Bug fixes 5 #163
Merged
Bug fixes 5 #163
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Fix null pointer dereference, fix memory leak.
Remove colon after executable name in report for better look.
Fix multiple bugs and resource leaks in routines related to the WMI in Generic.cpp, fix WMI query call in ExecWMIQuery, fix WMI related bugs in VirtualBox.cpp, fix safe array never get unlocked in vbox_eventlogfile_wmi and add more virtualbox detection markers from VirtualBox 6.0.2
The IP_ADAPTER_INFO buffer was allocated and never released.
Replace NULL with 0 where needed.
Fix null pointer dereference, realloc potential memory leak, memory leak, invalid expression in ScanForModules_EnumProcessModulesEx_Internal, fix invalid expression in ScanForModules_MemoryWalk_Hidden - invalid length always passed to IsBadLibrary, fix mismatched delete call in ScanForModules_MemoryWalk_Hidden, array was allocated wth new[] but released with delete.
normalisedPath never got normalised
Fix memory leak in case of realloc failure, fix potential null ptr passed to SecureZeroMemory.
Allocate BSTR string instead of incorrect type conversion.
Exclude SortDefault.nls false positive, please see comment. Satisfy compiler warnings.
Remove incorrect result checks and wrong printf specifiers.
Result of get_system_firmware never get checked against failure.
Similar to previos. In vmware_firmware_ACPI and vbox_firmware_ACPI get_system_firmware call never get checked against failure.
Fix QueueUserAPC_Injection routine by rewritting it and making it work.
Result of final LocalAlloc never get checked before use.
Failure of log open/create wasn't handled.
…ror handling The LocalAlloc result was never checked against failure before use. Result of FormatMessage not checked.
Fix SCM handle leak in VMDriverServices(), fix get_services() potential realloc memory leak, null pointer dereference, wrong printf specifier.
The value passed to printf variation is all unsigned.
Allocated buffer never released, icmp handle never closed.
VirtualAlloc calls not validated against failure.
Fix handle leak, fix incorrect return value check, fix timers queue destroy.
This is a potential error, since the success value may be presented by any non-zero number while failure only by 0.
|
Well all seems to be fine, I went through all your changes. I need to add tests but that would be a bit challenging. Many thanks to you @hfiref0x |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Fix for HardwareBreakpoints routine
Update process.cpp
Fix multiple bugs in WMI related routines
Fix memory leak in check_mac_addr routine
Update MemoryBreakpoints_PageGuard.cpp
Fix multiple bugs in ScanForModules.cpp
Fix bug in IsBadLibrary
Fix number of bugs in get_system_firmware
Fix InitWMI routine
Update IsBadLibrary
Remove incorrect result checks and wrong printf specifiers in ScanForModules.cpp
Fix null pointer dereference in qemu_firmware_ACPI routine
Fix null pointer dereferences in VirtualBox.cpp & VMWare.cpp
Fix QueueUserAPC_Injection routine by rewrite
Fix null pointer dereference in setupdi_diskdrive routine
Add error handling in log_print
Fix null pointer dereference in print_last_error routine, add more error handling
Fixes in Services.cpp
Fix signed/unsigned mismatch for specifiers in various *printf calls
Fix resource leak in timing_IcmpSendEcho routine
Fix missing VirtualAlloc checks in WriteWatch.cpp
Fix number of bugs in timing.cpp
Remove incorrect return value checks
Please review these changes because they affect all WMI related parts of your program. I tried not to screw up something but more eyes is better.
P.S.
According to ScanForModules unit. Despite patches the code for mapped/hidden modules enumeration is a mess, very slow because of ineffectiveness and bugged, I can only suggest to rewrite it from the scratch completely.