Hi everyone!
Name tunneling is another issue that I’m dealing with 
As far as I
understand, there is no way to say that name tunneling is going to occur
until create IRP is completed. The issue for me is that file path that I
calculated for that file before passing create IRP down is not good
anymore (because actual file name will be LFN while what I’ve got at
“pre-create” step is SFN). So, in order to minimize amount of
unnecessary calls to get file path after create is completed, I would
like to know some heuristics that would predict that this create may
cause name tunneling upon its completion so I may need to recalc LFN
file path. So, is this list of events (that must occur simultaneously)
full and sufficient to predict a possibility of name tunneling:
- At pre-create target file doesn’t exist
- File is opening with disposition other than OPEN and SUPERSEDE
- File name “looks like” SFN (i.e. is 8.3, has only DOS-allowed chars
and has a ‘~’ in the name).
TIA,
Vladimir