rbmm/gist:5270762167c5053a00b70f6760f980d6

## gistfile1.txt
inline HANDLE fixH(HANDLE hFile)
{
	return hFile == INVALID_HANDLE_VALUE ? 0 : hFile;
}

NTSTATUS CreateMountPoint(PCWSTR pszFileName, PCWSTR SubstituteName, PCWSTR PrintName)
{
	NTSTATUS status = STATUS_INTERNAL_ERROR;
	PREPARSE_DATA_BUFFER prdb = 0;
	int len = 0;
	PWSTR PathBuffer = 0;
	ULONG cb = 0;

	while (0 < (len = _snwprintf(PathBuffer, len, L"%ws%c%ws", SubstituteName, 0, PrintName)))
	{
		if (PathBuffer)
		{
			prdb->ReparseTag = IO_REPARSE_TAG_MOUNT_POINT;
			prdb->ReparseDataLength = (USHORT)(cb - offsetof(REPARSE_DATA_BUFFER, GenericReparseBuffer));
			prdb->MountPointReparseBuffer.SubstituteNameOffset = 0;
			prdb->MountPointReparseBuffer.SubstituteNameLength = (USHORT)wcslen(SubstituteName) * sizeof(WCHAR);
			prdb->MountPointReparseBuffer.PrintNameOffset = prdb->MountPointReparseBuffer.SubstituteNameLength + sizeof(WCHAR);
			prdb->MountPointReparseBuffer.PrintNameLength = (USHORT)wcslen(PrintName) * sizeof(WCHAR);

			HANDLE hFile;
			IO_STATUS_BLOCK iosb;
			UNICODE_STRING ObjectName;
			OBJECT_ATTRIBUTES oa = { sizeof(oa), 0, &ObjectName, OBJ_CASE_INSENSITIVE };

			if (0 <= (status = RtlDosPathNameToNtPathName_U_WithStatus(pszFileName, &ObjectName, 0, 0)))
			{
				status = NtCreateFile(&hFile, FILE_ALL_ACCESS, &oa, &iosb, 0, 0, FILE_DIRECTORY_FILE,
					FILE_OPEN_IF, FILE_OPEN_REPARSE_POINT|FILE_DIRECTORY_FILE, 0, 0);

				RtlFreeUnicodeString(&ObjectName);

				if (0 <= status)
				{
					status = NtFsControlFile(hFile, 0, 0, 0, &iosb, FSCTL_SET_REPARSE_POINT, prdb, cb, 0, 0);
					NtClose(hFile);
				}
			}
			break;
		}

		cb = FIELD_OFFSET(REPARSE_DATA_BUFFER, MountPointReparseBuffer.PathBuffer[++len]);

		prdb = (PREPARSE_DATA_BUFFER)alloca(cb);

		PathBuffer = prdb->MountPointReparseBuffer.PathBuffer;
	}

	return status;
}

NTSTATUS CreateSymLink(PHANDLE SymbolicLinkHandle, PCWSTR pcsz, PCWSTR pszFileName)
{
	NTSTATUS status;
	UNICODE_STRING ObjectName, TargetName;
	OBJECT_ATTRIBUTES oa = { sizeof(oa), 0, &ObjectName, OBJ_CASE_INSENSITIVE };

	if (0 <= (status = RtlDosPathNameToNtPathName_U_WithStatus(pszFileName, &TargetName, 0, 0)))
	{
		RtlInitUnicodeString(&ObjectName, pcsz);
		status = ZwCreateSymbolicLinkObject(SymbolicLinkHandle, SYMBOLIC_LINK_ALL_ACCESS, &oa, &TargetName);
		RtlFreeUnicodeString(&TargetName);
	}

	return status;
}

void TestDel(PCWSTR pszFileName, PCWSTR SubstituteName)
{
	if (HANDLE hFile = fixH(CreateFileW(SubstituteName, FILE_APPEND_DATA, 0, 0, CREATE_ALWAYS, 0, 0)))
	{
		ULONG n;
		WriteFile(hFile, "1234567890\r\n", 12, &n, 0);
		NtClose(hFile);

		if (0 <= CreateMountPoint(L"[Some Folder]", L"\\RPC Control", L""))
		{
			int len = 0;
			PWSTR psz = 0;
			while (0 < (len = _snwprintf(psz, len, L"\\RPC Control\\%ws", pszFileName)))
			{
				if (psz)
				{
					HANDLE hSymLink;

					if (0 <= CreateSymLink(&hSymLink, psz, SubstituteName))
					{
						psz = 0, len = 0;

						while (0 < (len = _snwprintf(psz, len, L"[Some Folder]\\%ws", pszFileName)))
						{
							if (psz)
							{
								if (!DeleteFileW(psz))
								{
									RtlGetLastNtStatus();
								}
								break;
							}

							psz = (PWSTR)alloca(++len * sizeof(WCHAR));
						}

						NtClose(hSymLink);
					}
					break;
				}

				psz = (PWSTR)alloca(++len * sizeof(WCHAR));
			}

			UNICODE_STRING ObjectName;
			OBJECT_ATTRIBUTES oa = { sizeof(oa), 0, &ObjectName };
			if (0 <= RtlDosPathNameToNtPathName_U_WithStatus(L"[Some Folder]", &ObjectName, 0, 0))
			{
				IO_STATUS_BLOCK iosb;
				if (0 <= NtOpenFile(&hFile, DELETE, &oa, &iosb, 0, FILE_DELETE_ON_CLOSE|FILE_DIRECTORY_FILE|FILE_OPEN_REPARSE_POINT))
				{
					NtClose(hFile);
				}
				RtlFreeUnicodeString(&ObjectName);
			}
		}
	}
}

TestDel(L"aaa.txt", L"bbb.txt");
	inline HANDLE fixH(HANDLE hFile)
	{
	return hFile == INVALID_HANDLE_VALUE ? 0 : hFile;
	}

	NTSTATUS CreateMountPoint(PCWSTR pszFileName, PCWSTR SubstituteName, PCWSTR PrintName)
	{
	NTSTATUS status = STATUS_INTERNAL_ERROR;
	PREPARSE_DATA_BUFFER prdb = 0;
	int len = 0;
	PWSTR PathBuffer = 0;
	ULONG cb = 0;

	while (0 < (len = _snwprintf(PathBuffer, len, L"%ws%c%ws", SubstituteName, 0, PrintName)))
	{
	if (PathBuffer)
	{
	prdb->ReparseTag = IO_REPARSE_TAG_MOUNT_POINT;
	prdb->ReparseDataLength = (USHORT)(cb - offsetof(REPARSE_DATA_BUFFER, GenericReparseBuffer));
	prdb->MountPointReparseBuffer.SubstituteNameOffset = 0;
	prdb->MountPointReparseBuffer.SubstituteNameLength = (USHORT)wcslen(SubstituteName) * sizeof(WCHAR);
	prdb->MountPointReparseBuffer.PrintNameOffset = prdb->MountPointReparseBuffer.SubstituteNameLength + sizeof(WCHAR);
	prdb->MountPointReparseBuffer.PrintNameLength = (USHORT)wcslen(PrintName) * sizeof(WCHAR);

	HANDLE hFile;
	IO_STATUS_BLOCK iosb;
	UNICODE_STRING ObjectName;
	OBJECT_ATTRIBUTES oa = { sizeof(oa), 0, &ObjectName, OBJ_CASE_INSENSITIVE };

	if (0 <= (status = RtlDosPathNameToNtPathName_U_WithStatus(pszFileName, &ObjectName, 0, 0)))
	{
	status = NtCreateFile(&hFile, FILE_ALL_ACCESS, &oa, &iosb, 0, 0, FILE_DIRECTORY_FILE,
	FILE_OPEN_IF, FILE_OPEN_REPARSE_POINT\|FILE_DIRECTORY_FILE, 0, 0);

	RtlFreeUnicodeString(&ObjectName);

	if (0 <= status)
	{
	status = NtFsControlFile(hFile, 0, 0, 0, &iosb, FSCTL_SET_REPARSE_POINT, prdb, cb, 0, 0);
	NtClose(hFile);
	}
	}
	break;
	}

	cb = FIELD_OFFSET(REPARSE_DATA_BUFFER, MountPointReparseBuffer.PathBuffer[++len]);

	prdb = (PREPARSE_DATA_BUFFER)alloca(cb);

	PathBuffer = prdb->MountPointReparseBuffer.PathBuffer;
	}

	return status;
	}

	NTSTATUS CreateSymLink(PHANDLE SymbolicLinkHandle, PCWSTR pcsz, PCWSTR pszFileName)
	{
	NTSTATUS status;
	UNICODE_STRING ObjectName, TargetName;
	OBJECT_ATTRIBUTES oa = { sizeof(oa), 0, &ObjectName, OBJ_CASE_INSENSITIVE };

	if (0 <= (status = RtlDosPathNameToNtPathName_U_WithStatus(pszFileName, &TargetName, 0, 0)))
	{
	RtlInitUnicodeString(&ObjectName, pcsz);
	status = ZwCreateSymbolicLinkObject(SymbolicLinkHandle, SYMBOLIC_LINK_ALL_ACCESS, &oa, &TargetName);
	RtlFreeUnicodeString(&TargetName);
	}

	return status;
	}

	void TestDel(PCWSTR pszFileName, PCWSTR SubstituteName)
	{
	if (HANDLE hFile = fixH(CreateFileW(SubstituteName, FILE_APPEND_DATA, 0, 0, CREATE_ALWAYS, 0, 0)))
	{
	ULONG n;
	WriteFile(hFile, "1234567890\r\n", 12, &n, 0);
	NtClose(hFile);

	if (0 <= CreateMountPoint(L"[Some Folder]", L"\\RPC Control", L""))
	{
	int len = 0;
	PWSTR psz = 0;
	while (0 < (len = _snwprintf(psz, len, L"\\RPC Control\\%ws", pszFileName)))
	{
	if (psz)
	{
	HANDLE hSymLink;

	if (0 <= CreateSymLink(&hSymLink, psz, SubstituteName))
	{
	psz = 0, len = 0;

	while (0 < (len = _snwprintf(psz, len, L"[Some Folder]\\%ws", pszFileName)))
	{
	if (psz)
	{
	if (!DeleteFileW(psz))
	{
	RtlGetLastNtStatus();
	}
	break;
	}

	psz = (PWSTR)alloca(++len * sizeof(WCHAR));
	}

	NtClose(hSymLink);
	}
	break;
	}

	psz = (PWSTR)alloca(++len * sizeof(WCHAR));
	}

	UNICODE_STRING ObjectName;
	OBJECT_ATTRIBUTES oa = { sizeof(oa), 0, &ObjectName };
	if (0 <= RtlDosPathNameToNtPathName_U_WithStatus(L"[Some Folder]", &ObjectName, 0, 0))
	{
	IO_STATUS_BLOCK iosb;
	if (0 <= NtOpenFile(&hFile, DELETE, &oa, &iosb, 0, FILE_DELETE_ON_CLOSE\|FILE_DIRECTORY_FILE\|FILE_OPEN_REPARSE_POINT))
	{
	NtClose(hFile);
	}
	RtlFreeUnicodeString(&ObjectName);
	}
	}
	}
	}

	TestDel(L"aaa.txt", L"bbb.txt");
No results found