From 34bb5167480232c5176c5b32d9bf5b62b4a747fd Mon Sep 17 00:00:00 2001
From: Micah Snyder <micasnyd@cisco.com>
Date: Wed, 19 Mar 2025 17:36:05 -0400
Subject: [PATCH] Windows: code quality improvement for --move and --remove
 options

When the --move or --remove options are used, ClamAV carefully traverses
the file path one layer at a time so as to avoid following a directory
that is a symlink or reparse point.
We do this for directories, but could also do it for files.
Only an admin should be able to create a reparse point for a file,
but it is better to be consistent.

Thank you to Maxim Suhanov for reporting this issue.
---
 common/actions.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/common/actions.c b/common/actions.c
index b905471127..6e48172c2d 100644
--- a/common/actions.c
+++ b/common/actions.c
@@ -344,7 +344,7 @@ static int traverse_to(const char *directory, bool want_directory_handle, HANDLE
                 /* Change createfile options for our target file instead of an intermediate directory. */
                 desiredAccess  = FILE_GENERIC_READ | DELETE;
                 fileAttributes = FILE_ATTRIBUTE_NORMAL;
-                createOptions  = FILE_NON_DIRECTORY_FILE;
+                createOptions  = FILE_NON_DIRECTORY_FILE | FILE_OPEN_REPARSE_POINT;
                 shareAccess    = FILE_SHARE_READ | FILE_SHARE_WRITE | FILE_SHARE_DELETE;
             }
         }