From bf4eabb4ca3fb1d0c68b375a2a964165776e44cb Mon Sep 17 00:00:00 2001 From: Simon Rozman Date: Sat, 24 Oct 2020 22:12:47 +0200 Subject: api: switch to private heap We must not use the process heap, as it is changeable. Client may change it causing our HeapFree() to use wrong heap. Signed-off-by: Simon Rozman --- api/adapter.c | 74 +++++++++++++++++++++++++-------------------------------- api/adapter.h | 2 +- api/api.c | 5 +++- api/api.h | 1 + api/driver.c | 5 ++-- api/namespace.c | 7 +++--- api/registry.c | 37 +++++++++++++---------------- api/registry.h | 14 +++++------ api/session.c | 7 +++--- 9 files changed, 68 insertions(+), 84 deletions(-) diff --git a/api/adapter.c b/api/adapter.c index 878f6ba..22900e0 100644 --- a/api/adapter.c +++ b/api/adapter.c @@ -31,18 +31,17 @@ AdapterGetDrvInfoDetail( _In_ SP_DRVINFO_DATA_W *DrvInfoData, _Out_ SP_DRVINFO_DETAIL_DATA_W **DrvInfoDetailData) { - HANDLE Heap = GetProcessHeap(); DWORD Size = sizeof(SP_DRVINFO_DETAIL_DATA_W) + 0x100; for (;;) { - *DrvInfoDetailData = HeapAlloc(Heap, 0, Size); + *DrvInfoDetailData = HeapAlloc(ModuleHeap, 0, Size); if (!*DrvInfoDetailData) return LOG(WINTUN_LOG_ERR, L"Out of memory"), ERROR_OUTOFMEMORY; (*DrvInfoDetailData)->cbSize = sizeof(SP_DRVINFO_DETAIL_DATA_W); if (SetupDiGetDriverInfoDetailW(DevInfo, DevInfoData, DrvInfoData, *DrvInfoDetailData, Size, &Size)) return ERROR_SUCCESS; DWORD Result = GetLastError(); - HeapFree(Heap, 0, *DrvInfoDetailData); + HeapFree(ModuleHeap, 0, *DrvInfoDetailData); if (Result != ERROR_INSUFFICIENT_BUFFER) return LOG_ERROR(L"Failed", Result); } @@ -57,16 +56,15 @@ GetDeviceRegistryProperty( _Out_ void **Buf, _Inout_ DWORD *BufLen) { - HANDLE Heap = GetProcessHeap(); for (;;) { - *Buf = HeapAlloc(Heap, 0, *BufLen); + *Buf = HeapAlloc(ModuleHeap, 0, *BufLen); if (!*Buf) return LOG(WINTUN_LOG_ERR, L"Out of memory"), ERROR_OUTOFMEMORY; if (SetupDiGetDeviceRegistryPropertyW(DevInfo, DevInfoData, Property, ValueType, *Buf, *BufLen, BufLen)) return ERROR_SUCCESS; DWORD Result = GetLastError(); - HeapFree(Heap, 0, *Buf); + HeapFree(ModuleHeap, 0, *Buf); if (Result != ERROR_INSUFFICIENT_BUFFER) return LOG_ERROR(L"Querying property failed", Result); } @@ -90,11 +88,11 @@ GetDeviceRegistryString( case REG_MULTI_SZ: Result = RegistryGetString(Buf, Size / sizeof(WCHAR), ValueType); if (Result != ERROR_SUCCESS) - HeapFree(GetProcessHeap(), 0, *Buf); + HeapFree(ModuleHeap, 0, *Buf); return Result; default: LOG(WINTUN_LOG_ERR, L"Property is not a string"); - HeapFree(GetProcessHeap(), 0, *Buf); + HeapFree(ModuleHeap, 0, *Buf); return ERROR_INVALID_DATATYPE; } } @@ -117,11 +115,11 @@ GetDeviceRegistryMultiString( case REG_MULTI_SZ: Result = RegistryGetMultiString(Buf, Size / sizeof(WCHAR), ValueType); if (Result != ERROR_SUCCESS) - HeapFree(GetProcessHeap(), 0, *Buf); + HeapFree(ModuleHeap, 0, *Buf); return Result; default: LOG(WINTUN_LOG_ERR, L"Property is not a string"); - HeapFree(GetProcessHeap(), 0, *Buf); + HeapFree(ModuleHeap, 0, *Buf); return ERROR_INVALID_DATATYPE; } } @@ -140,7 +138,6 @@ IsOurAdapter(_In_ HDEVINFO DevInfo, _In_ SP_DEVINFO_DATA *DevInfoData, _Out_ BOO static WINTUN_STATUS GetDeviceObject(_In_opt_z_ const WCHAR *InstanceId, _Out_ HANDLE *Handle) { - HANDLE Heap = GetProcessHeap(); ULONG InterfacesLen; DWORD Result = CM_Get_Device_Interface_List_SizeW( &InterfacesLen, (GUID *)&GUID_DEVINTERFACE_NET, (DEVINSTID_W)InstanceId, CM_GET_DEVICE_INTERFACE_LIST_PRESENT); @@ -149,7 +146,7 @@ GetDeviceObject(_In_opt_z_ const WCHAR *InstanceId, _Out_ HANDLE *Handle) LOG(WINTUN_LOG_ERR, L"Failed to get device associated device instances size"); return ERROR_GEN_FAILURE; } - WCHAR *Interfaces = HeapAlloc(Heap, 0, InterfacesLen * sizeof(WCHAR)); + WCHAR *Interfaces = HeapAlloc(ModuleHeap, 0, InterfacesLen * sizeof(WCHAR)); if (!Interfaces) return LOG(WINTUN_LOG_ERR, L"Out of memory"), ERROR_OUTOFMEMORY; Result = CM_Get_Device_Interface_ListW( @@ -174,7 +171,7 @@ GetDeviceObject(_In_opt_z_ const WCHAR *InstanceId, _Out_ HANDLE *Handle) NULL); Result = *Handle != INVALID_HANDLE_VALUE ? ERROR_SUCCESS : LOG_LAST_ERROR(L"Failed to connect to device"); cleanupBuf: - HeapFree(Heap, 0, Interfaces); + HeapFree(ModuleHeap, 0, Interfaces); return Result; } @@ -188,8 +185,7 @@ ForceCloseWintunAdapterHandle(_In_ HDEVINFO DevInfo, _In_ SP_DEVINFO_DATA *DevIn if (SetupDiGetDeviceInstanceIdW(DevInfo, DevInfoData, NULL, 0, &RequiredBytes) || (Result = GetLastError()) != ERROR_INSUFFICIENT_BUFFER) return LOG_ERROR(L"Failed to query device instance ID size", Result); - HANDLE Heap = GetProcessHeap(); - WCHAR *InstanceId = HeapAlloc(Heap, HEAP_ZERO_MEMORY, sizeof(*InstanceId) * RequiredBytes); + WCHAR *InstanceId = HeapAlloc(ModuleHeap, HEAP_ZERO_MEMORY, sizeof(*InstanceId) * RequiredBytes); if (!InstanceId) return LOG(WINTUN_LOG_ERR, L"Out of memory"), ERROR_OUTOFMEMORY; if (!SetupDiGetDeviceInstanceIdW(DevInfo, DevInfoData, InstanceId, RequiredBytes, &RequiredBytes)) @@ -209,7 +205,7 @@ ForceCloseWintunAdapterHandle(_In_ HDEVINFO DevInfo, _In_ SP_DEVINFO_DATA *DevIn : LOG_LAST_ERROR(L"Failed to perform ioctl"); CloseHandle(NdisHandle); out: - HeapFree(Heap, 0, InstanceId); + HeapFree(ModuleHeap, 0, InstanceId); return Result; } @@ -221,10 +217,9 @@ AdapterDisableAllOurs(_In_ HDEVINFO DevInfo, _Inout_ SP_DEVINFO_DATA_LIST **Disa .StateChange = DICS_DISABLE, .Scope = DICS_FLAG_GLOBAL }; DWORD Result = ERROR_SUCCESS; - HANDLE Heap = GetProcessHeap(); for (DWORD EnumIndex = 0;; ++EnumIndex) { - SP_DEVINFO_DATA_LIST *DeviceNode = HeapAlloc(Heap, 0, sizeof(SP_DEVINFO_DATA_LIST)); + SP_DEVINFO_DATA_LIST *DeviceNode = HeapAlloc(ModuleHeap, 0, sizeof(SP_DEVINFO_DATA_LIST)); if (!DeviceNode) return LOG(WINTUN_LOG_ERR, L"Out of memory"), ERROR_OUTOFMEMORY; DeviceNode->Data.cbSize = sizeof(SP_DEVINFO_DATA); @@ -232,7 +227,7 @@ AdapterDisableAllOurs(_In_ HDEVINFO DevInfo, _Inout_ SP_DEVINFO_DATA_LIST **Disa { if (GetLastError() == ERROR_NO_MORE_ITEMS) { - HeapFree(Heap, 0, DeviceNode); + HeapFree(ModuleHeap, 0, DeviceNode); break; } goto cleanupDeviceInfoData; @@ -265,7 +260,7 @@ AdapterDisableAllOurs(_In_ HDEVINFO DevInfo, _Inout_ SP_DEVINFO_DATA_LIST **Disa continue; cleanupDeviceInfoData: - HeapFree(Heap, 0, &DeviceNode->Data); + HeapFree(ModuleHeap, 0, &DeviceNode->Data); } return Result; } @@ -404,7 +399,7 @@ GetNetCfgInstanceId(_In_ HDEVINFO DevInfo, _In_ SP_DEVINFO_DATA *DevInfoData, _O } else Result = ERROR_SUCCESS; - HeapFree(GetProcessHeap(), 0, ValueStr); + HeapFree(ModuleHeap, 0, ValueStr); cleanupKey: RegCloseKey(Key); return Result; @@ -471,7 +466,6 @@ IsPoolMember( _In_ SP_DEVINFO_DATA *DevInfoData, _Out_ BOOL *IsMember) { - HANDLE Heap = GetProcessHeap(); WCHAR *DeviceDesc, *FriendlyName; DWORD Result = GetDeviceRegistryString(DevInfo, DevInfoData, SPDRP_DEVICEDESC, &DeviceDesc); if (Result != ERROR_SUCCESS) @@ -501,9 +495,9 @@ IsPoolMember( } *IsMember = FALSE; cleanupFriendlyName: - HeapFree(Heap, 0, FriendlyName); + HeapFree(ModuleHeap, 0, FriendlyName); cleanupDeviceDesc: - HeapFree(Heap, 0, DeviceDesc); + HeapFree(ModuleHeap, 0, DeviceDesc); return Result; } @@ -521,8 +515,7 @@ CreateAdapterData( if (Key == INVALID_HANDLE_VALUE) return LOG_LAST_ERROR(L"Opening device registry key failed"); - HANDLE Heap = GetProcessHeap(); - *Adapter = HeapAlloc(Heap, 0, sizeof(WINTUN_ADAPTER)); + *Adapter = HeapAlloc(ModuleHeap, 0, sizeof(WINTUN_ADAPTER)); if (!*Adapter) { LOG(WINTUN_LOG_ERR, L"Out of memory"); @@ -541,11 +534,11 @@ CreateAdapterData( if (FAILED(CLSIDFromString(ValueStr, &(*Adapter)->CfgInstanceID))) { LOG(WINTUN_LOG_ERR, L"NetCfgInstanceId is not a GUID"); - HeapFree(Heap, 0, ValueStr); + HeapFree(ModuleHeap, 0, ValueStr); Result = ERROR_INVALID_DATA; goto cleanupAdapter; } - HeapFree(Heap, 0, ValueStr); + HeapFree(ModuleHeap, 0, ValueStr); /* Read the NetLuidIndex value. */ Result = RegistryQueryDWORD(Key, L"NetLuidIndex", &(*Adapter)->LuidIndex); @@ -576,7 +569,7 @@ CreateAdapterData( cleanupAdapter: if (Result != ERROR_SUCCESS) - HeapFree(Heap, 0, *Adapter); + HeapFree(ModuleHeap, 0, *Adapter); cleanupKey: RegCloseKey(Key); return Result; @@ -597,7 +590,7 @@ GetDeviceRegPath(_In_ const WINTUN_ADAPTER *Adapter, _Out_cap_c_(MAX_REG_PATH) W void WINAPI WintunFreeAdapter(_In_ WINTUN_ADAPTER *Adapter) { - HeapFree(GetProcessHeap(), 0, Adapter); + HeapFree(ModuleHeap, 0, Adapter); } WINTUN_STATUS WINAPI @@ -942,7 +935,7 @@ GetTcpipInterfaceRegPath(_In_ const WINTUN_ADAPTER *Adapter, _Out_cap_c_(MAX_REG } _snwprintf_s(Path, MAX_REG_PATH, _TRUNCATE, L"SYSTEM\\CurrentControlSet\\Services\\%s", Paths); cleanupPaths: - HeapFree(GetProcessHeap(), 0, Paths); + HeapFree(ModuleHeap, 0, Paths); cleanupTcpipAdapterRegKey: RegCloseKey(TcpipAdapterRegKey); return Result; @@ -976,7 +969,6 @@ CreateAdapter( goto cleanupDevInfo; } - HANDLE Heap = GetProcessHeap(); WCHAR PoolDeviceTypeName[MAX_POOL_DEVICE_TYPE]; GetPoolDeviceTypeName(Pool, PoolDeviceTypeName); SP_DEVINFO_DATA DevInfoData = { .cbSize = sizeof(SP_DEVINFO_DATA) }; @@ -1043,10 +1035,10 @@ CreateAdapter( } if (!DriverIsOurDrvInfoDetail(DrvInfoDetailData)) { - HeapFree(Heap, 0, DrvInfoDetailData); + HeapFree(ModuleHeap, 0, DrvInfoDetailData); continue; } - HeapFree(Heap, 0, DrvInfoDetailData); + HeapFree(ModuleHeap, 0, DrvInfoDetailData); if (!SetupDiSetSelectedDriverW(DevInfo, &DevInfoData, &DrvInfoData)) continue; @@ -1131,7 +1123,7 @@ CreateAdapter( LOG(WINTUN_LOG_ERR, L"Failed to query NetCfgInstanceId value"); goto cleanupNetDevRegKey; } - HeapFree(Heap, 0, DummyStr); + HeapFree(ModuleHeap, 0, DummyStr); DWORD DummyDWORD; Result = RegistryQueryDWORDWait(NetDevRegKey, L"NetLuidIndex", WAIT_FOR_REGISTRY_TIMEOUT, &DummyDWORD); if (Result != ERROR_SUCCESS) @@ -1173,7 +1165,7 @@ CreateAdapter( LOG(WINTUN_LOG_ERR, L"Failed to query IpConfig value"); goto cleanupTcpipAdapterRegKey; } - HeapFree(Heap, 0, DummyStr); + HeapFree(ModuleHeap, 0, DummyStr); HKEY TcpipInterfaceRegKey; WCHAR TcpipInterfaceRegPath[MAX_REG_PATH]; @@ -1209,7 +1201,7 @@ cleanupTcpipAdapterRegKey: RegCloseKey(TcpipAdapterRegKey); cleanupAdapter: if (Result != ERROR_SUCCESS) - HeapFree(Heap, 0, *Adapter); + HeapFree(ModuleHeap, 0, *Adapter); cleanupNetDevRegKey: RegCloseKey(NetDevRegKey); cleanupDevice: @@ -1365,9 +1357,8 @@ ExecuteRunDll32( LOG(WINTUN_LOG_ERR, L"Failed to copy resource"); goto cleanupDelete; } - HANDLE Heap = GetProcessHeap(); size_t CommandLineLen = 10 + MAX_PATH + 2 + wcslen(Arguments) + 1; - WCHAR *CommandLine = HeapAlloc(Heap, 0, CommandLineLen * sizeof(WCHAR)); + WCHAR *CommandLine = HeapAlloc(ModuleHeap, 0, CommandLineLen * sizeof(WCHAR)); if (!CommandLine) { LOG(WINTUN_LOG_ERR, L"Out of memory"); @@ -1438,7 +1429,7 @@ cleanupPipes: CloseHandle(StreamW[Stderr]); CloseHandle(StreamR[Stdout]); CloseHandle(StreamW[Stdout]); - HeapFree(Heap, 0, CommandLine); + HeapFree(ModuleHeap, 0, CommandLine); cleanupDelete: DeleteFileW(DllPath); cleanupDirectory: @@ -1651,7 +1642,6 @@ WintunEnumAdapters(_In_z_count_c_(MAX_POOL) const WCHAR *Pool, _In_ WINTUN_ENUM_ Result = LOG_LAST_ERROR(L"Failed to get present class devices"); goto cleanupMutex; } - HANDLE Heap = GetProcessHeap(); BOOL Continue = TRUE; for (DWORD EnumIndex = 0; Continue; ++EnumIndex) { @@ -1685,7 +1675,7 @@ WintunEnumAdapters(_In_z_count_c_(MAX_POOL) const WCHAR *Pool, _In_ WINTUN_ENUM_ break; } Continue = Func(Adapter, Param); - HeapFree(Heap, 0, Adapter); + HeapFree(ModuleHeap, 0, Adapter); } SetupDiDestroyDeviceInfoList(DevInfo); cleanupMutex: diff --git a/api/adapter.h b/api/adapter.h index 7284002..5b9b651 100644 --- a/api/adapter.h +++ b/api/adapter.h @@ -29,7 +29,7 @@ typedef struct _SP_DEVINFO_DATA_LIST * driver for which to retrieve details. * * @param DrvInfoDetailData A pointer to a structure that receives detailed information about the specified driver. - * Must be released with HeapFree(GetProcessHeap(), 0, *DrvInfoDetailData) after use. + * Must be released with HeapFree(ModuleHeap, 0, *DrvInfoDetailData) after use. * * @return ERROR_SUCCESS on success; Win32 error code otherwise. */ diff --git a/api/api.c b/api/api.c index e48e94d..7735a24 100644 --- a/api/api.c +++ b/api/api.c @@ -6,8 +6,9 @@ #include "pch.h" HINSTANCE ResourceModule; +HANDLE ModuleHeap; static SECURITY_ATTRIBUTES SecurityAttributesSystem = { .nLength = sizeof(SECURITY_ATTRIBUTES) }; -SECURITY_ATTRIBUTES *SecurityAttributes = NULL; +SECURITY_ATTRIBUTES *SecurityAttributes; WINTUN_STATUS WINAPI WintunGetVersion( @@ -56,6 +57,7 @@ DllMain(_In_ HINSTANCE hinstDLL, _In_ DWORD fdwReason, _In_ LPVOID lpvReserved) { case DLL_PROCESS_ATTACH: ResourceModule = hinstDLL; + ModuleHeap = HeapCreate(0, 0, 0); #ifndef _DEBUG ConvertStringSecurityDescriptorToSecurityDescriptorW( L"O:SYD:P(A;;GA;;;SY)", SDDL_REVISION_1, &SecurityAttributesSystem.lpSecurityDescriptor, NULL); @@ -73,6 +75,7 @@ DllMain(_In_ HINSTANCE hinstDLL, _In_ DWORD fdwReason, _In_ LPVOID lpvReserved) #ifndef _DEBUG LocalFree(SecurityAttributesSystem.lpSecurityDescriptor); #endif + HeapDestroy(ModuleHeap); break; } return TRUE; diff --git a/api/api.h b/api/api.h index 48cd7d9..10cb6e0 100644 --- a/api/api.h +++ b/api/api.h @@ -15,4 +15,5 @@ #endif extern HINSTANCE ResourceModule; +extern HANDLE ModuleHeap; extern SECURITY_ATTRIBUTES *SecurityAttributes; diff --git a/api/driver.c b/api/driver.c index 0bb2750..3308794 100644 --- a/api/driver.c +++ b/api/driver.c @@ -38,7 +38,6 @@ DriverRemoveAllOurs(void) Result = LOG_LAST_ERROR(L"Failed to build list of drivers"); goto cleanupDeviceInfoSet; } - HANDLE Heap = GetProcessHeap(); for (DWORD EnumIndex = 0;; ++EnumIndex) { SP_DRVINFO_DATA_W DrvInfoData = { .cbSize = sizeof(DrvInfoData) }; @@ -56,7 +55,7 @@ DriverRemoveAllOurs(void) } if (!DriverIsOurDrvInfoDetail(DrvInfoDetailData)) { - HeapFree(Heap, 0, DrvInfoDetailData); + HeapFree(ModuleHeap, 0, DrvInfoDetailData); continue; } PathStripPathW(DrvInfoDetailData->InfFileName); @@ -66,7 +65,7 @@ DriverRemoveAllOurs(void) LOG_LAST_ERROR(L"Unable to remove existing driver"); Result = Result != ERROR_SUCCESS ? Result : GetLastError(); } - HeapFree(Heap, 0, DrvInfoDetailData); + HeapFree(ModuleHeap, 0, DrvInfoDetailData); } SetupDiDestroyDriverInfoList(DevInfo, NULL, SPDIT_CLASSDRIVER); cleanupDeviceInfoSet: diff --git a/api/namespace.c b/api/namespace.c index 5129bdd..8c4d4bc 100644 --- a/api/namespace.c +++ b/api/namespace.c @@ -12,18 +12,17 @@ static BCRYPT_ALG_HANDLE AlgProvider; static WCHAR * NormalizeStringAlloc(_In_ NORM_FORM NormForm, _In_z_ const WCHAR *Source) { - HANDLE Heap = GetProcessHeap(); int Len = NormalizeString(NormForm, Source, -1, NULL, 0); for (;;) { - WCHAR *Str = HeapAlloc(Heap, 0, sizeof(WCHAR) * Len); + WCHAR *Str = HeapAlloc(ModuleHeap, 0, sizeof(WCHAR) * Len); if (!Str) return LOG(WINTUN_LOG_ERR, L"Out of memory"), NULL; Len = NormalizeString(NormForm, Source, -1, Str, Len); if (Len > 0) return Str; DWORD Result = GetLastError(); - HeapFree(Heap, 0, Str); + HeapFree(ModuleHeap, 0, Str); if (Result != ERROR_INSUFFICIENT_BUFFER) return LOG_ERROR(L"Failed", Result), NULL; Len = -Len; @@ -152,7 +151,7 @@ NamespaceTakeMutex(_In_z_ const WCHAR *Pool) CloseHandle(Mutex); Mutex = NULL; cleanupPoolNorm: - HeapFree(GetProcessHeap(), 0, PoolNorm); + HeapFree(ModuleHeap, 0, PoolNorm); cleanupSha256: BCryptDestroyHash(Sha256); return Mutex; diff --git a/api/registry.c b/api/registry.c index f1e2372..3975eef 100644 --- a/api/registry.c +++ b/api/registry.c @@ -73,17 +73,15 @@ RegistryOpenKeyWait( WINTUN_STATUS RegistryGetString(_Inout_ WCHAR **Buf, _In_ DWORD Len, _In_ DWORD ValueType) { - HANDLE Heap = GetProcessHeap(); - if (wcsnlen(*Buf, Len) >= Len) { /* String is missing zero-terminator. */ - WCHAR *BufZ = HeapAlloc(Heap, 0, ((size_t)Len + 1) * sizeof(WCHAR)); + WCHAR *BufZ = HeapAlloc(ModuleHeap, 0, ((size_t)Len + 1) * sizeof(WCHAR)); if (!BufZ) return LOG(WINTUN_LOG_ERR, L"Out of memory"), ERROR_OUTOFMEMORY; wmemcpy(BufZ, *Buf, Len); BufZ[Len] = 0; - HeapFree(Heap, 0, *Buf); + HeapFree(ModuleHeap, 0, *Buf); *Buf = BufZ; } @@ -98,23 +96,23 @@ RegistryGetString(_Inout_ WCHAR **Buf, _In_ DWORD Len, _In_ DWORD ValueType) Len = Len * 2 + 64; for (;;) { - WCHAR *Expanded = HeapAlloc(Heap, 0, Len * sizeof(WCHAR)); + WCHAR *Expanded = HeapAlloc(ModuleHeap, 0, Len * sizeof(WCHAR)); if (!Expanded) return LOG(WINTUN_LOG_ERR, L"Out of memory"), ERROR_OUTOFMEMORY; DWORD Result = ExpandEnvironmentStringsW(*Buf, Expanded, Len); if (!Result) { Result = LOG_LAST_ERROR(L"Failed to expand environment variables"); - HeapFree(Heap, 0, Expanded); + HeapFree(ModuleHeap, 0, Expanded); return Result; } if (Result > Len) { - HeapFree(Heap, 0, Expanded); + HeapFree(ModuleHeap, 0, Expanded); Len = Result; continue; } - HeapFree(Heap, 0, *Buf); + HeapFree(ModuleHeap, 0, *Buf); *Buf = Expanded; return ERROR_SUCCESS; } @@ -123,8 +121,6 @@ RegistryGetString(_Inout_ WCHAR **Buf, _In_ DWORD Len, _In_ DWORD ValueType) WINTUN_STATUS RegistryGetMultiString(_Inout_ WCHAR **Buf, _In_ DWORD Len, _In_ DWORD ValueType) { - HANDLE Heap = GetProcessHeap(); - if (ValueType == REG_MULTI_SZ) { for (size_t i = 0;; i += wcsnlen(*Buf + i, Len - i) + 1) @@ -132,25 +128,25 @@ RegistryGetMultiString(_Inout_ WCHAR **Buf, _In_ DWORD Len, _In_ DWORD ValueType if (i > Len) { /* Missing string and list terminators. */ - WCHAR *BufZ = HeapAlloc(Heap, 0, ((size_t)Len + 2) * sizeof(WCHAR)); + WCHAR *BufZ = HeapAlloc(ModuleHeap, 0, ((size_t)Len + 2) * sizeof(WCHAR)); if (!BufZ) return LOG(WINTUN_LOG_ERR, L"Out of memory"), ERROR_OUTOFMEMORY; wmemcpy(BufZ, *Buf, Len); BufZ[Len] = 0; BufZ[Len + 1] = 0; - HeapFree(Heap, 0, *Buf); + HeapFree(ModuleHeap, 0, *Buf); *Buf = BufZ; return ERROR_SUCCESS; } if (i == Len) { /* Missing list terminator. */ - WCHAR *BufZ = HeapAlloc(Heap, 0, ((size_t)Len + 1) * sizeof(WCHAR)); + WCHAR *BufZ = HeapAlloc(ModuleHeap, 0, ((size_t)Len + 1) * sizeof(WCHAR)); if (!BufZ) return LOG(WINTUN_LOG_ERR, L"Out of memory"), ERROR_OUTOFMEMORY; wmemcpy(BufZ, *Buf, Len); BufZ[Len] = 0; - HeapFree(Heap, 0, *Buf); + HeapFree(ModuleHeap, 0, *Buf); *Buf = BufZ; return ERROR_SUCCESS; } @@ -164,12 +160,12 @@ RegistryGetMultiString(_Inout_ WCHAR **Buf, _In_ DWORD Len, _In_ DWORD ValueType if (Result != ERROR_SUCCESS) return Result; Len = (DWORD)wcslen(*Buf) + 1; - WCHAR *BufZ = HeapAlloc(Heap, 0, ((size_t)Len + 1) * sizeof(WCHAR)); + WCHAR *BufZ = HeapAlloc(ModuleHeap, 0, ((size_t)Len + 1) * sizeof(WCHAR)); if (!BufZ) return LOG(WINTUN_LOG_ERR, L"Out of memory"), ERROR_OUTOFMEMORY; wmemcpy(BufZ, *Buf, Len); BufZ[Len] = 0; - HeapFree(Heap, 0, *Buf); + HeapFree(ModuleHeap, 0, *Buf); *Buf = BufZ; return ERROR_SUCCESS; } @@ -183,16 +179,15 @@ RegistryQuery( _Inout_ DWORD *BufLen, _In_ BOOL Log) { - HANDLE Heap = GetProcessHeap(); for (;;) { - *Buf = HeapAlloc(Heap, 0, *BufLen); + *Buf = HeapAlloc(ModuleHeap, 0, *BufLen); if (!*Buf) return LOG(WINTUN_LOG_ERR, L"Out of memory"), ERROR_OUTOFMEMORY; LSTATUS Result = RegQueryValueExW(Key, Name, NULL, ValueType, (BYTE *)*Buf, BufLen); if (Result == ERROR_SUCCESS) return ERROR_SUCCESS; - HeapFree(Heap, 0, *Buf); + HeapFree(ModuleHeap, 0, *Buf); if (Result != ERROR_MORE_DATA) return Log ? LOG_ERROR(L"Querying value failed", Result) : Result; } @@ -212,11 +207,11 @@ RegistryQueryString(_In_ HKEY Key, _In_opt_z_ const WCHAR *Name, _Out_ WCHAR **V case REG_MULTI_SZ: Result = RegistryGetString(Value, Size / sizeof(WCHAR), ValueType); if (Result != ERROR_SUCCESS) - HeapFree(GetProcessHeap(), 0, *Value); + HeapFree(ModuleHeap, 0, *Value); return Result; default: LOG(WINTUN_LOG_ERR, L"Value is not a string"); - HeapFree(GetProcessHeap(), 0, *Value); + HeapFree(ModuleHeap, 0, *Value); return ERROR_INVALID_DATATYPE; } } diff --git a/api/registry.h b/api/registry.h index 783280a..fb7d742 100644 --- a/api/registry.h +++ b/api/registry.h @@ -38,9 +38,8 @@ RegistryOpenKeyWait( * Validates and/or sanitizes string value read from registry. * * @param Buf On input, it contains a pointer to pointer where the data is stored. The data must be allocated - * using HeapAlloc(GetProcessHeap(), 0). On output, it contains a pointer to pointer where the - * sanitized data is stored. It must be released with HeapFree(GetProcessHeap(), 0, *Buf) after - * use. + * using HeapAlloc(ModuleHeap, 0). On output, it contains a pointer to pointer where the sanitized + * data is stored. It must be released with HeapFree(ModuleHeap, 0, *Buf) after use. * * @param Len Length of data string in wide characters. * @@ -56,9 +55,8 @@ RegistryGetString(_Inout_ WCHAR **Buf, _In_ DWORD Len, _In_ DWORD ValueType); * Validates and/or sanitizes multi-string value read from registry. * * @param Buf On input, it contains a pointer to pointer where the data is stored. The data must be allocated - * using HeapAlloc(GetProcessHeap(), 0). On output, it contains a pointer to pointer where the - * sanitized data is stored. It must be released with HeapFree(GetProcessHeap(), 0, *Buf) after - * use. + * using HeapAlloc(ModuleHeap, 0). On output, it contains a pointer to pointer where the sanitized + * data is stored. It must be released with HeapFree(ModuleHeap, 0, *Buf) after use. * * @param Len Length of data string in wide characters. * @@ -79,7 +77,7 @@ RegistryGetMultiString(_Inout_ WCHAR **Buf, _In_ DWORD Len, _In_ DWORD ValueType * @param Value Pointer to string to retrieve registry value. If the value type is REG_EXPAND_SZ the value is * expanded using ExpandEnvironmentStrings(). If the value type is REG_MULTI_SZ, only the first * string from the multi-string is returned. The string must be released with - * HeapFree(GetProcessHeap(), 0, Value) after use. + * HeapFree(ModuleHeap, 0, Value) after use. * * @Log Set to TRUE to log all failures; FALSE to skip logging the innermost errors. Skipping innermost * errors reduces log clutter when we are using RegistryQueryString() from @@ -103,7 +101,7 @@ RegistryQueryString(_In_ HKEY Key, _In_opt_z_ const WCHAR *Name, _Out_ WCHAR **V * @param Value Pointer to string to retrieve registry value. If the value type is REG_EXPAND_SZ the value is * expanded using ExpandEnvironmentStrings(). If the value type is REG_MULTI_SZ, only the first * string from the multi-string is returned. The string must be released with - * HeapFree(GetProcessHeap(), 0, Value) after use. + * HeapFree(ModuleHeap, 0, Value) after use. * * @return ERROR_SUCCESS on success; WAIT_TIMEOUT on timeout; ERROR_INVALID_DATATYPE when the registry value is not a * string; Win32 error code otherwise. diff --git a/api/session.c b/api/session.c index 5822cb6..f58b69c 100644 --- a/api/session.c +++ b/api/session.c @@ -52,8 +52,7 @@ typedef struct _TUN_SESSION WINTUN_STATUS WINAPI WintunStartSession(_In_ const WINTUN_ADAPTER *Adapter, _In_ DWORD Capacity, _Out_ TUN_SESSION **Session) { - HANDLE Heap = GetProcessHeap(); - *Session = HeapAlloc(Heap, 0, sizeof(TUN_SESSION)); + *Session = HeapAlloc(ModuleHeap, 0, sizeof(TUN_SESSION)); if (!*Session) return LOG(WINTUN_LOG_ERR, L"Out of memory"), ERROR_OUTOFMEMORY; const ULONG RingSize = TUN_RING_SIZE(Capacity); @@ -113,7 +112,7 @@ cleanupSendTailMoved: cleanupAllocatedRegion: VirtualFree(AllocatedRegion, 0, MEM_RELEASE); cleanupRings: - HeapFree(Heap, 0, *Session); + HeapFree(ModuleHeap, 0, *Session); *Session = NULL; return Result; } @@ -126,7 +125,7 @@ WintunEndSession(_In_ TUN_SESSION *Session) CloseHandle(Session->Descriptor.Send.TailMoved); CloseHandle(Session->Descriptor.Receive.TailMoved); VirtualFree(Session->Descriptor.Send.Ring, 0, MEM_RELEASE); - HeapFree(GetProcessHeap(), 0, Session); + HeapFree(ModuleHeap, 0, Session); } BOOL WINAPI -- cgit v1.2.3-59-g8ed1b