From cb776056bb82cc092f6412a6d79c80c1c7de005d Mon Sep 17 00:00:00 2001
From: Rob Mensching <rob@firegiant.com>
Date: Tue, 6 Feb 2024 12:09:39 -0800
Subject: [PATCH] Do not  follow junctions when recursively deleting
 directories

This will prevent elevated processes from accidentally following a junction
from a user-writable directory to a per-machine directory and erroneously
deleting the per-machine contents.
---
 src/libs/dutil/dirutil.cpp | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/src/libs/dutil/dirutil.cpp b/src/libs/dutil/dirutil.cpp
index e549d236f..47b768ac6 100644
--- a/src/libs/dutil/dirutil.cpp
+++ b/src/libs/dutil/dirutil.cpp
@@ -210,8 +210,8 @@ extern "C" HRESULT DAPI DirEnsureDeleteEx(
             }
         }
 
-        // If we're deleting files and/or child directories loop through the contents of the directory.
-        if (fDeleteFiles || fRecurse)
+        // If we're deleting files and/or child directories loop through the contents of the directory, but skip junctions.
+        if ((fDeleteFiles || fRecurse) && (0 == (dwAttrib & FILE_ATTRIBUTE_REPARSE_POINT)))
         {
             if (fScheduleDelete)
             {