Updating ExAllocatePoolWithTag security and additional PnpLockdown wa…

…rning on build
microsoft · Mar 10, 2022 · 4fb81db · 4fb81db
1 parent 9f03207
commit 4fb81db
Show file tree

Hide file tree

Showing 9 changed files with 22 additions and 17 deletions.
diff --git a/general/PLX9x5x/sys/Private.h b/general/PLX9x5x/sys/Private.h
@@ -220,9 +220,7 @@ PLxInitializeDMA(
     );
 
 #ifdef SIMULATE_MEMORY_FRAGMENTATION
-//
-// Passed to ExAllocatePoolWithTag to track memory allocations
-//
+
 #define POOL_TAG 'x5x9'
 
 //

diff --git a/general/PLX9x5x/sys/pci9x5x.inx b/general/PLX9x5x/sys/pci9x5x.inx
diff --git a/serial/serenum/pnp.c b/serial/serenum/pnp.c
@@ -183,7 +183,7 @@ Routine Description.
                                       NULL, &nameLength);
 
          if ((nameLength != 0) && (status == STATUS_BUFFER_TOO_SMALL)) {
-            deviceName = ExAllocatePoolWithTag(NonPagedPoolNx, nameLength,SERENUM_POOL_TAG);
+            deviceName = ExAllocatePoolZero(NonPagedPoolNx, nameLength,SERENUM_POOL_TAG);
 
             if (NULL == deviceName) {
                goto someDebugStuffExit;
@@ -726,7 +726,7 @@ Routine Description:
         length = sizeof(DEVICE_RELATIONS) +
                 ((DeviceData->NumPDOs + i) * sizeof (PDEVICE_OBJECT));
 
-        relations = (PDEVICE_RELATIONS) ExAllocatePoolWithTag (NonPagedPoolNx, length,SERENUM_POOL_TAG);
+        relations = (PDEVICE_RELATIONS) ExAllocatePoolZero(NonPagedPoolNx, length,SERENUM_POOL_TAG);
 
         if (NULL == relations) {
            Irp->IoStatus.Status = STATUS_INSUFFICIENT_RESOURCES;
@@ -970,7 +970,7 @@ Routine Description:
          break;
       }
 
-      returnBuffer = ExAllocatePoolWithTag(PagedPool, DeviceData->DevDesc.Length,SERENUM_POOL_TAG);
+      returnBuffer = ExAllocatePoolZero(PagedPool, DeviceData->DevDesc.Length,SERENUM_POOL_TAG);
 
       if (returnBuffer == NULL) {
          status = STATUS_INSUFFICIENT_RESOURCES;
@@ -1016,7 +1016,7 @@ Routine Description:
          status = STATUS_SUCCESS;
 
          length = SERENUM_INSTANCE_IDS_LENGTH * sizeof(WCHAR);
-         returnBuffer = ExAllocatePoolWithTag(PagedPool, length,SERENUM_POOL_TAG);
+         returnBuffer = ExAllocatePoolZero(PagedPool, length,SERENUM_POOL_TAG);
 
          if (returnBuffer != NULL) {
             RtlCopyMemory(returnBuffer, SERENUM_INSTANCE_IDS, length);
@@ -1060,7 +1060,7 @@ Routine Description:
 
             if (buffer != NULL) {
                length = pId->Length;
-               returnBuffer = ExAllocatePoolWithTag(PagedPool, length + sizeof(WCHAR),SERENUM_POOL_TAG);
+               returnBuffer = ExAllocatePoolZero(PagedPool, length + sizeof(WCHAR),SERENUM_POOL_TAG);
                if (returnBuffer != NULL) {
                   RtlZeroMemory(returnBuffer, length + sizeof(WCHAR) );
                   RtlCopyMemory(returnBuffer, buffer, length);
@@ -1087,7 +1087,7 @@ Routine Description:
        ASSERTMSG("Serenum appears not to be the sole bus?!?",
                  Irp->IoStatus.Information == (ULONG_PTR)NULL);
 
-       pBusInfo = ExAllocatePoolWithTag(PagedPool, sizeof(PNP_BUS_INFORMATION),SERENUM_POOL_TAG);
+       pBusInfo = ExAllocatePoolZero(PagedPool, sizeof(PNP_BUS_INFORMATION),SERENUM_POOL_TAG);
 
        if (pBusInfo == NULL) {
           status = STATUS_INSUFFICIENT_RESOURCES;
@@ -1125,7 +1125,7 @@ Routine Description:
          }
 
 
-         pDevRel = ExAllocatePoolWithTag(PagedPool, sizeof(DEVICE_RELATIONS),SERENUM_POOL_TAG);
+         pDevRel = ExAllocatePoolZero(PagedPool, sizeof(DEVICE_RELATIONS),SERENUM_POOL_TAG);
 
          if (pDevRel == NULL) {
             status = STATUS_INSUFFICIENT_RESOURCES;
@@ -1175,7 +1175,7 @@ Routine Description:
          if(DeviceData->PnPRev.Length) {
             RtlInitUnicodeString(&keyname, NULL);
             keyname.MaximumLength = sizeof(L"PnPRev");
-            keyname.Buffer = ExAllocatePoolWithTag(PagedPool, keyname.MaximumLength,SERENUM_POOL_TAG);
+            keyname.Buffer = ExAllocatePoolZero(PagedPool, keyname.MaximumLength,SERENUM_POOL_TAG);
 
             if (keyname.Buffer != NULL) {
 
@@ -1194,7 +1194,7 @@ Routine Description:
          if(DeviceData->SerialNo.Length) {
             RtlInitUnicodeString(&keyname, NULL);
             keyname.MaximumLength = sizeof(L"Serial Number");
-            keyname.Buffer = ExAllocatePoolWithTag(PagedPool, keyname.MaximumLength,SERENUM_POOL_TAG);
+            keyname.Buffer = ExAllocatePoolZero(PagedPool, keyname.MaximumLength,SERENUM_POOL_TAG);
 
             if (keyname.Buffer != NULL) {
 
@@ -1442,7 +1442,7 @@ VOID SerenumStartDeviceWorker(
 
     _Analysis_assume_(Irp != NULL); // Not NULL when passed to IoQueueWorkItem()
 
-    if (NULL == (QueryTable = ExAllocatePoolWithTag(
+    if (NULL == (QueryTable = ExAllocatePoolZero(
                                PagedPool,
                                sizeof(RTL_QUERY_REGISTRY_TABLE)*2,
                                SERENUM_POOL_TAG

diff --git a/serial/serenum/serenum.c b/serial/serenum/serenum.c
@@ -57,6 +57,8 @@ Routine Description:
 {
     ULONG i;
 
+    ExInitializeDriverRuntime(DrvRtPoolNxOptIn);
+
     UNREFERENCED_PARAMETER (UniRegistryPath);
 
     Serenum_KdPrint_Def (SER_DBG_SS_TRACE, ("Driver Entry\n"));

diff --git a/serial/serenum/serenum.h b/serial/serenum/serenum.h
@@ -136,6 +136,8 @@ Revision History:
 #define MIN(_A_,_B_) (((_A_) < (_B_)) ? (_A_) : (_B_))
 #endif
 
+#define POOL_ZERO_DOWN_LEVEL_SUPPORT
+
 //
 // A common header for the device extensions of the PDOs and FDO
 //

diff --git a/serial/serenum/string.c b/serial/serenum/string.c
@@ -94,7 +94,7 @@ Return value:
    // Allocate the string buffers
    //
 
-   pStrBuffer = ExAllocatePoolWithTag(PagedPool, MAX_DEVNODE_NAME * 7 + 1,SERENUM_POOL_TAG);
+   pStrBuffer = ExAllocatePoolZero(PagedPool, MAX_DEVNODE_NAME * 7 + 1,SERENUM_POOL_TAG);
 
    if (pStrBuffer == NULL) {
       status = STATUS_INSUFFICIENT_RESOURCES;
@@ -384,7 +384,7 @@ Return Value:
    multiLength += sizeof(WCHAR);
 
    MultiString->MaximumLength = (USHORT)multiLength;
-   MultiString->Buffer = ExAllocatePoolWithTag(PagedPool, multiLength,SERENUM_POOL_TAG);
+   MultiString->Buffer = ExAllocatePool2(POOL_FLAG_PAGED, multiLength,SERENUM_POOL_TAG);
    MultiString->Length = 0;
 
    if (MultiString->Buffer == NULL) {

diff --git a/wmi/wmisamp/wmisamp.c b/wmi/wmisamp/wmisamp.c
@@ -59,6 +59,8 @@ DriverEntry(
 {
     NTSTATUS status = STATUS_SUCCESS;
     WDF_DRIVER_CONFIG config;
+
+    ExInitializeDriverRuntime(DrvRtPoolNxOptIn);
 
     //
     // Initialize the Driver Config structure.
@@ -314,7 +316,7 @@ WmiSampSetEc1(
         return;
     }
 
-    ec1 = ExAllocatePoolWithTag(NonPagedPoolNx, ec1Length, WMI_SAMPLE_TAG);
+    ec1 = ExAllocatePoolZero(NonPagedPoolNx, ec1Length, WMI_SAMPLE_TAG);
     if (ec1 != NULL) {
 
         RtlCopyMemory(ec1, Buffer, Length);
@@ -394,7 +396,7 @@ WmiSampSetEc2(
         return;
     }
 
-    ec2 = ExAllocatePoolWithTag(NonPagedPoolNx, ec2Length, WMI_SAMPLE_TAG);
+    ec2 = ExAllocatePoolZero(NonPagedPoolNx, ec2Length, WMI_SAMPLE_TAG);
     if (ec2 != NULL) {
 
         RtlCopyMemory(ec2, Buffer, Length);

diff --git a/wmi/wmisamp/wmisamp.h b/wmi/wmisamp/wmisamp.h
@@ -45,6 +45,7 @@ Module Name:
 #define DebugPrint
 #endif
 
+#define POOL_ZERO_DOWN_LEVEL_SUPPORT
 
 typedef struct _WMI_SAMPLE_INSTANCE_CONFIG {
 

diff --git a/wmi/wmisamp/wmisamp.inx b/wmi/wmisamp/wmisamp.inx
-Original file line number
+Diff line change
@@ Expand Up / @@ -220,9 +220,7 @@ PLxInitializeDMA( @@
         );
     #ifdef SIMULATE_MEMORY_FRAGMENTATION
-    //
-    // Passed to ExAllocatePoolWithTag to track memory allocations
-    //
     #define POOL_TAG 'x5x9'
     //
@@ Expand Down @@