Strange behaviour with FILE_DIRECTORY_INFORMATION

Hi, I am developing a driver for experimental purposes and listing directories & files with IRP_MN_QUERY_DIRECTORY, works perfectly fine with FILE_BOTH_DIR_INFORMATION structure, but fails with FILE_DIRECTORY_INFORMATION always on the second offset, windbg says error reading memory information.
Only fails in x64, windows x86 works fine. I know both structures are almost the same but i find it quite strange that one fails.

I was wondering if anyone has encountered similar issues with this structure. Below windbg output

kd> dt FileDirectory
Local var @ 0xfffff880031cf520 Type _FILE_DIRECTORY_INFORMATION*
0xfffffa800156a000 +0x000 NextEntryOffset : 0x58 +0x004 FileIndex : 0 +0x008 CreationTime : _LARGE_INTEGER 0x01ca0431d29f5adc
+0x010 LastAccessTime : _LARGE_INTEGER 0x01d3f4df127a272f +0x018 LastWriteTime : _LARGE_INTEGER 0x01d3f4df127a272f
+0x020 ChangeTime : _LARGE_INTEGER 0x01d3f4df`127a272f
+0x028 EndOfFile : _LARGE_INTEGER 0x0
+0x030 AllocationSize : _LARGE_INTEGER 0x0
+0x038 FileAttributes : 0x16
+0x03c FileNameLength : 0x18
+0x040 FileName : [1] “$”

FileName $ is first byte of $Recycle.Bin from C drive, everything good now.
On the next offset this appears

+0x000 NextEntryOffset : ??
+0x004 FileIndex : ??
+0x008 CreationTime : _LARGE_INTEGER
+0x010 LastAccessTime : _LARGE_INTEGER
+0x018 LastWriteTime : _LARGE_INTEGER
+0x020 ChangeTime : _LARGE_INTEGER
+0x028 EndOfFile : _LARGE_INTEGER
+0x030 AllocationSize : _LARGE_INTEGER
+0x038 FileAttributes : ??
+0x03c FileNameLength : ??
+0x040 FileName : [1] “— memory read error at address 0x00000000`2b87f350 —”
Memory read error 000000002b87f34c

As i previously said, doesnt happen with FILE_BOTH_DIR_INFORMATION. testing in windows 7 x86 & windows 7 x64

What address are you calculating for the next entry? It’s missing in your
post.

-scott
OSR
@OSRDrivers