\\??\\", 4); - path_nchars = dret + 4; + ret = win32_path_to_nt_path(root_disk_path, &ntpath); + if (ret) + goto out_free_path; - /* Strip trailing slashes. If we don't do this, we may create a path - * with multiple consecutive backslashes, which for some reason causes - * Windows to report that the file cannot be found. */ - while (unlikely(path[path_nchars - 1] == L'\\' && - path[path_nchars - 2] != L':')) - path[--path_nchars] = L'\0'; + if (ntpath.Length < 4 * sizeof(wchar_t) || + ntpath.Length > WINDOWS_NT_MAX_PATH * sizeof(wchar_t) || + wmemcmp(ntpath.Buffer, L"\\??\\", 4)) + { + ERROR("\"%ls\": unrecognized path format", root_disk_path); + ret = WIMLIB_ERR_INVALID_PARAM; + } else { + ntpath_nchars = ntpath.Length / sizeof(wchar_t); + wmemcpy(path, ntpath.Buffer, ntpath_nchars); + path[ntpath_nchars] = L'\0'; - params->capture_root_nchars = path_nchars; + params->capture_root_nchars = ntpath_nchars; + if (path[ntpath_nchars - 1] == L'\\') + params->capture_root_nchars--; + ret = 0; + } + HeapFree(GetProcessHeap(), 0, ntpath.Buffer); + if (ret) + goto out_free_path; memset(&stats, 0, sizeof(stats)); ret = winnt_build_dentry_tree_recursive(root_ret, NULL, - path, path_nchars, L"", 0, - params, &stats, 0); + path, ntpath_nchars, + L"", 0, params, &stats, 0); +out_free_path: FREE(path); if (ret == 0) winnt_do_scan_warnings(root_disk_path, &stats);