From 48afa1dc33ef1a13aacc7bca63f83f0e47246f90 Mon Sep 17 00:00:00 2001
From: Kamil Hornicek <kamil.hornicek@reactos.org>
Date: Mon, 10 Oct 2011 13:37:19 +0000
Subject: [PATCH] [CDFS] Fix a buffer overrun that was corrupting the FCB. See
 issue #4086 for more details.

svn path=/trunk/; revision=54072
---
 reactos/drivers/filesystems/cdfs/dirctl.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/reactos/drivers/filesystems/cdfs/dirctl.c b/reactos/drivers/filesystems/cdfs/dirctl.c
index 8cf71a2d0dc..9174f698f65 100644
--- a/reactos/drivers/filesystems/cdfs/dirctl.c
+++ b/reactos/drivers/filesystems/cdfs/dirctl.c
@@ -325,7 +325,8 @@ CdfsFindFile(PDEVICE_EXTENSION DeviceExt,
             DPRINT("PathName '%S'  ObjectName '%S'\n", Fcb->PathName, Fcb->ObjectName);
 
             memcpy(&Fcb->Entry, Record, sizeof(DIR_RECORD));
-            wcsncpy(Fcb->ObjectName, name, MAX_PATH);
+            wcsncpy(Fcb->ObjectName, name, min(wcslen(name) + 1,
+                MAX_PATH - wcslen(Fcb->PathName) + wcslen(Fcb->ObjectName)));
 
             /* Copy short name */
             Fcb->ShortNameU.Length = ShortName.Length;