https://git.reactos.org/?p=reactos.git;a=commitdiff;h=9adcacdbc82c243219d89… commit 9adcacdbc82c243219d89165c3e03ed8c05b852f Author: Nguyen Trung Khanh <nguyentrungkhanh97(a)gmail.com> AuthorDate: Mon Aug 17 21:45:35 2020 +0700 Commit: GitHub <noreply(a)github.com> CommitDate: Mon Aug 17 16:45:35 2020 +0200 [MOUNTMGR] Fix pool memory disclosure in QueryPointsFromMemory (#3022) --- drivers/filters/mountmgr/point.c | 1 + 1 file changed, 1 insertion(+) diff --git a/drivers/filters/mountmgr/point.c b/drivers/filters/mountmgr/point.c index 38260a57c2a..051f8305ece 100644 --- a/drivers/filters/mountmgr/point.c +++ b/drivers/filters/mountmgr/point.c @@ -335,6 +335,7 @@ QueryPointsFromMemory(IN PDEVICE_EXTENSION DeviceExtension, /* Now, ensure output buffer can hold everything */ Stack = IoGetCurrentIrpStackLocation(Irp); MountPoints = (PMOUNTMGR_MOUNT_POINTS)Irp->AssociatedIrp.SystemBuffer; + RtlZeroMemory(MountPoints, Stack->Parameters.DeviceIoControl.OutputBufferLength); /* Ensure we set output to let user reallocate! */ MountPoints->Size = sizeof(MOUNTMGR_MOUNT_POINTS) + TotalSymLinks * sizeof(MOUNTMGR_MOUNT_POINT) + TotalSize;