From e30c1b2432726d2d5ba572328f9a3956c5d7389c Mon Sep 17 00:00:00 2001 From: Rob Mensching Date: Tue, 6 Feb 2024 12:05:56 -0800 Subject: [PATCH] Do not follow junctions when recursively deleting directories This will prevent elevated processes from accidentally following a junction from a user-writable directory to a per-machine directory and erroneously deleting the per-machine contents. --- src/libs/dutil/WixToolset.DUtil/dirutil.cpp | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/src/libs/dutil/WixToolset.DUtil/dirutil.cpp b/src/libs/dutil/WixToolset.DUtil/dirutil.cpp index 8c7ef4610..d6d782e0e 100644 --- a/src/libs/dutil/WixToolset.DUtil/dirutil.cpp +++ b/src/libs/dutil/WixToolset.DUtil/dirutil.cpp @@ -26,7 +26,7 @@ *******************************************************************/ extern "C" BOOL DAPI DirExists( - __in_z LPCWSTR wzPath, + __in_z LPCWSTR wzPath, __out_opt DWORD *pdwAttributes ) { @@ -73,7 +73,7 @@ extern "C" HRESULT DAPI DirCreateTempPath( *******************************************************************/ extern "C" HRESULT DAPI DirEnsureExists( - __in_z LPCWSTR wzPath, + __in_z LPCWSTR wzPath, __in_opt LPSECURITY_ATTRIBUTES psa ) { @@ -203,8 +203,8 @@ extern "C" HRESULT DAPI DirEnsureDeleteEx( } } - // If we're deleting files and/or child directories loop through the contents of the directory. - if (fDeleteFiles || fRecurse) + // If we're deleting files and/or child directories loop through the contents of the directory, but skip junctions. + if ((fDeleteFiles || fRecurse) && (0 == (dwAttrib & FILE_ATTRIBUTE_REPARSE_POINT))) { if (fScheduleDelete) {