1
0
Fork 0
mirror of https://github.com/donnaskiez/ac.git synced 2024-11-21 22:24:08 +01:00
This commit is contained in:
lhodges1 2023-08-19 14:37:53 +10:00
parent 9256c73be8
commit e18f393e51
3 changed files with 6 additions and 13 deletions

View file

@ -52,7 +52,7 @@ NTSTATUS DeviceControl(
/* return early as IRP completion was handled inside the function */ /* return early as IRP completion was handled inside the function */
ZwClose( handle ); ZwClose( handle );
return status; break;
default: default:
DEBUG_ERROR( "Invalid IOCTL passed to driver" ); DEBUG_ERROR( "Invalid IOCTL passed to driver" );

View file

@ -329,13 +329,6 @@ NTSTATUS HandleValidateDriversIOCTL(
else else
{ {
DEBUG_LOG( "No INVALID drivers found :)" ); DEBUG_LOG( "No INVALID drivers found :)" );
Irp->IoStatus.Information = sizeof( MODULE_VALIDATION_FAILURE_HEADER );
RtlCopyMemory(
Irp->AssociatedIrp.SystemBuffer,
&header,
sizeof( MODULE_VALIDATION_FAILURE_HEADER ) );
} }
ExFreePoolWithTag( head, INVALID_DRIVER_LIST_HEAD_POOL ); ExFreePoolWithTag( head, INVALID_DRIVER_LIST_HEAD_POOL );

View file

@ -56,7 +56,7 @@ void kernelmode::Driver::RunNmiCallbacks()
void kernelmode::Driver::VerifySystemModules() void kernelmode::Driver::VerifySystemModules()
{ {
BOOLEAN status; BOOLEAN status;
DWORD bytes_returned; DWORD bytes_returned = 0;
PVOID buffer; PVOID buffer;
SIZE_T buffer_size; SIZE_T buffer_size;
SIZE_T header_size; SIZE_T header_size;
@ -97,20 +97,20 @@ void kernelmode::Driver::VerifySystemModules()
return; return;
} }
memcpy( &header, buffer, sizeof( header_size )); if ( bytes_returned == NULL )
if ( header.module_count == 0 )
{ {
LOG_INFO( "All modules valid :)" ); LOG_INFO( "All modules valid :)" );
free( buffer ); free( buffer );
return; return;
} }
/* /*
* We are splitting up each packet here and passing them on one by one since * We are splitting up each packet here and passing them on one by one since
* if I am being honest it is just easier in c++ and that way the process * if I am being honest it is just easier in c++ and that way the process
* is streamlined just like all other report packets. * is streamlined just like all other report packets.
*/ */
memcpy( &header, buffer, sizeof( header_size ) );
UINT64 base = ( UINT64 )buffer + sizeof( header_size ); UINT64 base = ( UINT64 )buffer + sizeof( header_size );
for ( int i = 0; i < header.module_count; i++ ) for ( int i = 0; i < header.module_count; i++ )