Index: lib/rtl/path.c
===================================================================
--- lib/rtl/path.c	(Revision 58322)
+++ lib/rtl/path.c	(Arbeitskopie)
@@ -916,7 +916,7 @@
     _In_ ULONG MaximumLength,
     _Out_bytecap_(MaximumLength) PWSTR Buffer)
 {
-    ULONG Length, Bytes;
+    ULONG Length;
     PCURDIR CurDir;
     PWSTR CurDirName;
     DPRINT("RtlGetCurrentDirectory %lu %p\n", MaximumLength, Buffer);
@@ -928,7 +928,8 @@
     /* Get the buffer and character length */
     CurDirName = CurDir->DosPath.Buffer;
     Length = CurDir->DosPath.Length / sizeof(WCHAR);
-    ASSERT((CurDirName != NULL) && (Length > 0));
+    ASSERT((CurDirName != NULL) && (Length >= 2));
+    ASSERT(CurDirName[Length - 1] == OBJ_NAME_PATH_SEPARATOR);
 
     /*
      * DosPath.Buffer should always have a trailing slash. There is an assert
@@ -938,45 +939,33 @@
      * or it returns x:\path\foo for a directory (replacing the trailing slash
      * with a NULL.
      */
-    Bytes = Length * sizeof(WCHAR);
-    if ((Length <= 1) || (CurDirName[Length - 2] == L':'))
+    if (CurDirName[Length - 2] != L':')
     {
-        /* Check if caller does not have enough space */
-        if (MaximumLength <= Bytes)
-        {
-            /* Call has no space for it, fail, add the trailing slash */
-            RtlReleasePebLock();
-            return Bytes + sizeof(OBJ_NAME_PATH_SEPARATOR);
-        }
+        /* Replace the trailing slash with a null */
+        --Length;
     }
     else
     {
-        /* Check if caller does not have enough space */
-        if (MaximumLength < Bytes)
-        {
-            /* Call has no space for it, fail */
-            RtlReleasePebLock();
-            return Bytes;
-        }
+        /* This is a compatibility hack. Windows checks in this case whether
+           Length * sizeof(WCHAR) < MaximumLength, so the minimum value for
+           MaximumLength is Length * sizeof(WCHAR) + 1. We add one to make
+           our check correct */
+        MaximumLength += 1;
     }
 
-    /* Copy the buffer since we seem to have space */
-    RtlCopyMemory(Buffer, CurDirName, Bytes);
+    /* Check if caller has enough space */
+    if (Length * sizeof(WCHAR) + sizeof(WCHAR) <= MaximumLength)
+    {
+        /* Copy the buffer since we seem to have space */
+        RtlCopyMemory(Buffer, CurDirName, Length * sizeof(WCHAR));
 
-    /* The buffer should end with a path separator */
-    ASSERT(Buffer[Length - 1] == OBJ_NAME_PATH_SEPARATOR);
-
-    /* Again check for our two cases (drive root vs path) */
-    if ((Length <= 1) || (Buffer[Length - 2] != L':'))
-    {
-        /* Replace the trailing slash with a null */
-        Buffer[Length - 1] = UNICODE_NULL;
-        --Length;
+        /* Append the null char */
+        Buffer[Length] = UNICODE_NULL;
     }
     else
     {
-        /* Append the null char since there's no trailing slash */
-        Buffer[Length] = UNICODE_NULL;
+        /* On failure we return the size including the terminating null */
+        Length += sizeof(UNICODE_NULL);
     }
 
     /* Release PEB lock */