diff --git a/.gitignore b/.gitignore index 290adb6b..55897fd4 100644 --- a/.gitignore +++ b/.gitignore @@ -6,18 +6,25 @@ # IDE folders .vscode/* **/.vs/* -Debug/* +**/Debug/* +**/Release/* +**/bin/* +**/obj/* +# Build directories +**/build/* +# Temporary files +**/temp/* -src/drivers/test/**/driver/Debug/* -src/drivers/test/**/driver/x64/* -src/drivers/test/**/x64/* -src/drivers/test/**/Debug/* -src/drivers/test/TestDB/* -src/drivers/test/working/* -src/drivers/test/AnalysisFiles/* -AnalysisFiles/* -TestDB/* -working/* +**/src/drivers/test/**/driver/Debug/* +**/src/drivers/test/**/driver/x64/* +**/src/drivers/test/**/x64/* +**/src/drivers/test/**/Debug/* +**/src/drivers/test/TestDB/* +**/src/drivers/test/working/* +**/src/drivers/test/AnalysisFiles/* +**/AnalysisFiles/* +**/TestDB/* +**/working/* #excel files **/*.xlsx diff --git a/src/drivers/test/diff/IrqlNotSaved.sarif b/src/drivers/test/diff/IrqlNotSaved.sarif deleted file mode 100644 index 8d5a80f9..00000000 --- a/src/drivers/test/diff/IrqlNotSaved.sarif +++ /dev/null @@ -1,21 +0,0 @@ -{ - "all": { - "+": 0, - "-": 0 - }, - "error": { - "+": 0, - "-": 0, - "codes": [] - }, - "warning": { - "+": 0, - "-": 0, - "codes": [] - }, - "note": { - "+": 0, - "-": 0, - "codes": [] - } -} \ No newline at end of file diff --git a/src/drivers/test/diff/IrqlNotUsed.sarif b/src/drivers/test/diff/IrqlNotUsed.sarif deleted file mode 100644 index 8d5a80f9..00000000 --- a/src/drivers/test/diff/IrqlNotUsed.sarif +++ /dev/null @@ -1,21 +0,0 @@ -{ - "all": { - "+": 0, - "-": 0 - }, - "error": { - "+": 0, - "-": 0, - "codes": [] - }, - "warning": { - "+": 0, - "-": 0, - "codes": [] - }, - "note": { - "+": 0, - "-": 0, - "codes": [] - } -} \ No newline at end of file diff --git a/src/drivers/test/diff/IrqlSetTooHigh.sarif b/src/drivers/test/diff/IrqlSetTooHigh.sarif deleted file mode 100644 index 8d5a80f9..00000000 --- a/src/drivers/test/diff/IrqlSetTooHigh.sarif +++ /dev/null @@ -1,21 +0,0 @@ -{ - "all": { - "+": 0, - "-": 0 - }, - "error": { - "+": 0, - "-": 0, - "codes": [] - }, - "warning": { - "+": 0, - "-": 0, - "codes": [] - }, - "note": { - "+": 0, - "-": 0, - "codes": [] - } -} \ No newline at end of file diff --git a/src/drivers/test/diff/IrqlTooHigh.sarif b/src/drivers/test/diff/IrqlTooHigh.sarif deleted file mode 100644 index 8d5a80f9..00000000 --- a/src/drivers/test/diff/IrqlTooHigh.sarif +++ /dev/null @@ -1,21 +0,0 @@ -{ - "all": { - "+": 0, - "-": 0 - }, - "error": { - "+": 0, - "-": 0, - "codes": [] - }, - "warning": { - "+": 0, - "-": 0, - "codes": [] - }, - "note": { - "+": 0, - "-": 0, - "codes": [] - } -} \ No newline at end of file diff --git a/src/drivers/test/diff/IrqlTooLow.sarif b/src/drivers/test/diff/IrqlTooLow.sarif deleted file mode 100644 index 8d5a80f9..00000000 --- a/src/drivers/test/diff/IrqlTooLow.sarif +++ /dev/null @@ -1,21 +0,0 @@ -{ - "all": { - "+": 0, - "-": 0 - }, - "error": { - "+": 0, - "-": 0, - "codes": [] - }, - "warning": { - "+": 0, - "-": 0, - "codes": [] - }, - "note": { - "+": 0, - "-": 0, - "codes": [] - } -} \ No newline at end of file diff --git a/src/drivers/test/diff/KeWaitLocal.sarif b/src/drivers/test/diff/KeWaitLocal.sarif deleted file mode 100644 index 8d5a80f9..00000000 --- a/src/drivers/test/diff/KeWaitLocal.sarif +++ /dev/null @@ -1,21 +0,0 @@ -{ - "all": { - "+": 0, - "-": 0 - }, - "error": { - "+": 0, - "-": 0, - "codes": [] - }, - "warning": { - "+": 0, - "-": 0, - "codes": [] - }, - "note": { - "+": 0, - "-": 0, - "codes": [] - } -} \ No newline at end of file diff --git a/src/drivers/test/diff/MultiplePagedCode.sarif b/src/drivers/test/diff/MultiplePagedCode.sarif deleted file mode 100644 index 8d5a80f9..00000000 --- a/src/drivers/test/diff/MultiplePagedCode.sarif +++ /dev/null @@ -1,21 +0,0 @@ -{ - "all": { - "+": 0, - "-": 0 - }, - "error": { - "+": 0, - "-": 0, - "codes": [] - }, - "warning": { - "+": 0, - "-": 0, - "codes": [] - }, - "note": { - "+": 0, - "-": 0, - "codes": [] - } -} \ No newline at end of file diff --git a/src/drivers/test/diff/NoPagedCode.sarif b/src/drivers/test/diff/NoPagedCode.sarif deleted file mode 100644 index 8d5a80f9..00000000 --- a/src/drivers/test/diff/NoPagedCode.sarif +++ /dev/null @@ -1,21 +0,0 @@ -{ - "all": { - "+": 0, - "-": 0 - }, - "error": { - "+": 0, - "-": 0, - "codes": [] - }, - "warning": { - "+": 0, - "-": 0, - "codes": [] - }, - "note": { - "+": 0, - "-": 0, - "codes": [] - } -} \ No newline at end of file diff --git a/src/drivers/test/diff/NoPagingSegment.sarif b/src/drivers/test/diff/NoPagingSegment.sarif deleted file mode 100644 index 8d5a80f9..00000000 --- a/src/drivers/test/diff/NoPagingSegment.sarif +++ /dev/null @@ -1,21 +0,0 @@ -{ - "all": { - "+": 0, - "-": 0 - }, - "error": { - "+": 0, - "-": 0, - "codes": [] - }, - "warning": { - "+": 0, - "-": 0, - "codes": [] - }, - "note": { - "+": 0, - "-": 0, - "codes": [] - } -} \ No newline at end of file diff --git a/src/codeql-pack.lock.yml b/src/qlpack/src/codeql-pack.lock.yml similarity index 100% rename from src/codeql-pack.lock.yml rename to src/qlpack/src/codeql-pack.lock.yml diff --git a/src/drivers/apps/queries/experimental/UnsafeCallInGlobalInit/UnsafeCallInGlobalInit.qhelp b/src/qlpack/src/drivers/apps/queries/experimental/UnsafeCallInGlobalInit/UnsafeCallInGlobalInit.qhelp similarity index 100% rename from src/drivers/apps/queries/experimental/UnsafeCallInGlobalInit/UnsafeCallInGlobalInit.qhelp rename to src/qlpack/src/drivers/apps/queries/experimental/UnsafeCallInGlobalInit/UnsafeCallInGlobalInit.qhelp diff --git a/src/drivers/apps/queries/experimental/UnsafeCallInGlobalInit/UnsafeCallInGlobalInit.ql b/src/qlpack/src/drivers/apps/queries/experimental/UnsafeCallInGlobalInit/UnsafeCallInGlobalInit.ql similarity index 100% rename from src/drivers/apps/queries/experimental/UnsafeCallInGlobalInit/UnsafeCallInGlobalInit.ql rename to src/qlpack/src/drivers/apps/queries/experimental/UnsafeCallInGlobalInit/UnsafeCallInGlobalInit.ql diff --git a/src/drivers/apps/queries/experimental/UnsafeCallInGlobalInit/UnsafeCallInGlobalInit.sarif b/src/qlpack/src/drivers/apps/queries/experimental/UnsafeCallInGlobalInit/UnsafeCallInGlobalInit.sarif similarity index 100% rename from src/drivers/apps/queries/experimental/UnsafeCallInGlobalInit/UnsafeCallInGlobalInit.sarif rename to src/qlpack/src/drivers/apps/queries/experimental/UnsafeCallInGlobalInit/UnsafeCallInGlobalInit.sarif diff --git a/src/drivers/apps/queries/experimental/UnsafeCallInGlobalInit/driver_snippet.c b/src/qlpack/src/drivers/apps/queries/experimental/UnsafeCallInGlobalInit/driver_snippet.c similarity index 100% rename from src/drivers/apps/queries/experimental/UnsafeCallInGlobalInit/driver_snippet.c rename to src/qlpack/src/drivers/apps/queries/experimental/UnsafeCallInGlobalInit/driver_snippet.c diff --git a/src/drivers/general/DriverAlertSuppression.ql b/src/qlpack/src/drivers/general/DriverAlertSuppression.ql similarity index 100% rename from src/drivers/general/DriverAlertSuppression.ql rename to src/qlpack/src/drivers/general/DriverAlertSuppression.ql diff --git a/src/drivers/general/queries/AnnotationSyntax/AnnotationSyntax.qhelp b/src/qlpack/src/drivers/general/queries/AnnotationSyntax/AnnotationSyntax.qhelp similarity index 100% rename from src/drivers/general/queries/AnnotationSyntax/AnnotationSyntax.qhelp rename to src/qlpack/src/drivers/general/queries/AnnotationSyntax/AnnotationSyntax.qhelp diff --git a/src/drivers/general/queries/AnnotationSyntax/AnnotationSyntax.ql b/src/qlpack/src/drivers/general/queries/AnnotationSyntax/AnnotationSyntax.ql similarity index 100% rename from src/drivers/general/queries/AnnotationSyntax/AnnotationSyntax.ql rename to src/qlpack/src/drivers/general/queries/AnnotationSyntax/AnnotationSyntax.ql diff --git a/src/drivers/general/queries/AnnotationSyntax/AnnotationSyntax.sarif b/src/qlpack/src/drivers/general/queries/AnnotationSyntax/AnnotationSyntax.sarif similarity index 100% rename from src/drivers/general/queries/AnnotationSyntax/AnnotationSyntax.sarif rename to src/qlpack/src/drivers/general/queries/AnnotationSyntax/AnnotationSyntax.sarif diff --git a/src/drivers/general/queries/AnnotationSyntax/driver_snippet.c b/src/qlpack/src/drivers/general/queries/AnnotationSyntax/driver_snippet.c similarity index 100% rename from src/drivers/general/queries/AnnotationSyntax/driver_snippet.c rename to src/qlpack/src/drivers/general/queries/AnnotationSyntax/driver_snippet.c diff --git a/src/drivers/general/queries/CurrentFunctionTypeNotCorrect/CurrentFunctionTypeNotCorrect.qhelp b/src/qlpack/src/drivers/general/queries/CurrentFunctionTypeNotCorrect/CurrentFunctionTypeNotCorrect.qhelp similarity index 100% rename from src/drivers/general/queries/CurrentFunctionTypeNotCorrect/CurrentFunctionTypeNotCorrect.qhelp rename to src/qlpack/src/drivers/general/queries/CurrentFunctionTypeNotCorrect/CurrentFunctionTypeNotCorrect.qhelp diff --git a/src/drivers/general/queries/CurrentFunctionTypeNotCorrect/CurrentFunctionTypeNotCorrect.ql b/src/qlpack/src/drivers/general/queries/CurrentFunctionTypeNotCorrect/CurrentFunctionTypeNotCorrect.ql similarity index 100% rename from src/drivers/general/queries/CurrentFunctionTypeNotCorrect/CurrentFunctionTypeNotCorrect.ql rename to src/qlpack/src/drivers/general/queries/CurrentFunctionTypeNotCorrect/CurrentFunctionTypeNotCorrect.ql diff --git a/src/drivers/general/queries/CurrentFunctionTypeNotCorrect/CurrentFunctionTypeNotCorrect.sarif b/src/qlpack/src/drivers/general/queries/CurrentFunctionTypeNotCorrect/CurrentFunctionTypeNotCorrect.sarif similarity index 100% rename from src/drivers/general/queries/CurrentFunctionTypeNotCorrect/CurrentFunctionTypeNotCorrect.sarif rename to src/qlpack/src/drivers/general/queries/CurrentFunctionTypeNotCorrect/CurrentFunctionTypeNotCorrect.sarif diff --git a/src/drivers/general/queries/CurrentFunctionTypeNotCorrect/driver_snippet.c b/src/qlpack/src/drivers/general/queries/CurrentFunctionTypeNotCorrect/driver_snippet.c similarity index 100% rename from src/drivers/general/queries/CurrentFunctionTypeNotCorrect/driver_snippet.c rename to src/qlpack/src/drivers/general/queries/CurrentFunctionTypeNotCorrect/driver_snippet.c diff --git a/src/drivers/general/queries/DefaultPoolTag/DefaultPoolTag.qhelp b/src/qlpack/src/drivers/general/queries/DefaultPoolTag/DefaultPoolTag.qhelp similarity index 100% rename from src/drivers/general/queries/DefaultPoolTag/DefaultPoolTag.qhelp rename to src/qlpack/src/drivers/general/queries/DefaultPoolTag/DefaultPoolTag.qhelp diff --git a/src/drivers/general/queries/DefaultPoolTag/DefaultPoolTag.ql b/src/qlpack/src/drivers/general/queries/DefaultPoolTag/DefaultPoolTag.ql similarity index 100% rename from src/drivers/general/queries/DefaultPoolTag/DefaultPoolTag.ql rename to src/qlpack/src/drivers/general/queries/DefaultPoolTag/DefaultPoolTag.ql diff --git a/src/drivers/general/queries/DefaultPoolTag/DefaultPoolTag.sarif b/src/qlpack/src/drivers/general/queries/DefaultPoolTag/DefaultPoolTag.sarif similarity index 100% rename from src/drivers/general/queries/DefaultPoolTag/DefaultPoolTag.sarif rename to src/qlpack/src/drivers/general/queries/DefaultPoolTag/DefaultPoolTag.sarif diff --git a/src/drivers/general/queries/DefaultPoolTag/driver_snippet.c b/src/qlpack/src/drivers/general/queries/DefaultPoolTag/driver_snippet.c similarity index 100% rename from src/drivers/general/queries/DefaultPoolTag/driver_snippet.c rename to src/qlpack/src/drivers/general/queries/DefaultPoolTag/driver_snippet.c diff --git a/src/drivers/general/queries/DriverEntrySaveBuffer/DriverEntrySaveBuffer.qhelp b/src/qlpack/src/drivers/general/queries/DriverEntrySaveBuffer/DriverEntrySaveBuffer.qhelp similarity index 100% rename from src/drivers/general/queries/DriverEntrySaveBuffer/DriverEntrySaveBuffer.qhelp rename to src/qlpack/src/drivers/general/queries/DriverEntrySaveBuffer/DriverEntrySaveBuffer.qhelp diff --git a/src/drivers/general/queries/DriverEntrySaveBuffer/DriverEntrySaveBuffer.ql b/src/qlpack/src/drivers/general/queries/DriverEntrySaveBuffer/DriverEntrySaveBuffer.ql similarity index 100% rename from src/drivers/general/queries/DriverEntrySaveBuffer/DriverEntrySaveBuffer.ql rename to src/qlpack/src/drivers/general/queries/DriverEntrySaveBuffer/DriverEntrySaveBuffer.ql diff --git a/src/drivers/general/queries/DriverEntrySaveBuffer/DriverEntrySaveBuffer.sarif b/src/qlpack/src/drivers/general/queries/DriverEntrySaveBuffer/DriverEntrySaveBuffer.sarif similarity index 100% rename from src/drivers/general/queries/DriverEntrySaveBuffer/DriverEntrySaveBuffer.sarif rename to src/qlpack/src/drivers/general/queries/DriverEntrySaveBuffer/DriverEntrySaveBuffer.sarif diff --git a/src/drivers/general/queries/DriverEntrySaveBuffer/driver_snippet.c b/src/qlpack/src/drivers/general/queries/DriverEntrySaveBuffer/driver_snippet.c similarity index 100% rename from src/drivers/general/queries/DriverEntrySaveBuffer/driver_snippet.c rename to src/qlpack/src/drivers/general/queries/DriverEntrySaveBuffer/driver_snippet.c diff --git a/src/drivers/general/queries/ExaminedValue/ExaminedValue.qhelp b/src/qlpack/src/drivers/general/queries/ExaminedValue/ExaminedValue.qhelp similarity index 100% rename from src/drivers/general/queries/ExaminedValue/ExaminedValue.qhelp rename to src/qlpack/src/drivers/general/queries/ExaminedValue/ExaminedValue.qhelp diff --git a/src/drivers/general/queries/ExaminedValue/ExaminedValue.ql b/src/qlpack/src/drivers/general/queries/ExaminedValue/ExaminedValue.ql similarity index 100% rename from src/drivers/general/queries/ExaminedValue/ExaminedValue.ql rename to src/qlpack/src/drivers/general/queries/ExaminedValue/ExaminedValue.ql diff --git a/src/drivers/general/queries/ExaminedValue/ExaminedValue.sarif b/src/qlpack/src/drivers/general/queries/ExaminedValue/ExaminedValue.sarif similarity index 100% rename from src/drivers/general/queries/ExaminedValue/ExaminedValue.sarif rename to src/qlpack/src/drivers/general/queries/ExaminedValue/ExaminedValue.sarif diff --git a/src/drivers/general/queries/ExaminedValue/driver_snippet.c b/src/qlpack/src/drivers/general/queries/ExaminedValue/driver_snippet.c similarity index 100% rename from src/drivers/general/queries/ExaminedValue/driver_snippet.c rename to src/qlpack/src/drivers/general/queries/ExaminedValue/driver_snippet.c diff --git a/src/drivers/general/queries/ExtendedDeprecatedApis/ExtendedDeprecatedApis.qhelp b/src/qlpack/src/drivers/general/queries/ExtendedDeprecatedApis/ExtendedDeprecatedApis.qhelp similarity index 100% rename from src/drivers/general/queries/ExtendedDeprecatedApis/ExtendedDeprecatedApis.qhelp rename to src/qlpack/src/drivers/general/queries/ExtendedDeprecatedApis/ExtendedDeprecatedApis.qhelp diff --git a/src/drivers/general/queries/ExtendedDeprecatedApis/ExtendedDeprecatedApis.ql b/src/qlpack/src/drivers/general/queries/ExtendedDeprecatedApis/ExtendedDeprecatedApis.ql similarity index 100% rename from src/drivers/general/queries/ExtendedDeprecatedApis/ExtendedDeprecatedApis.ql rename to src/qlpack/src/drivers/general/queries/ExtendedDeprecatedApis/ExtendedDeprecatedApis.ql diff --git a/src/drivers/general/queries/ExtendedDeprecatedApis/ExtendedDeprecatedApis.sarif b/src/qlpack/src/drivers/general/queries/ExtendedDeprecatedApis/ExtendedDeprecatedApis.sarif similarity index 97% rename from src/drivers/general/queries/ExtendedDeprecatedApis/ExtendedDeprecatedApis.sarif rename to src/qlpack/src/drivers/general/queries/ExtendedDeprecatedApis/ExtendedDeprecatedApis.sarif index 295c092c..7ea7bf55 100644 --- a/src/drivers/general/queries/ExtendedDeprecatedApis/ExtendedDeprecatedApis.sarif +++ b/src/qlpack/src/drivers/general/queries/ExtendedDeprecatedApis/ExtendedDeprecatedApis.sarif @@ -1,450 +1,450 @@ -{ - "$schema" : "https://json.schemastore.org/sarif-2.1.0.json", - "version" : "2.1.0", - "runs" : [ { - "tool" : { - "driver" : { - "name" : "CodeQL", - "organization" : "GitHub", - "semanticVersion" : "2.11.5", - "rules" : [ { - "id" : "cpp/drivers/extended-deprecated-apis", - "name" : "cpp/drivers/extended-deprecated-apis", - "shortDescription" : { - "text" : "Use of deprecated function or macro (C28719, C28726, C28735, C28750)" - }, - "fullDescription" : { - "text" : "Use of deprecated APIs causes correctness or safety issues. This is a port of Code Analysis checks C28719, C28726, and C28750." - }, - "defaultConfiguration" : { - "enabled" : true, - "level" : "warning" - }, - "properties" : { - "tags" : [ "correctness", "security" ], - "description" : "Use of deprecated APIs causes correctness or safety issues. This is a port of Code Analysis checks C28719, C28726, and C28750.", - "feature.area" : "Multiple", - "id" : "cpp/drivers/extended-deprecated-apis", - "impact" : "Attack Surface Reduction", - "kind" : "problem", - "name" : "Use of deprecated function or macro (C28719, C28726, C28735, C28750)", - "opaqueid" : "CQLD-C28719", - "owner.email:" : "sdat@microsoft.com", - "platform" : "Desktop", - "precision" : "high", - "problem.severity" : "warning", - "query-version" : "v1", - "repro.text" : "The following code locations contain calls to an unsafe, deprecated function or macro.", - "scope" : "generic", - "security.severity" : "Low" - } - } ] - }, - "extensions" : [ { - "name" : "microsoft/windows-drivers", - "semanticVersion" : "0.1.0+933e876f096a70922173e4d5ad604d99d4481af4", - "locations" : [ { - "uri" : "file:///C:/codeql-home/Windows-Driver-Developer-Supplemental-Tools/src/", - "description" : { - "text" : "The QL pack root directory." - } - }, { - "uri" : "file:///C:/codeql-home/Windows-Driver-Developer-Supplemental-Tools/src/qlpack.yml", - "description" : { - "text" : "The QL pack definition file." - } - } ] - }, { - "name" : "legacy-upgrades", - "semanticVersion" : "0.0.0", - "locations" : [ { - "uri" : "file:///C:/codeql-home/codeql/legacy-upgrades/", - "description" : { - "text" : "The QL pack root directory." - } - }, { - "uri" : "file:///C:/codeql-home/codeql/legacy-upgrades/qlpack.yml", - "description" : { - "text" : "The QL pack definition file." - } - } ] - } ] - }, - "artifacts" : [ { - "location" : { - "uri" : "driver/driver_snippet.c", - "uriBaseId" : "%SRCROOT%", - "index" : 0 - } - } ], - "results" : [ { - "ruleId" : "cpp/drivers/extended-deprecated-apis", - "ruleIndex" : 0, - "rule" : { - "id" : "cpp/drivers/extended-deprecated-apis", - "index" : 0 - }, - "message" : { - "text" : "strcpy is insecure and has been marked deprecated. Replace it with one of the following safe replacements: strcpy_s, StringCbCopy, StringCbCopyEx, StringCchCopy, StringCchCopyEx, strlcpy." - }, - "locations" : [ { - "physicalLocation" : { - "artifactLocation" : { - "uri" : "driver/driver_snippet.c", - "uriBaseId" : "%SRCROOT%", - "index" : 0 - }, - "region" : { - "startLine" : 37, - "startColumn" : 5, - "endColumn" : 11 - } - } - } ], - "partialFingerprints" : { - "primaryLocationLineHash" : "82e29691df499d5d:1", - "primaryLocationStartColumnFingerprint" : "0" - } - }, { - "ruleId" : "cpp/drivers/extended-deprecated-apis", - "ruleIndex" : 0, - "rule" : { - "id" : "cpp/drivers/extended-deprecated-apis", - "index" : 0 - }, - "message" : { - "text" : "strcpy is insecure and has been marked deprecated. Replace it with one of the following safe replacements: strcpy_s, StringCbCopy, StringCbCopyEx, StringCchCopy, StringCchCopyEx, strlcpy." - }, - "locations" : [ { - "physicalLocation" : { - "artifactLocation" : { - "uri" : "driver/driver_snippet.c", - "uriBaseId" : "%SRCROOT%", - "index" : 0 - }, - "region" : { - "startLine" : 40, - "startColumn" : 5, - "endColumn" : 11 - } - } - } ], - "partialFingerprints" : { - "primaryLocationLineHash" : "a0f4009610bac07b:1", - "primaryLocationStartColumnFingerprint" : "0" - } - }, { - "ruleId" : "cpp/drivers/extended-deprecated-apis", - "ruleIndex" : 0, - "rule" : { - "id" : "cpp/drivers/extended-deprecated-apis", - "index" : 0 - }, - "message" : { - "text" : "strcpy is insecure and has been marked deprecated. Replace it with one of the following safe replacements: strcpy_s, StringCbCopy, StringCbCopyEx, StringCchCopy, StringCchCopyEx, strlcpy." - }, - "locations" : [ { - "physicalLocation" : { - "artifactLocation" : { - "uri" : "driver/driver_snippet.c", - "uriBaseId" : "%SRCROOT%", - "index" : 0 - }, - "region" : { - "startLine" : 43, - "startColumn" : 5, - "endColumn" : 11 - } - } - } ], - "partialFingerprints" : { - "primaryLocationLineHash" : "969c85f34783b0c9:1", - "primaryLocationStartColumnFingerprint" : "0" - } - }, { - "ruleId" : "cpp/drivers/extended-deprecated-apis", - "ruleIndex" : 0, - "rule" : { - "id" : "cpp/drivers/extended-deprecated-apis", - "index" : 0 - }, - "message" : { - "text" : "strcpy is insecure and has been marked deprecated. Replace it with one of the following safe replacements: strcpy_s, StringCbCopy, StringCbCopyEx, StringCchCopy, StringCchCopyEx, strlcpy." - }, - "locations" : [ { - "physicalLocation" : { - "artifactLocation" : { - "uri" : "driver/driver_snippet.c", - "uriBaseId" : "%SRCROOT%", - "index" : 0 - }, - "region" : { - "startLine" : 46, - "startColumn" : 5, - "endColumn" : 11 - } - } - } ], - "partialFingerprints" : { - "primaryLocationLineHash" : "35b38347e72e53ee:1", - "primaryLocationStartColumnFingerprint" : "0" - } - }, { - "ruleId" : "cpp/drivers/extended-deprecated-apis", - "ruleIndex" : 0, - "rule" : { - "id" : "cpp/drivers/extended-deprecated-apis", - "index" : 0 - }, - "message" : { - "text" : "strcpy is insecure and has been marked deprecated. Replace it with one of the following safe replacements: strcpy_s, StringCbCopy, StringCbCopyEx, StringCchCopy, StringCchCopyEx, strlcpy." - }, - "locations" : [ { - "physicalLocation" : { - "artifactLocation" : { - "uri" : "driver/driver_snippet.c", - "uriBaseId" : "%SRCROOT%", - "index" : 0 - }, - "region" : { - "startLine" : 49, - "startColumn" : 5, - "endColumn" : 11 - } - } - } ], - "partialFingerprints" : { - "primaryLocationLineHash" : "457c58a531c32719:1", - "primaryLocationStartColumnFingerprint" : "0" - } - }, { - "ruleId" : "cpp/drivers/extended-deprecated-apis", - "ruleIndex" : 0, - "rule" : { - "id" : "cpp/drivers/extended-deprecated-apis", - "index" : 0 - }, - "message" : { - "text" : "strcpy is insecure and has been marked deprecated. Replace it with one of the following safe replacements: strcpy_s, StringCbCopy, StringCbCopyEx, StringCchCopy, StringCchCopyEx, strlcpy." - }, - "locations" : [ { - "physicalLocation" : { - "artifactLocation" : { - "uri" : "driver/driver_snippet.c", - "uriBaseId" : "%SRCROOT%", - "index" : 0 - }, - "region" : { - "startLine" : 53, - "startColumn" : 5, - "endColumn" : 11 - } - } - } ], - "partialFingerprints" : { - "primaryLocationLineHash" : "23936499fc6ec6db:1", - "primaryLocationStartColumnFingerprint" : "0" - } - }, { - "ruleId" : "cpp/drivers/extended-deprecated-apis", - "ruleIndex" : 0, - "rule" : { - "id" : "cpp/drivers/extended-deprecated-apis", - "index" : 0 - }, - "message" : { - "text" : "strcpy is insecure and has been marked deprecated. Replace it with one of the following safe replacements: strcpy_s, StringCbCopy, StringCbCopyEx, StringCchCopy, StringCchCopyEx, strlcpy." - }, - "locations" : [ { - "physicalLocation" : { - "artifactLocation" : { - "uri" : "driver/driver_snippet.c", - "uriBaseId" : "%SRCROOT%", - "index" : 0 - }, - "region" : { - "startLine" : 57, - "startColumn" : 5, - "endColumn" : 11 - } - } - } ], - "partialFingerprints" : { - "primaryLocationLineHash" : "b8199b93e64f724c:1", - "primaryLocationStartColumnFingerprint" : "0" - } - }, { - "ruleId" : "cpp/drivers/extended-deprecated-apis", - "ruleIndex" : 0, - "rule" : { - "id" : "cpp/drivers/extended-deprecated-apis", - "index" : 0 - }, - "message" : { - "text" : "strcpy is insecure and has been marked deprecated. Replace it with one of the following safe replacements: strcpy_s, StringCbCopy, StringCbCopyEx, StringCchCopy, StringCchCopyEx, strlcpy." - }, - "locations" : [ { - "physicalLocation" : { - "artifactLocation" : { - "uri" : "driver/driver_snippet.c", - "uriBaseId" : "%SRCROOT%", - "index" : 0 - }, - "region" : { - "startLine" : 60, - "startColumn" : 5, - "endColumn" : 11 - } - } - } ], - "partialFingerprints" : { - "primaryLocationLineHash" : "67adf17cf52f9cb0:1", - "primaryLocationStartColumnFingerprint" : "0" - } - }, { - "ruleId" : "cpp/drivers/extended-deprecated-apis", - "ruleIndex" : 0, - "rule" : { - "id" : "cpp/drivers/extended-deprecated-apis", - "index" : 0 - }, - "message" : { - "text" : "strcpy is insecure and has been marked deprecated. Replace it with one of the following safe replacements: strcpy_s, StringCbCopy, StringCbCopyEx, StringCchCopy, StringCchCopyEx, strlcpy." - }, - "locations" : [ { - "physicalLocation" : { - "artifactLocation" : { - "uri" : "driver/driver_snippet.c", - "uriBaseId" : "%SRCROOT%", - "index" : 0 - }, - "region" : { - "startLine" : 63, - "startColumn" : 5, - "endColumn" : 11 - } - } - } ], - "partialFingerprints" : { - "primaryLocationLineHash" : "37878d516b970fae:1", - "primaryLocationStartColumnFingerprint" : "0" - } - }, { - "ruleId" : "cpp/drivers/extended-deprecated-apis", - "ruleIndex" : 0, - "rule" : { - "id" : "cpp/drivers/extended-deprecated-apis", - "index" : 0 - }, - "message" : { - "text" : "strcpy is insecure and has been marked deprecated. Replace it with one of the following safe replacements: strcpy_s, StringCbCopy, StringCbCopyEx, StringCchCopy, StringCchCopyEx, strlcpy." - }, - "locations" : [ { - "physicalLocation" : { - "artifactLocation" : { - "uri" : "driver/driver_snippet.c", - "uriBaseId" : "%SRCROOT%", - "index" : 0 - }, - "region" : { - "startLine" : 66, - "startColumn" : 5, - "endColumn" : 11 - } - } - } ], - "partialFingerprints" : { - "primaryLocationLineHash" : "d24a502aa610bd2e:1", - "primaryLocationStartColumnFingerprint" : "0" - } - }, { - "ruleId" : "cpp/drivers/extended-deprecated-apis", - "ruleIndex" : 0, - "rule" : { - "id" : "cpp/drivers/extended-deprecated-apis", - "index" : 0 - }, - "message" : { - "text" : "strcpy is insecure and has been marked deprecated. Replace it with one of the following safe replacements: strcpy_s, StringCbCopy, StringCbCopyEx, StringCchCopy, StringCchCopyEx, strlcpy." - }, - "locations" : [ { - "physicalLocation" : { - "artifactLocation" : { - "uri" : "driver/driver_snippet.c", - "uriBaseId" : "%SRCROOT%", - "index" : 0 - }, - "region" : { - "startLine" : 69, - "startColumn" : 5, - "endColumn" : 11 - } - } - } ], - "partialFingerprints" : { - "primaryLocationLineHash" : "6a27d42186f1df7d:1", - "primaryLocationStartColumnFingerprint" : "0" - } - }, { - "ruleId" : "cpp/drivers/extended-deprecated-apis", - "ruleIndex" : 0, - "rule" : { - "id" : "cpp/drivers/extended-deprecated-apis", - "index" : 0 - }, - "message" : { - "text" : "strcpy is insecure and has been marked deprecated. Replace it with one of the following safe replacements: strcpy_s, StringCbCopy, StringCbCopyEx, StringCchCopy, StringCchCopyEx, strlcpy." - }, - "locations" : [ { - "physicalLocation" : { - "artifactLocation" : { - "uri" : "driver/driver_snippet.c", - "uriBaseId" : "%SRCROOT%", - "index" : 0 - }, - "region" : { - "startLine" : 72, - "startColumn" : 5, - "endColumn" : 11 - } - } - } ], - "partialFingerprints" : { - "primaryLocationLineHash" : "af4c1b7ec005cdbe:1", - "primaryLocationStartColumnFingerprint" : "0" - } - }, { - "ruleId" : "cpp/drivers/extended-deprecated-apis", - "ruleIndex" : 0, - "rule" : { - "id" : "cpp/drivers/extended-deprecated-apis", - "index" : 0 - }, - "message" : { - "text" : "strcpy is insecure and has been marked deprecated. Replace it with one of the following safe replacements: strcpy_s, StringCbCopy, StringCbCopyEx, StringCchCopy, StringCchCopyEx, strlcpy." - }, - "locations" : [ { - "physicalLocation" : { - "artifactLocation" : { - "uri" : "driver/driver_snippet.c", - "uriBaseId" : "%SRCROOT%", - "index" : 0 - }, - "region" : { - "startLine" : 25, - "startColumn" : 5, - "endColumn" : 11 - } - } - } ], - "partialFingerprints" : { - "primaryLocationLineHash" : "7b4677b91dfe9311:1", - "primaryLocationStartColumnFingerprint" : "0" - } - } ], - "columnKind" : "utf16CodeUnits", - "properties" : { - "semmle.formatSpecifier" : "sarifv2.1.0" - } - } ] +{ + "$schema" : "https://json.schemastore.org/sarif-2.1.0.json", + "version" : "2.1.0", + "runs" : [ { + "tool" : { + "driver" : { + "name" : "CodeQL", + "organization" : "GitHub", + "semanticVersion" : "2.11.5", + "rules" : [ { + "id" : "cpp/drivers/extended-deprecated-apis", + "name" : "cpp/drivers/extended-deprecated-apis", + "shortDescription" : { + "text" : "Use of deprecated function or macro (C28719, C28726, C28735, C28750)" + }, + "fullDescription" : { + "text" : "Use of deprecated APIs causes correctness or safety issues. This is a port of Code Analysis checks C28719, C28726, and C28750." + }, + "defaultConfiguration" : { + "enabled" : true, + "level" : "warning" + }, + "properties" : { + "tags" : [ "correctness", "security" ], + "description" : "Use of deprecated APIs causes correctness or safety issues. This is a port of Code Analysis checks C28719, C28726, and C28750.", + "feature.area" : "Multiple", + "id" : "cpp/drivers/extended-deprecated-apis", + "impact" : "Attack Surface Reduction", + "kind" : "problem", + "name" : "Use of deprecated function or macro (C28719, C28726, C28735, C28750)", + "opaqueid" : "CQLD-C28719", + "owner.email:" : "sdat@microsoft.com", + "platform" : "Desktop", + "precision" : "high", + "problem.severity" : "warning", + "query-version" : "v1", + "repro.text" : "The following code locations contain calls to an unsafe, deprecated function or macro.", + "scope" : "generic", + "security.severity" : "Low" + } + } ] + }, + "extensions" : [ { + "name" : "microsoft/windows-drivers", + "semanticVersion" : "0.1.0+933e876f096a70922173e4d5ad604d99d4481af4", + "locations" : [ { + "uri" : "file:///C:/codeql-home/Windows-Driver-Developer-Supplemental-Tools/src/", + "description" : { + "text" : "The QL pack root directory." + } + }, { + "uri" : "file:///C:/codeql-home/Windows-Driver-Developer-Supplemental-Tools/src/qlpack.yml", + "description" : { + "text" : "The QL pack definition file." + } + } ] + }, { + "name" : "legacy-upgrades", + "semanticVersion" : "0.0.0", + "locations" : [ { + "uri" : "file:///C:/codeql-home/codeql/legacy-upgrades/", + "description" : { + "text" : "The QL pack root directory." + } + }, { + "uri" : "file:///C:/codeql-home/codeql/legacy-upgrades/qlpack.yml", + "description" : { + "text" : "The QL pack definition file." + } + } ] + } ] + }, + "artifacts" : [ { + "location" : { + "uri" : "driver/driver_snippet.c", + "uriBaseId" : "%SRCROOT%", + "index" : 0 + } + } ], + "results" : [ { + "ruleId" : "cpp/drivers/extended-deprecated-apis", + "ruleIndex" : 0, + "rule" : { + "id" : "cpp/drivers/extended-deprecated-apis", + "index" : 0 + }, + "message" : { + "text" : "strcpy is insecure and has been marked deprecated. Replace it with one of the following safe replacements: strcpy_s, StringCbCopy, StringCbCopyEx, StringCchCopy, StringCchCopyEx, strlcpy." + }, + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "driver/driver_snippet.c", + "uriBaseId" : "%SRCROOT%", + "index" : 0 + }, + "region" : { + "startLine" : 37, + "startColumn" : 5, + "endColumn" : 11 + } + } + } ], + "partialFingerprints" : { + "primaryLocationLineHash" : "82e29691df499d5d:1", + "primaryLocationStartColumnFingerprint" : "0" + } + }, { + "ruleId" : "cpp/drivers/extended-deprecated-apis", + "ruleIndex" : 0, + "rule" : { + "id" : "cpp/drivers/extended-deprecated-apis", + "index" : 0 + }, + "message" : { + "text" : "strcpy is insecure and has been marked deprecated. Replace it with one of the following safe replacements: strcpy_s, StringCbCopy, StringCbCopyEx, StringCchCopy, StringCchCopyEx, strlcpy." + }, + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "driver/driver_snippet.c", + "uriBaseId" : "%SRCROOT%", + "index" : 0 + }, + "region" : { + "startLine" : 40, + "startColumn" : 5, + "endColumn" : 11 + } + } + } ], + "partialFingerprints" : { + "primaryLocationLineHash" : "a0f4009610bac07b:1", + "primaryLocationStartColumnFingerprint" : "0" + } + }, { + "ruleId" : "cpp/drivers/extended-deprecated-apis", + "ruleIndex" : 0, + "rule" : { + "id" : "cpp/drivers/extended-deprecated-apis", + "index" : 0 + }, + "message" : { + "text" : "strcpy is insecure and has been marked deprecated. Replace it with one of the following safe replacements: strcpy_s, StringCbCopy, StringCbCopyEx, StringCchCopy, StringCchCopyEx, strlcpy." + }, + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "driver/driver_snippet.c", + "uriBaseId" : "%SRCROOT%", + "index" : 0 + }, + "region" : { + "startLine" : 43, + "startColumn" : 5, + "endColumn" : 11 + } + } + } ], + "partialFingerprints" : { + "primaryLocationLineHash" : "969c85f34783b0c9:1", + "primaryLocationStartColumnFingerprint" : "0" + } + }, { + "ruleId" : "cpp/drivers/extended-deprecated-apis", + "ruleIndex" : 0, + "rule" : { + "id" : "cpp/drivers/extended-deprecated-apis", + "index" : 0 + }, + "message" : { + "text" : "strcpy is insecure and has been marked deprecated. Replace it with one of the following safe replacements: strcpy_s, StringCbCopy, StringCbCopyEx, StringCchCopy, StringCchCopyEx, strlcpy." + }, + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "driver/driver_snippet.c", + "uriBaseId" : "%SRCROOT%", + "index" : 0 + }, + "region" : { + "startLine" : 46, + "startColumn" : 5, + "endColumn" : 11 + } + } + } ], + "partialFingerprints" : { + "primaryLocationLineHash" : "35b38347e72e53ee:1", + "primaryLocationStartColumnFingerprint" : "0" + } + }, { + "ruleId" : "cpp/drivers/extended-deprecated-apis", + "ruleIndex" : 0, + "rule" : { + "id" : "cpp/drivers/extended-deprecated-apis", + "index" : 0 + }, + "message" : { + "text" : "strcpy is insecure and has been marked deprecated. Replace it with one of the following safe replacements: strcpy_s, StringCbCopy, StringCbCopyEx, StringCchCopy, StringCchCopyEx, strlcpy." + }, + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "driver/driver_snippet.c", + "uriBaseId" : "%SRCROOT%", + "index" : 0 + }, + "region" : { + "startLine" : 49, + "startColumn" : 5, + "endColumn" : 11 + } + } + } ], + "partialFingerprints" : { + "primaryLocationLineHash" : "457c58a531c32719:1", + "primaryLocationStartColumnFingerprint" : "0" + } + }, { + "ruleId" : "cpp/drivers/extended-deprecated-apis", + "ruleIndex" : 0, + "rule" : { + "id" : "cpp/drivers/extended-deprecated-apis", + "index" : 0 + }, + "message" : { + "text" : "strcpy is insecure and has been marked deprecated. Replace it with one of the following safe replacements: strcpy_s, StringCbCopy, StringCbCopyEx, StringCchCopy, StringCchCopyEx, strlcpy." + }, + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "driver/driver_snippet.c", + "uriBaseId" : "%SRCROOT%", + "index" : 0 + }, + "region" : { + "startLine" : 53, + "startColumn" : 5, + "endColumn" : 11 + } + } + } ], + "partialFingerprints" : { + "primaryLocationLineHash" : "23936499fc6ec6db:1", + "primaryLocationStartColumnFingerprint" : "0" + } + }, { + "ruleId" : "cpp/drivers/extended-deprecated-apis", + "ruleIndex" : 0, + "rule" : { + "id" : "cpp/drivers/extended-deprecated-apis", + "index" : 0 + }, + "message" : { + "text" : "strcpy is insecure and has been marked deprecated. Replace it with one of the following safe replacements: strcpy_s, StringCbCopy, StringCbCopyEx, StringCchCopy, StringCchCopyEx, strlcpy." + }, + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "driver/driver_snippet.c", + "uriBaseId" : "%SRCROOT%", + "index" : 0 + }, + "region" : { + "startLine" : 57, + "startColumn" : 5, + "endColumn" : 11 + } + } + } ], + "partialFingerprints" : { + "primaryLocationLineHash" : "b8199b93e64f724c:1", + "primaryLocationStartColumnFingerprint" : "0" + } + }, { + "ruleId" : "cpp/drivers/extended-deprecated-apis", + "ruleIndex" : 0, + "rule" : { + "id" : "cpp/drivers/extended-deprecated-apis", + "index" : 0 + }, + "message" : { + "text" : "strcpy is insecure and has been marked deprecated. Replace it with one of the following safe replacements: strcpy_s, StringCbCopy, StringCbCopyEx, StringCchCopy, StringCchCopyEx, strlcpy." + }, + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "driver/driver_snippet.c", + "uriBaseId" : "%SRCROOT%", + "index" : 0 + }, + "region" : { + "startLine" : 60, + "startColumn" : 5, + "endColumn" : 11 + } + } + } ], + "partialFingerprints" : { + "primaryLocationLineHash" : "67adf17cf52f9cb0:1", + "primaryLocationStartColumnFingerprint" : "0" + } + }, { + "ruleId" : "cpp/drivers/extended-deprecated-apis", + "ruleIndex" : 0, + "rule" : { + "id" : "cpp/drivers/extended-deprecated-apis", + "index" : 0 + }, + "message" : { + "text" : "strcpy is insecure and has been marked deprecated. Replace it with one of the following safe replacements: strcpy_s, StringCbCopy, StringCbCopyEx, StringCchCopy, StringCchCopyEx, strlcpy." + }, + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "driver/driver_snippet.c", + "uriBaseId" : "%SRCROOT%", + "index" : 0 + }, + "region" : { + "startLine" : 63, + "startColumn" : 5, + "endColumn" : 11 + } + } + } ], + "partialFingerprints" : { + "primaryLocationLineHash" : "37878d516b970fae:1", + "primaryLocationStartColumnFingerprint" : "0" + } + }, { + "ruleId" : "cpp/drivers/extended-deprecated-apis", + "ruleIndex" : 0, + "rule" : { + "id" : "cpp/drivers/extended-deprecated-apis", + "index" : 0 + }, + "message" : { + "text" : "strcpy is insecure and has been marked deprecated. Replace it with one of the following safe replacements: strcpy_s, StringCbCopy, StringCbCopyEx, StringCchCopy, StringCchCopyEx, strlcpy." + }, + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "driver/driver_snippet.c", + "uriBaseId" : "%SRCROOT%", + "index" : 0 + }, + "region" : { + "startLine" : 66, + "startColumn" : 5, + "endColumn" : 11 + } + } + } ], + "partialFingerprints" : { + "primaryLocationLineHash" : "d24a502aa610bd2e:1", + "primaryLocationStartColumnFingerprint" : "0" + } + }, { + "ruleId" : "cpp/drivers/extended-deprecated-apis", + "ruleIndex" : 0, + "rule" : { + "id" : "cpp/drivers/extended-deprecated-apis", + "index" : 0 + }, + "message" : { + "text" : "strcpy is insecure and has been marked deprecated. Replace it with one of the following safe replacements: strcpy_s, StringCbCopy, StringCbCopyEx, StringCchCopy, StringCchCopyEx, strlcpy." + }, + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "driver/driver_snippet.c", + "uriBaseId" : "%SRCROOT%", + "index" : 0 + }, + "region" : { + "startLine" : 69, + "startColumn" : 5, + "endColumn" : 11 + } + } + } ], + "partialFingerprints" : { + "primaryLocationLineHash" : "6a27d42186f1df7d:1", + "primaryLocationStartColumnFingerprint" : "0" + } + }, { + "ruleId" : "cpp/drivers/extended-deprecated-apis", + "ruleIndex" : 0, + "rule" : { + "id" : "cpp/drivers/extended-deprecated-apis", + "index" : 0 + }, + "message" : { + "text" : "strcpy is insecure and has been marked deprecated. Replace it with one of the following safe replacements: strcpy_s, StringCbCopy, StringCbCopyEx, StringCchCopy, StringCchCopyEx, strlcpy." + }, + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "driver/driver_snippet.c", + "uriBaseId" : "%SRCROOT%", + "index" : 0 + }, + "region" : { + "startLine" : 72, + "startColumn" : 5, + "endColumn" : 11 + } + } + } ], + "partialFingerprints" : { + "primaryLocationLineHash" : "af4c1b7ec005cdbe:1", + "primaryLocationStartColumnFingerprint" : "0" + } + }, { + "ruleId" : "cpp/drivers/extended-deprecated-apis", + "ruleIndex" : 0, + "rule" : { + "id" : "cpp/drivers/extended-deprecated-apis", + "index" : 0 + }, + "message" : { + "text" : "strcpy is insecure and has been marked deprecated. Replace it with one of the following safe replacements: strcpy_s, StringCbCopy, StringCbCopyEx, StringCchCopy, StringCchCopyEx, strlcpy." + }, + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "driver/driver_snippet.c", + "uriBaseId" : "%SRCROOT%", + "index" : 0 + }, + "region" : { + "startLine" : 25, + "startColumn" : 5, + "endColumn" : 11 + } + } + } ], + "partialFingerprints" : { + "primaryLocationLineHash" : "7b4677b91dfe9311:1", + "primaryLocationStartColumnFingerprint" : "0" + } + } ], + "columnKind" : "utf16CodeUnits", + "properties" : { + "semmle.formatSpecifier" : "sarifv2.1.0" + } + } ] } \ No newline at end of file diff --git a/src/drivers/general/queries/ExtendedDeprecatedApis/driver_snippet.c b/src/qlpack/src/drivers/general/queries/ExtendedDeprecatedApis/driver_snippet.c similarity index 100% rename from src/drivers/general/queries/ExtendedDeprecatedApis/driver_snippet.c rename to src/qlpack/src/drivers/general/queries/ExtendedDeprecatedApis/driver_snippet.c diff --git a/src/drivers/general/queries/FloatHardwareStateProtection/FloatHardwareStateProtection.qhelp b/src/qlpack/src/drivers/general/queries/FloatHardwareStateProtection/FloatHardwareStateProtection.qhelp similarity index 100% rename from src/drivers/general/queries/FloatHardwareStateProtection/FloatHardwareStateProtection.qhelp rename to src/qlpack/src/drivers/general/queries/FloatHardwareStateProtection/FloatHardwareStateProtection.qhelp diff --git a/src/drivers/general/queries/FloatHardwareStateProtection/FloatHardwareStateProtection.ql b/src/qlpack/src/drivers/general/queries/FloatHardwareStateProtection/FloatHardwareStateProtection.ql similarity index 100% rename from src/drivers/general/queries/FloatHardwareStateProtection/FloatHardwareStateProtection.ql rename to src/qlpack/src/drivers/general/queries/FloatHardwareStateProtection/FloatHardwareStateProtection.ql diff --git a/src/drivers/general/queries/FloatHardwareStateProtection/FloatHardwareStateProtection.sarif b/src/qlpack/src/drivers/general/queries/FloatHardwareStateProtection/FloatHardwareStateProtection.sarif similarity index 100% rename from src/drivers/general/queries/FloatHardwareStateProtection/FloatHardwareStateProtection.sarif rename to src/qlpack/src/drivers/general/queries/FloatHardwareStateProtection/FloatHardwareStateProtection.sarif diff --git a/src/drivers/general/queries/FloatHardwareStateProtection/driver_snippet.c b/src/qlpack/src/drivers/general/queries/FloatHardwareStateProtection/driver_snippet.c similarity index 100% rename from src/drivers/general/queries/FloatHardwareStateProtection/driver_snippet.c rename to src/qlpack/src/drivers/general/queries/FloatHardwareStateProtection/driver_snippet.c diff --git a/src/drivers/general/queries/IRPStackEntryCopy/IRPStackEntryCopy.qhelp b/src/qlpack/src/drivers/general/queries/IRPStackEntryCopy/IRPStackEntryCopy.qhelp similarity index 100% rename from src/drivers/general/queries/IRPStackEntryCopy/IRPStackEntryCopy.qhelp rename to src/qlpack/src/drivers/general/queries/IRPStackEntryCopy/IRPStackEntryCopy.qhelp diff --git a/src/drivers/general/queries/IRPStackEntryCopy/IRPStackEntryCopy.ql b/src/qlpack/src/drivers/general/queries/IRPStackEntryCopy/IRPStackEntryCopy.ql similarity index 100% rename from src/drivers/general/queries/IRPStackEntryCopy/IRPStackEntryCopy.ql rename to src/qlpack/src/drivers/general/queries/IRPStackEntryCopy/IRPStackEntryCopy.ql diff --git a/src/drivers/general/queries/IRPStackEntryCopy/IRPStackEntryCopy.sarif b/src/qlpack/src/drivers/general/queries/IRPStackEntryCopy/IRPStackEntryCopy.sarif similarity index 100% rename from src/drivers/general/queries/IRPStackEntryCopy/IRPStackEntryCopy.sarif rename to src/qlpack/src/drivers/general/queries/IRPStackEntryCopy/IRPStackEntryCopy.sarif diff --git a/src/drivers/general/queries/IRPStackEntryCopy/driver_snippet.c b/src/qlpack/src/drivers/general/queries/IRPStackEntryCopy/driver_snippet.c similarity index 100% rename from src/drivers/general/queries/IRPStackEntryCopy/driver_snippet.c rename to src/qlpack/src/drivers/general/queries/IRPStackEntryCopy/driver_snippet.c diff --git a/src/drivers/general/queries/ImportantFunctionCallOptimizedOut/ImportantFunctionCallOptimizedOut.qhelp b/src/qlpack/src/drivers/general/queries/ImportantFunctionCallOptimizedOut/ImportantFunctionCallOptimizedOut.qhelp similarity index 100% rename from src/drivers/general/queries/ImportantFunctionCallOptimizedOut/ImportantFunctionCallOptimizedOut.qhelp rename to src/qlpack/src/drivers/general/queries/ImportantFunctionCallOptimizedOut/ImportantFunctionCallOptimizedOut.qhelp diff --git a/src/drivers/general/queries/ImportantFunctionCallOptimizedOut/ImportantFunctionCallOptimizedOut.ql b/src/qlpack/src/drivers/general/queries/ImportantFunctionCallOptimizedOut/ImportantFunctionCallOptimizedOut.ql similarity index 100% rename from src/drivers/general/queries/ImportantFunctionCallOptimizedOut/ImportantFunctionCallOptimizedOut.ql rename to src/qlpack/src/drivers/general/queries/ImportantFunctionCallOptimizedOut/ImportantFunctionCallOptimizedOut.ql diff --git a/src/drivers/general/queries/ImportantFunctionCallOptimizedOut/ImportantFunctionCallOptimizedOut.sarif b/src/qlpack/src/drivers/general/queries/ImportantFunctionCallOptimizedOut/ImportantFunctionCallOptimizedOut.sarif similarity index 100% rename from src/drivers/general/queries/ImportantFunctionCallOptimizedOut/ImportantFunctionCallOptimizedOut.sarif rename to src/qlpack/src/drivers/general/queries/ImportantFunctionCallOptimizedOut/ImportantFunctionCallOptimizedOut.sarif diff --git a/src/drivers/general/queries/ImportantFunctionCallOptimizedOut/driver_snippet.c b/src/qlpack/src/drivers/general/queries/ImportantFunctionCallOptimizedOut/driver_snippet.c similarity index 100% rename from src/drivers/general/queries/ImportantFunctionCallOptimizedOut/driver_snippet.c rename to src/qlpack/src/drivers/general/queries/ImportantFunctionCallOptimizedOut/driver_snippet.c diff --git a/src/drivers/general/queries/ImproperNotOperatorOnZero/ImproperNotOperatorOnZero.qhelp b/src/qlpack/src/drivers/general/queries/ImproperNotOperatorOnZero/ImproperNotOperatorOnZero.qhelp similarity index 100% rename from src/drivers/general/queries/ImproperNotOperatorOnZero/ImproperNotOperatorOnZero.qhelp rename to src/qlpack/src/drivers/general/queries/ImproperNotOperatorOnZero/ImproperNotOperatorOnZero.qhelp diff --git a/src/drivers/general/queries/ImproperNotOperatorOnZero/ImproperNotOperatorOnZero.ql b/src/qlpack/src/drivers/general/queries/ImproperNotOperatorOnZero/ImproperNotOperatorOnZero.ql similarity index 100% rename from src/drivers/general/queries/ImproperNotOperatorOnZero/ImproperNotOperatorOnZero.ql rename to src/qlpack/src/drivers/general/queries/ImproperNotOperatorOnZero/ImproperNotOperatorOnZero.ql diff --git a/src/drivers/general/queries/ImproperNotOperatorOnZero/ImproperNotOperatorOnZero.sarif b/src/qlpack/src/drivers/general/queries/ImproperNotOperatorOnZero/ImproperNotOperatorOnZero.sarif similarity index 100% rename from src/drivers/general/queries/ImproperNotOperatorOnZero/ImproperNotOperatorOnZero.sarif rename to src/qlpack/src/drivers/general/queries/ImproperNotOperatorOnZero/ImproperNotOperatorOnZero.sarif diff --git a/src/drivers/general/queries/ImproperNotOperatorOnZero/driver_snippet.c b/src/qlpack/src/drivers/general/queries/ImproperNotOperatorOnZero/driver_snippet.c similarity index 100% rename from src/drivers/general/queries/ImproperNotOperatorOnZero/driver_snippet.c rename to src/qlpack/src/drivers/general/queries/ImproperNotOperatorOnZero/driver_snippet.c diff --git a/src/drivers/general/queries/InvalidFunctionClassTypedef/InvalidFunctionClassTypedef.qhelp b/src/qlpack/src/drivers/general/queries/InvalidFunctionClassTypedef/InvalidFunctionClassTypedef.qhelp similarity index 100% rename from src/drivers/general/queries/InvalidFunctionClassTypedef/InvalidFunctionClassTypedef.qhelp rename to src/qlpack/src/drivers/general/queries/InvalidFunctionClassTypedef/InvalidFunctionClassTypedef.qhelp diff --git a/src/drivers/general/queries/InvalidFunctionClassTypedef/InvalidFunctionClassTypedef.ql b/src/qlpack/src/drivers/general/queries/InvalidFunctionClassTypedef/InvalidFunctionClassTypedef.ql similarity index 100% rename from src/drivers/general/queries/InvalidFunctionClassTypedef/InvalidFunctionClassTypedef.ql rename to src/qlpack/src/drivers/general/queries/InvalidFunctionClassTypedef/InvalidFunctionClassTypedef.ql diff --git a/src/drivers/general/queries/InvalidFunctionClassTypedef/InvalidFunctionClassTypedef.sarif b/src/qlpack/src/drivers/general/queries/InvalidFunctionClassTypedef/InvalidFunctionClassTypedef.sarif similarity index 100% rename from src/drivers/general/queries/InvalidFunctionClassTypedef/InvalidFunctionClassTypedef.sarif rename to src/qlpack/src/drivers/general/queries/InvalidFunctionClassTypedef/InvalidFunctionClassTypedef.sarif diff --git a/src/drivers/general/queries/InvalidFunctionClassTypedef/driver_snippet.c b/src/qlpack/src/drivers/general/queries/InvalidFunctionClassTypedef/driver_snippet.c similarity index 100% rename from src/drivers/general/queries/InvalidFunctionClassTypedef/driver_snippet.c rename to src/qlpack/src/drivers/general/queries/InvalidFunctionClassTypedef/driver_snippet.c diff --git a/src/drivers/general/queries/InvalidFunctionPointerAnnotation/InvalidFunctionPointerAnnotation.qhelp b/src/qlpack/src/drivers/general/queries/InvalidFunctionPointerAnnotation/InvalidFunctionPointerAnnotation.qhelp similarity index 100% rename from src/drivers/general/queries/InvalidFunctionPointerAnnotation/InvalidFunctionPointerAnnotation.qhelp rename to src/qlpack/src/drivers/general/queries/InvalidFunctionPointerAnnotation/InvalidFunctionPointerAnnotation.qhelp diff --git a/src/drivers/general/queries/InvalidFunctionPointerAnnotation/InvalidFunctionPointerAnnotation.ql b/src/qlpack/src/drivers/general/queries/InvalidFunctionPointerAnnotation/InvalidFunctionPointerAnnotation.ql similarity index 100% rename from src/drivers/general/queries/InvalidFunctionPointerAnnotation/InvalidFunctionPointerAnnotation.ql rename to src/qlpack/src/drivers/general/queries/InvalidFunctionPointerAnnotation/InvalidFunctionPointerAnnotation.ql diff --git a/src/drivers/general/queries/InvalidFunctionPointerAnnotation/InvalidFunctionPointerAnnotation.sarif b/src/qlpack/src/drivers/general/queries/InvalidFunctionPointerAnnotation/InvalidFunctionPointerAnnotation.sarif similarity index 100% rename from src/drivers/general/queries/InvalidFunctionPointerAnnotation/InvalidFunctionPointerAnnotation.sarif rename to src/qlpack/src/drivers/general/queries/InvalidFunctionPointerAnnotation/InvalidFunctionPointerAnnotation.sarif diff --git a/src/drivers/general/queries/InvalidFunctionPointerAnnotation/driver_snippet.c b/src/qlpack/src/drivers/general/queries/InvalidFunctionPointerAnnotation/driver_snippet.c similarity index 100% rename from src/drivers/general/queries/InvalidFunctionPointerAnnotation/driver_snippet.c rename to src/qlpack/src/drivers/general/queries/InvalidFunctionPointerAnnotation/driver_snippet.c diff --git a/src/drivers/general/queries/IoInitializeTimerCall/IoInitializeTimerCall.qhelp b/src/qlpack/src/drivers/general/queries/IoInitializeTimerCall/IoInitializeTimerCall.qhelp similarity index 100% rename from src/drivers/general/queries/IoInitializeTimerCall/IoInitializeTimerCall.qhelp rename to src/qlpack/src/drivers/general/queries/IoInitializeTimerCall/IoInitializeTimerCall.qhelp diff --git a/src/drivers/general/queries/IoInitializeTimerCall/IoInitializeTimerCall.ql b/src/qlpack/src/drivers/general/queries/IoInitializeTimerCall/IoInitializeTimerCall.ql similarity index 100% rename from src/drivers/general/queries/IoInitializeTimerCall/IoInitializeTimerCall.ql rename to src/qlpack/src/drivers/general/queries/IoInitializeTimerCall/IoInitializeTimerCall.ql diff --git a/src/drivers/general/queries/IoInitializeTimerCall/IoInitializeTimerCall.sarif b/src/qlpack/src/drivers/general/queries/IoInitializeTimerCall/IoInitializeTimerCall.sarif similarity index 100% rename from src/drivers/general/queries/IoInitializeTimerCall/IoInitializeTimerCall.sarif rename to src/qlpack/src/drivers/general/queries/IoInitializeTimerCall/IoInitializeTimerCall.sarif diff --git a/src/drivers/general/queries/IoInitializeTimerCall/driver_snippet.c b/src/qlpack/src/drivers/general/queries/IoInitializeTimerCall/driver_snippet.c similarity index 100% rename from src/drivers/general/queries/IoInitializeTimerCall/driver_snippet.c rename to src/qlpack/src/drivers/general/queries/IoInitializeTimerCall/driver_snippet.c diff --git a/src/drivers/general/queries/IrqlAnnotationIssue/IrqlAnnotationIssue.qhelp b/src/qlpack/src/drivers/general/queries/IrqlAnnotationIssue/IrqlAnnotationIssue.qhelp similarity index 100% rename from src/drivers/general/queries/IrqlAnnotationIssue/IrqlAnnotationIssue.qhelp rename to src/qlpack/src/drivers/general/queries/IrqlAnnotationIssue/IrqlAnnotationIssue.qhelp diff --git a/src/drivers/general/queries/IrqlAnnotationIssue/IrqlAnnotationIssue.ql b/src/qlpack/src/drivers/general/queries/IrqlAnnotationIssue/IrqlAnnotationIssue.ql similarity index 100% rename from src/drivers/general/queries/IrqlAnnotationIssue/IrqlAnnotationIssue.ql rename to src/qlpack/src/drivers/general/queries/IrqlAnnotationIssue/IrqlAnnotationIssue.ql diff --git a/src/drivers/general/queries/IrqlAnnotationIssue/IrqlAnnotationIssue.sarif b/src/qlpack/src/drivers/general/queries/IrqlAnnotationIssue/IrqlAnnotationIssue.sarif similarity index 100% rename from src/drivers/general/queries/IrqlAnnotationIssue/IrqlAnnotationIssue.sarif rename to src/qlpack/src/drivers/general/queries/IrqlAnnotationIssue/IrqlAnnotationIssue.sarif diff --git a/src/drivers/general/queries/IrqlAnnotationIssue/driver_snippet.c b/src/qlpack/src/drivers/general/queries/IrqlAnnotationIssue/driver_snippet.c similarity index 100% rename from src/drivers/general/queries/IrqlAnnotationIssue/driver_snippet.c rename to src/qlpack/src/drivers/general/queries/IrqlAnnotationIssue/driver_snippet.c diff --git a/src/drivers/general/queries/IrqlCancelRoutine/IrqlCancelRoutine.qhelp b/src/qlpack/src/drivers/general/queries/IrqlCancelRoutine/IrqlCancelRoutine.qhelp similarity index 100% rename from src/drivers/general/queries/IrqlCancelRoutine/IrqlCancelRoutine.qhelp rename to src/qlpack/src/drivers/general/queries/IrqlCancelRoutine/IrqlCancelRoutine.qhelp diff --git a/src/drivers/general/queries/IrqlCancelRoutine/IrqlCancelRoutine.ql b/src/qlpack/src/drivers/general/queries/IrqlCancelRoutine/IrqlCancelRoutine.ql similarity index 100% rename from src/drivers/general/queries/IrqlCancelRoutine/IrqlCancelRoutine.ql rename to src/qlpack/src/drivers/general/queries/IrqlCancelRoutine/IrqlCancelRoutine.ql diff --git a/src/drivers/general/queries/IrqlCancelRoutine/IrqlCancelRoutine.sarif b/src/qlpack/src/drivers/general/queries/IrqlCancelRoutine/IrqlCancelRoutine.sarif similarity index 100% rename from src/drivers/general/queries/IrqlCancelRoutine/IrqlCancelRoutine.sarif rename to src/qlpack/src/drivers/general/queries/IrqlCancelRoutine/IrqlCancelRoutine.sarif diff --git a/src/drivers/general/queries/IrqlCancelRoutine/driver_snippet.c b/src/qlpack/src/drivers/general/queries/IrqlCancelRoutine/driver_snippet.c similarity index 100% rename from src/drivers/general/queries/IrqlCancelRoutine/driver_snippet.c rename to src/qlpack/src/drivers/general/queries/IrqlCancelRoutine/driver_snippet.c diff --git a/src/drivers/general/queries/IrqlFloatStateMismatch/IrqlFloatStateMismatch.qhelp b/src/qlpack/src/drivers/general/queries/IrqlFloatStateMismatch/IrqlFloatStateMismatch.qhelp similarity index 100% rename from src/drivers/general/queries/IrqlFloatStateMismatch/IrqlFloatStateMismatch.qhelp rename to src/qlpack/src/drivers/general/queries/IrqlFloatStateMismatch/IrqlFloatStateMismatch.qhelp diff --git a/src/drivers/general/queries/IrqlFloatStateMismatch/IrqlFloatStateMismatch.ql b/src/qlpack/src/drivers/general/queries/IrqlFloatStateMismatch/IrqlFloatStateMismatch.ql similarity index 100% rename from src/drivers/general/queries/IrqlFloatStateMismatch/IrqlFloatStateMismatch.ql rename to src/qlpack/src/drivers/general/queries/IrqlFloatStateMismatch/IrqlFloatStateMismatch.ql diff --git a/src/drivers/general/queries/IrqlFloatStateMismatch/IrqlFloatStateMismatch.sarif b/src/qlpack/src/drivers/general/queries/IrqlFloatStateMismatch/IrqlFloatStateMismatch.sarif similarity index 100% rename from src/drivers/general/queries/IrqlFloatStateMismatch/IrqlFloatStateMismatch.sarif rename to src/qlpack/src/drivers/general/queries/IrqlFloatStateMismatch/IrqlFloatStateMismatch.sarif diff --git a/src/drivers/general/queries/IrqlFloatStateMismatch/driver_snippet.c b/src/qlpack/src/drivers/general/queries/IrqlFloatStateMismatch/driver_snippet.c similarity index 100% rename from src/drivers/general/queries/IrqlFloatStateMismatch/driver_snippet.c rename to src/qlpack/src/drivers/general/queries/IrqlFloatStateMismatch/driver_snippet.c diff --git a/src/drivers/general/queries/IrqlFunctionNotAnnotated/IrqlFunctionNotAnnotated.qhelp b/src/qlpack/src/drivers/general/queries/IrqlFunctionNotAnnotated/IrqlFunctionNotAnnotated.qhelp similarity index 100% rename from src/drivers/general/queries/IrqlFunctionNotAnnotated/IrqlFunctionNotAnnotated.qhelp rename to src/qlpack/src/drivers/general/queries/IrqlFunctionNotAnnotated/IrqlFunctionNotAnnotated.qhelp diff --git a/src/drivers/general/queries/IrqlFunctionNotAnnotated/IrqlFunctionNotAnnotated.ql b/src/qlpack/src/drivers/general/queries/IrqlFunctionNotAnnotated/IrqlFunctionNotAnnotated.ql similarity index 100% rename from src/drivers/general/queries/IrqlFunctionNotAnnotated/IrqlFunctionNotAnnotated.ql rename to src/qlpack/src/drivers/general/queries/IrqlFunctionNotAnnotated/IrqlFunctionNotAnnotated.ql diff --git a/src/drivers/general/queries/IrqlFunctionNotAnnotated/IrqlFunctionNotAnnotated.sarif b/src/qlpack/src/drivers/general/queries/IrqlFunctionNotAnnotated/IrqlFunctionNotAnnotated.sarif similarity index 100% rename from src/drivers/general/queries/IrqlFunctionNotAnnotated/IrqlFunctionNotAnnotated.sarif rename to src/qlpack/src/drivers/general/queries/IrqlFunctionNotAnnotated/IrqlFunctionNotAnnotated.sarif diff --git a/src/drivers/general/queries/IrqlFunctionNotAnnotated/driver_snippet.c b/src/qlpack/src/drivers/general/queries/IrqlFunctionNotAnnotated/driver_snippet.c similarity index 100% rename from src/drivers/general/queries/IrqlFunctionNotAnnotated/driver_snippet.c rename to src/qlpack/src/drivers/general/queries/IrqlFunctionNotAnnotated/driver_snippet.c diff --git a/src/drivers/general/queries/IrqlIllegalValue/IrqlIllegalValue.qhelp b/src/qlpack/src/drivers/general/queries/IrqlIllegalValue/IrqlIllegalValue.qhelp similarity index 100% rename from src/drivers/general/queries/IrqlIllegalValue/IrqlIllegalValue.qhelp rename to src/qlpack/src/drivers/general/queries/IrqlIllegalValue/IrqlIllegalValue.qhelp diff --git a/src/drivers/general/queries/IrqlIllegalValue/IrqlIllegalValue.ql b/src/qlpack/src/drivers/general/queries/IrqlIllegalValue/IrqlIllegalValue.ql similarity index 100% rename from src/drivers/general/queries/IrqlIllegalValue/IrqlIllegalValue.ql rename to src/qlpack/src/drivers/general/queries/IrqlIllegalValue/IrqlIllegalValue.ql diff --git a/src/drivers/general/queries/IrqlIllegalValue/IrqlIllegalValue.sarif b/src/qlpack/src/drivers/general/queries/IrqlIllegalValue/IrqlIllegalValue.sarif similarity index 100% rename from src/drivers/general/queries/IrqlIllegalValue/IrqlIllegalValue.sarif rename to src/qlpack/src/drivers/general/queries/IrqlIllegalValue/IrqlIllegalValue.sarif diff --git a/src/drivers/general/queries/IrqlIllegalValue/driver_snippet.c b/src/qlpack/src/drivers/general/queries/IrqlIllegalValue/driver_snippet.c similarity index 100% rename from src/drivers/general/queries/IrqlIllegalValue/driver_snippet.c rename to src/qlpack/src/drivers/general/queries/IrqlIllegalValue/driver_snippet.c diff --git a/src/drivers/general/queries/IrqlInconsistentWithRequired/IrqlInconsistentWithRequired.qhelp b/src/qlpack/src/drivers/general/queries/IrqlInconsistentWithRequired/IrqlInconsistentWithRequired.qhelp similarity index 100% rename from src/drivers/general/queries/IrqlInconsistentWithRequired/IrqlInconsistentWithRequired.qhelp rename to src/qlpack/src/drivers/general/queries/IrqlInconsistentWithRequired/IrqlInconsistentWithRequired.qhelp diff --git a/src/drivers/general/queries/IrqlInconsistentWithRequired/IrqlInconsistentWithRequired.ql b/src/qlpack/src/drivers/general/queries/IrqlInconsistentWithRequired/IrqlInconsistentWithRequired.ql similarity index 100% rename from src/drivers/general/queries/IrqlInconsistentWithRequired/IrqlInconsistentWithRequired.ql rename to src/qlpack/src/drivers/general/queries/IrqlInconsistentWithRequired/IrqlInconsistentWithRequired.ql diff --git a/src/drivers/general/queries/IrqlInconsistentWithRequired/IrqlInconsistentWithRequired.sarif b/src/qlpack/src/drivers/general/queries/IrqlInconsistentWithRequired/IrqlInconsistentWithRequired.sarif similarity index 100% rename from src/drivers/general/queries/IrqlInconsistentWithRequired/IrqlInconsistentWithRequired.sarif rename to src/qlpack/src/drivers/general/queries/IrqlInconsistentWithRequired/IrqlInconsistentWithRequired.sarif diff --git a/src/drivers/general/queries/IrqlInconsistentWithRequired/driver_snippet.c b/src/qlpack/src/drivers/general/queries/IrqlInconsistentWithRequired/driver_snippet.c similarity index 100% rename from src/drivers/general/queries/IrqlInconsistentWithRequired/driver_snippet.c rename to src/qlpack/src/drivers/general/queries/IrqlInconsistentWithRequired/driver_snippet.c diff --git a/src/drivers/general/queries/IrqlLoweredImproperly/IrqlLoweredImproperly.qhelp b/src/qlpack/src/drivers/general/queries/IrqlLoweredImproperly/IrqlLoweredImproperly.qhelp similarity index 100% rename from src/drivers/general/queries/IrqlLoweredImproperly/IrqlLoweredImproperly.qhelp rename to src/qlpack/src/drivers/general/queries/IrqlLoweredImproperly/IrqlLoweredImproperly.qhelp diff --git a/src/drivers/general/queries/IrqlLoweredImproperly/IrqlLoweredImproperly.ql b/src/qlpack/src/drivers/general/queries/IrqlLoweredImproperly/IrqlLoweredImproperly.ql similarity index 100% rename from src/drivers/general/queries/IrqlLoweredImproperly/IrqlLoweredImproperly.ql rename to src/qlpack/src/drivers/general/queries/IrqlLoweredImproperly/IrqlLoweredImproperly.ql diff --git a/src/drivers/general/queries/IrqlLoweredImproperly/IrqlLoweredImproperly.sarif b/src/qlpack/src/drivers/general/queries/IrqlLoweredImproperly/IrqlLoweredImproperly.sarif similarity index 100% rename from src/drivers/general/queries/IrqlLoweredImproperly/IrqlLoweredImproperly.sarif rename to src/qlpack/src/drivers/general/queries/IrqlLoweredImproperly/IrqlLoweredImproperly.sarif diff --git a/src/drivers/general/queries/IrqlLoweredImproperly/driver_snippet.c b/src/qlpack/src/drivers/general/queries/IrqlLoweredImproperly/driver_snippet.c similarity index 100% rename from src/drivers/general/queries/IrqlLoweredImproperly/driver_snippet.c rename to src/qlpack/src/drivers/general/queries/IrqlLoweredImproperly/driver_snippet.c diff --git a/src/drivers/general/queries/IrqlNotSaved/IrqlNotSaved.qhelp b/src/qlpack/src/drivers/general/queries/IrqlNotSaved/IrqlNotSaved.qhelp similarity index 100% rename from src/drivers/general/queries/IrqlNotSaved/IrqlNotSaved.qhelp rename to src/qlpack/src/drivers/general/queries/IrqlNotSaved/IrqlNotSaved.qhelp diff --git a/src/drivers/general/queries/IrqlNotSaved/IrqlNotSaved.ql b/src/qlpack/src/drivers/general/queries/IrqlNotSaved/IrqlNotSaved.ql similarity index 100% rename from src/drivers/general/queries/IrqlNotSaved/IrqlNotSaved.ql rename to src/qlpack/src/drivers/general/queries/IrqlNotSaved/IrqlNotSaved.ql diff --git a/src/drivers/general/queries/IrqlNotSaved/IrqlNotSaved.sarif b/src/qlpack/src/drivers/general/queries/IrqlNotSaved/IrqlNotSaved.sarif similarity index 100% rename from src/drivers/general/queries/IrqlNotSaved/IrqlNotSaved.sarif rename to src/qlpack/src/drivers/general/queries/IrqlNotSaved/IrqlNotSaved.sarif diff --git a/src/drivers/general/queries/IrqlNotSaved/driver_snippet.c b/src/qlpack/src/drivers/general/queries/IrqlNotSaved/driver_snippet.c similarity index 100% rename from src/drivers/general/queries/IrqlNotSaved/driver_snippet.c rename to src/qlpack/src/drivers/general/queries/IrqlNotSaved/driver_snippet.c diff --git a/src/drivers/general/queries/IrqlNotUsed/IrqlNotUsed.qhelp b/src/qlpack/src/drivers/general/queries/IrqlNotUsed/IrqlNotUsed.qhelp similarity index 100% rename from src/drivers/general/queries/IrqlNotUsed/IrqlNotUsed.qhelp rename to src/qlpack/src/drivers/general/queries/IrqlNotUsed/IrqlNotUsed.qhelp diff --git a/src/drivers/general/queries/IrqlNotUsed/IrqlNotUsed.ql b/src/qlpack/src/drivers/general/queries/IrqlNotUsed/IrqlNotUsed.ql similarity index 100% rename from src/drivers/general/queries/IrqlNotUsed/IrqlNotUsed.ql rename to src/qlpack/src/drivers/general/queries/IrqlNotUsed/IrqlNotUsed.ql diff --git a/src/drivers/general/queries/IrqlNotUsed/IrqlNotUsed.sarif b/src/qlpack/src/drivers/general/queries/IrqlNotUsed/IrqlNotUsed.sarif similarity index 100% rename from src/drivers/general/queries/IrqlNotUsed/IrqlNotUsed.sarif rename to src/qlpack/src/drivers/general/queries/IrqlNotUsed/IrqlNotUsed.sarif diff --git a/src/drivers/general/queries/IrqlNotUsed/driver_snippet.c b/src/qlpack/src/drivers/general/queries/IrqlNotUsed/driver_snippet.c similarity index 100% rename from src/drivers/general/queries/IrqlNotUsed/driver_snippet.c rename to src/qlpack/src/drivers/general/queries/IrqlNotUsed/driver_snippet.c diff --git a/src/drivers/general/queries/IrqlSetTooHigh/IrqlSetTooHigh.qhelp b/src/qlpack/src/drivers/general/queries/IrqlSetTooHigh/IrqlSetTooHigh.qhelp similarity index 100% rename from src/drivers/general/queries/IrqlSetTooHigh/IrqlSetTooHigh.qhelp rename to src/qlpack/src/drivers/general/queries/IrqlSetTooHigh/IrqlSetTooHigh.qhelp diff --git a/src/drivers/general/queries/IrqlSetTooHigh/IrqlSetTooHigh.ql b/src/qlpack/src/drivers/general/queries/IrqlSetTooHigh/IrqlSetTooHigh.ql similarity index 100% rename from src/drivers/general/queries/IrqlSetTooHigh/IrqlSetTooHigh.ql rename to src/qlpack/src/drivers/general/queries/IrqlSetTooHigh/IrqlSetTooHigh.ql diff --git a/src/drivers/general/queries/IrqlSetTooHigh/IrqlSetTooHigh.sarif b/src/qlpack/src/drivers/general/queries/IrqlSetTooHigh/IrqlSetTooHigh.sarif similarity index 100% rename from src/drivers/general/queries/IrqlSetTooHigh/IrqlSetTooHigh.sarif rename to src/qlpack/src/drivers/general/queries/IrqlSetTooHigh/IrqlSetTooHigh.sarif diff --git a/src/drivers/general/queries/IrqlSetTooHigh/driver_snippet.c b/src/qlpack/src/drivers/general/queries/IrqlSetTooHigh/driver_snippet.c similarity index 100% rename from src/drivers/general/queries/IrqlSetTooHigh/driver_snippet.c rename to src/qlpack/src/drivers/general/queries/IrqlSetTooHigh/driver_snippet.c diff --git a/src/drivers/general/queries/IrqlSetTooLow/IrqlSetTooLow.qhelp b/src/qlpack/src/drivers/general/queries/IrqlSetTooLow/IrqlSetTooLow.qhelp similarity index 100% rename from src/drivers/general/queries/IrqlSetTooLow/IrqlSetTooLow.qhelp rename to src/qlpack/src/drivers/general/queries/IrqlSetTooLow/IrqlSetTooLow.qhelp diff --git a/src/drivers/general/queries/IrqlSetTooLow/IrqlSetTooLow.ql b/src/qlpack/src/drivers/general/queries/IrqlSetTooLow/IrqlSetTooLow.ql similarity index 100% rename from src/drivers/general/queries/IrqlSetTooLow/IrqlSetTooLow.ql rename to src/qlpack/src/drivers/general/queries/IrqlSetTooLow/IrqlSetTooLow.ql diff --git a/src/drivers/general/queries/IrqlSetTooLow/IrqlSetTooLow.sarif b/src/qlpack/src/drivers/general/queries/IrqlSetTooLow/IrqlSetTooLow.sarif similarity index 100% rename from src/drivers/general/queries/IrqlSetTooLow/IrqlSetTooLow.sarif rename to src/qlpack/src/drivers/general/queries/IrqlSetTooLow/IrqlSetTooLow.sarif diff --git a/src/drivers/general/queries/IrqlSetTooLow/driver_snippet.c b/src/qlpack/src/drivers/general/queries/IrqlSetTooLow/driver_snippet.c similarity index 100% rename from src/drivers/general/queries/IrqlSetTooLow/driver_snippet.c rename to src/qlpack/src/drivers/general/queries/IrqlSetTooLow/driver_snippet.c diff --git a/src/drivers/general/queries/IrqlTooHigh/IrqlTooHigh.qhelp b/src/qlpack/src/drivers/general/queries/IrqlTooHigh/IrqlTooHigh.qhelp similarity index 100% rename from src/drivers/general/queries/IrqlTooHigh/IrqlTooHigh.qhelp rename to src/qlpack/src/drivers/general/queries/IrqlTooHigh/IrqlTooHigh.qhelp diff --git a/src/drivers/general/queries/IrqlTooHigh/IrqlTooHigh.ql b/src/qlpack/src/drivers/general/queries/IrqlTooHigh/IrqlTooHigh.ql similarity index 100% rename from src/drivers/general/queries/IrqlTooHigh/IrqlTooHigh.ql rename to src/qlpack/src/drivers/general/queries/IrqlTooHigh/IrqlTooHigh.ql diff --git a/src/drivers/general/queries/IrqlTooHigh/IrqlTooHigh.sarif b/src/qlpack/src/drivers/general/queries/IrqlTooHigh/IrqlTooHigh.sarif similarity index 100% rename from src/drivers/general/queries/IrqlTooHigh/IrqlTooHigh.sarif rename to src/qlpack/src/drivers/general/queries/IrqlTooHigh/IrqlTooHigh.sarif diff --git a/src/drivers/general/queries/IrqlTooHigh/driver_snippet.c b/src/qlpack/src/drivers/general/queries/IrqlTooHigh/driver_snippet.c similarity index 100% rename from src/drivers/general/queries/IrqlTooHigh/driver_snippet.c rename to src/qlpack/src/drivers/general/queries/IrqlTooHigh/driver_snippet.c diff --git a/src/drivers/general/queries/IrqlTooLow/IrqlTooLow.qhelp b/src/qlpack/src/drivers/general/queries/IrqlTooLow/IrqlTooLow.qhelp similarity index 100% rename from src/drivers/general/queries/IrqlTooLow/IrqlTooLow.qhelp rename to src/qlpack/src/drivers/general/queries/IrqlTooLow/IrqlTooLow.qhelp diff --git a/src/drivers/general/queries/IrqlTooLow/IrqlTooLow.ql b/src/qlpack/src/drivers/general/queries/IrqlTooLow/IrqlTooLow.ql similarity index 100% rename from src/drivers/general/queries/IrqlTooLow/IrqlTooLow.ql rename to src/qlpack/src/drivers/general/queries/IrqlTooLow/IrqlTooLow.ql diff --git a/src/drivers/general/queries/IrqlTooLow/IrqlTooLow.sarif b/src/qlpack/src/drivers/general/queries/IrqlTooLow/IrqlTooLow.sarif similarity index 100% rename from src/drivers/general/queries/IrqlTooLow/IrqlTooLow.sarif rename to src/qlpack/src/drivers/general/queries/IrqlTooLow/IrqlTooLow.sarif diff --git a/src/drivers/general/queries/IrqlTooLow/driver_snippet.c b/src/qlpack/src/drivers/general/queries/IrqlTooLow/driver_snippet.c similarity index 100% rename from src/drivers/general/queries/IrqlTooLow/driver_snippet.c rename to src/qlpack/src/drivers/general/queries/IrqlTooLow/driver_snippet.c diff --git a/src/drivers/general/queries/KeSetEventPageable/KeSetEventPageable.qhelp b/src/qlpack/src/drivers/general/queries/KeSetEventPageable/KeSetEventPageable.qhelp similarity index 100% rename from src/drivers/general/queries/KeSetEventPageable/KeSetEventPageable.qhelp rename to src/qlpack/src/drivers/general/queries/KeSetEventPageable/KeSetEventPageable.qhelp diff --git a/src/drivers/general/queries/KeSetEventPageable/KeSetEventPageable.ql b/src/qlpack/src/drivers/general/queries/KeSetEventPageable/KeSetEventPageable.ql similarity index 100% rename from src/drivers/general/queries/KeSetEventPageable/KeSetEventPageable.ql rename to src/qlpack/src/drivers/general/queries/KeSetEventPageable/KeSetEventPageable.ql diff --git a/src/drivers/general/queries/KeSetEventPageable/KeSetEventPageable.sarif b/src/qlpack/src/drivers/general/queries/KeSetEventPageable/KeSetEventPageable.sarif similarity index 100% rename from src/drivers/general/queries/KeSetEventPageable/KeSetEventPageable.sarif rename to src/qlpack/src/drivers/general/queries/KeSetEventPageable/KeSetEventPageable.sarif diff --git a/src/drivers/general/queries/KeSetEventPageable/driver_snippet.c b/src/qlpack/src/drivers/general/queries/KeSetEventPageable/driver_snippet.c similarity index 100% rename from src/drivers/general/queries/KeSetEventPageable/driver_snippet.c rename to src/qlpack/src/drivers/general/queries/KeSetEventPageable/driver_snippet.c diff --git a/src/drivers/general/queries/MultipleFunctionClassAnnotations/MultipleFunctionClassAnnotations.qhelp b/src/qlpack/src/drivers/general/queries/MultipleFunctionClassAnnotations/MultipleFunctionClassAnnotations.qhelp similarity index 100% rename from src/drivers/general/queries/MultipleFunctionClassAnnotations/MultipleFunctionClassAnnotations.qhelp rename to src/qlpack/src/drivers/general/queries/MultipleFunctionClassAnnotations/MultipleFunctionClassAnnotations.qhelp diff --git a/src/drivers/general/queries/MultipleFunctionClassAnnotations/MultipleFunctionClassAnnotations.ql b/src/qlpack/src/drivers/general/queries/MultipleFunctionClassAnnotations/MultipleFunctionClassAnnotations.ql similarity index 100% rename from src/drivers/general/queries/MultipleFunctionClassAnnotations/MultipleFunctionClassAnnotations.ql rename to src/qlpack/src/drivers/general/queries/MultipleFunctionClassAnnotations/MultipleFunctionClassAnnotations.ql diff --git a/src/drivers/general/queries/MultipleFunctionClassAnnotations/MultipleFunctionClassAnnotations.sarif b/src/qlpack/src/drivers/general/queries/MultipleFunctionClassAnnotations/MultipleFunctionClassAnnotations.sarif similarity index 100% rename from src/drivers/general/queries/MultipleFunctionClassAnnotations/MultipleFunctionClassAnnotations.sarif rename to src/qlpack/src/drivers/general/queries/MultipleFunctionClassAnnotations/MultipleFunctionClassAnnotations.sarif diff --git a/src/drivers/general/queries/MultipleFunctionClassAnnotations/driver_snippet.c b/src/qlpack/src/drivers/general/queries/MultipleFunctionClassAnnotations/driver_snippet.c similarity index 100% rename from src/drivers/general/queries/MultipleFunctionClassAnnotations/driver_snippet.c rename to src/qlpack/src/drivers/general/queries/MultipleFunctionClassAnnotations/driver_snippet.c diff --git a/src/drivers/general/queries/MultithreadedAVCondition/MultithreadedAVCondition.qhelp b/src/qlpack/src/drivers/general/queries/MultithreadedAVCondition/MultithreadedAVCondition.qhelp similarity index 100% rename from src/drivers/general/queries/MultithreadedAVCondition/MultithreadedAVCondition.qhelp rename to src/qlpack/src/drivers/general/queries/MultithreadedAVCondition/MultithreadedAVCondition.qhelp diff --git a/src/drivers/general/queries/MultithreadedAVCondition/MultithreadedAVCondition.ql b/src/qlpack/src/drivers/general/queries/MultithreadedAVCondition/MultithreadedAVCondition.ql similarity index 100% rename from src/drivers/general/queries/MultithreadedAVCondition/MultithreadedAVCondition.ql rename to src/qlpack/src/drivers/general/queries/MultithreadedAVCondition/MultithreadedAVCondition.ql diff --git a/src/drivers/general/queries/MultithreadedAVCondition/MultithreadedAVCondition.sarif b/src/qlpack/src/drivers/general/queries/MultithreadedAVCondition/MultithreadedAVCondition.sarif similarity index 100% rename from src/drivers/general/queries/MultithreadedAVCondition/MultithreadedAVCondition.sarif rename to src/qlpack/src/drivers/general/queries/MultithreadedAVCondition/MultithreadedAVCondition.sarif diff --git a/src/drivers/general/queries/MultithreadedAVCondition/driver_snippet.cpp b/src/qlpack/src/drivers/general/queries/MultithreadedAVCondition/driver_snippet.cpp similarity index 100% rename from src/drivers/general/queries/MultithreadedAVCondition/driver_snippet.cpp rename to src/qlpack/src/drivers/general/queries/MultithreadedAVCondition/driver_snippet.cpp diff --git a/src/drivers/general/queries/NtstatusExplicitCast/NtstatusExplicitCast.qhelp b/src/qlpack/src/drivers/general/queries/NtstatusExplicitCast/NtstatusExplicitCast.qhelp similarity index 100% rename from src/drivers/general/queries/NtstatusExplicitCast/NtstatusExplicitCast.qhelp rename to src/qlpack/src/drivers/general/queries/NtstatusExplicitCast/NtstatusExplicitCast.qhelp diff --git a/src/drivers/general/queries/NtstatusExplicitCast/NtstatusExplicitCast.ql b/src/qlpack/src/drivers/general/queries/NtstatusExplicitCast/NtstatusExplicitCast.ql similarity index 100% rename from src/drivers/general/queries/NtstatusExplicitCast/NtstatusExplicitCast.ql rename to src/qlpack/src/drivers/general/queries/NtstatusExplicitCast/NtstatusExplicitCast.ql diff --git a/src/drivers/general/queries/NtstatusExplicitCast/NtstatusExplicitCast.sarif b/src/qlpack/src/drivers/general/queries/NtstatusExplicitCast/NtstatusExplicitCast.sarif similarity index 100% rename from src/drivers/general/queries/NtstatusExplicitCast/NtstatusExplicitCast.sarif rename to src/qlpack/src/drivers/general/queries/NtstatusExplicitCast/NtstatusExplicitCast.sarif diff --git a/src/drivers/general/queries/NtstatusExplicitCast/driver_snippet.c b/src/qlpack/src/drivers/general/queries/NtstatusExplicitCast/driver_snippet.c similarity index 100% rename from src/drivers/general/queries/NtstatusExplicitCast/driver_snippet.c rename to src/qlpack/src/drivers/general/queries/NtstatusExplicitCast/driver_snippet.c diff --git a/src/drivers/general/queries/NtstatusExplicitCast2/NtstatusExplicitCast2.qhelp b/src/qlpack/src/drivers/general/queries/NtstatusExplicitCast2/NtstatusExplicitCast2.qhelp similarity index 100% rename from src/drivers/general/queries/NtstatusExplicitCast2/NtstatusExplicitCast2.qhelp rename to src/qlpack/src/drivers/general/queries/NtstatusExplicitCast2/NtstatusExplicitCast2.qhelp diff --git a/src/drivers/general/queries/NtstatusExplicitCast2/NtstatusExplicitCast2.ql b/src/qlpack/src/drivers/general/queries/NtstatusExplicitCast2/NtstatusExplicitCast2.ql similarity index 100% rename from src/drivers/general/queries/NtstatusExplicitCast2/NtstatusExplicitCast2.ql rename to src/qlpack/src/drivers/general/queries/NtstatusExplicitCast2/NtstatusExplicitCast2.ql diff --git a/src/drivers/general/queries/NtstatusExplicitCast2/NtstatusExplicitCast2.sarif b/src/qlpack/src/drivers/general/queries/NtstatusExplicitCast2/NtstatusExplicitCast2.sarif similarity index 100% rename from src/drivers/general/queries/NtstatusExplicitCast2/NtstatusExplicitCast2.sarif rename to src/qlpack/src/drivers/general/queries/NtstatusExplicitCast2/NtstatusExplicitCast2.sarif diff --git a/src/drivers/general/queries/NtstatusExplicitCast2/driver_snippet.c b/src/qlpack/src/drivers/general/queries/NtstatusExplicitCast2/driver_snippet.c similarity index 100% rename from src/drivers/general/queries/NtstatusExplicitCast2/driver_snippet.c rename to src/qlpack/src/drivers/general/queries/NtstatusExplicitCast2/driver_snippet.c diff --git a/src/drivers/general/queries/NtstatusExplicitCast3/NtstatusExplicitCast3.qhelp b/src/qlpack/src/drivers/general/queries/NtstatusExplicitCast3/NtstatusExplicitCast3.qhelp similarity index 100% rename from src/drivers/general/queries/NtstatusExplicitCast3/NtstatusExplicitCast3.qhelp rename to src/qlpack/src/drivers/general/queries/NtstatusExplicitCast3/NtstatusExplicitCast3.qhelp diff --git a/src/drivers/general/queries/NtstatusExplicitCast3/NtstatusExplicitCast3.ql b/src/qlpack/src/drivers/general/queries/NtstatusExplicitCast3/NtstatusExplicitCast3.ql similarity index 100% rename from src/drivers/general/queries/NtstatusExplicitCast3/NtstatusExplicitCast3.ql rename to src/qlpack/src/drivers/general/queries/NtstatusExplicitCast3/NtstatusExplicitCast3.ql diff --git a/src/drivers/general/queries/NtstatusExplicitCast3/NtstatusExplicitCast3.sarif b/src/qlpack/src/drivers/general/queries/NtstatusExplicitCast3/NtstatusExplicitCast3.sarif similarity index 100% rename from src/drivers/general/queries/NtstatusExplicitCast3/NtstatusExplicitCast3.sarif rename to src/qlpack/src/drivers/general/queries/NtstatusExplicitCast3/NtstatusExplicitCast3.sarif diff --git a/src/drivers/general/queries/NtstatusExplicitCast3/driver_snippet.c b/src/qlpack/src/drivers/general/queries/NtstatusExplicitCast3/driver_snippet.c similarity index 100% rename from src/drivers/general/queries/NtstatusExplicitCast3/driver_snippet.c rename to src/qlpack/src/drivers/general/queries/NtstatusExplicitCast3/driver_snippet.c diff --git a/src/drivers/general/queries/NullCharacterPointerAssignment/NullCharacterPointerAssignment.qhelp b/src/qlpack/src/drivers/general/queries/NullCharacterPointerAssignment/NullCharacterPointerAssignment.qhelp similarity index 100% rename from src/drivers/general/queries/NullCharacterPointerAssignment/NullCharacterPointerAssignment.qhelp rename to src/qlpack/src/drivers/general/queries/NullCharacterPointerAssignment/NullCharacterPointerAssignment.qhelp diff --git a/src/drivers/general/queries/NullCharacterPointerAssignment/NullCharacterPointerAssignment.ql b/src/qlpack/src/drivers/general/queries/NullCharacterPointerAssignment/NullCharacterPointerAssignment.ql similarity index 100% rename from src/drivers/general/queries/NullCharacterPointerAssignment/NullCharacterPointerAssignment.ql rename to src/qlpack/src/drivers/general/queries/NullCharacterPointerAssignment/NullCharacterPointerAssignment.ql diff --git a/src/drivers/general/queries/NullCharacterPointerAssignment/NullCharacterPointerAssignment.sarif b/src/qlpack/src/drivers/general/queries/NullCharacterPointerAssignment/NullCharacterPointerAssignment.sarif similarity index 100% rename from src/drivers/general/queries/NullCharacterPointerAssignment/NullCharacterPointerAssignment.sarif rename to src/qlpack/src/drivers/general/queries/NullCharacterPointerAssignment/NullCharacterPointerAssignment.sarif diff --git a/src/drivers/general/queries/NullCharacterPointerAssignment/driver_snippet.c b/src/qlpack/src/drivers/general/queries/NullCharacterPointerAssignment/driver_snippet.c similarity index 100% rename from src/drivers/general/queries/NullCharacterPointerAssignment/driver_snippet.c rename to src/qlpack/src/drivers/general/queries/NullCharacterPointerAssignment/driver_snippet.c diff --git a/src/drivers/general/queries/OperandAssignment/OperandAssignment.qhelp b/src/qlpack/src/drivers/general/queries/OperandAssignment/OperandAssignment.qhelp similarity index 100% rename from src/drivers/general/queries/OperandAssignment/OperandAssignment.qhelp rename to src/qlpack/src/drivers/general/queries/OperandAssignment/OperandAssignment.qhelp diff --git a/src/drivers/general/queries/OperandAssignment/OperandAssignment.ql b/src/qlpack/src/drivers/general/queries/OperandAssignment/OperandAssignment.ql similarity index 100% rename from src/drivers/general/queries/OperandAssignment/OperandAssignment.ql rename to src/qlpack/src/drivers/general/queries/OperandAssignment/OperandAssignment.ql diff --git a/src/drivers/general/queries/OperandAssignment/OperandAssignment.sarif b/src/qlpack/src/drivers/general/queries/OperandAssignment/OperandAssignment.sarif similarity index 100% rename from src/drivers/general/queries/OperandAssignment/OperandAssignment.sarif rename to src/qlpack/src/drivers/general/queries/OperandAssignment/OperandAssignment.sarif diff --git a/src/drivers/general/queries/OperandAssignment/driver_snippet.c b/src/qlpack/src/drivers/general/queries/OperandAssignment/driver_snippet.c similarity index 100% rename from src/drivers/general/queries/OperandAssignment/driver_snippet.c rename to src/qlpack/src/drivers/general/queries/OperandAssignment/driver_snippet.c diff --git a/src/drivers/general/queries/PointerVariableSize/PointerVariableSize.qhelp b/src/qlpack/src/drivers/general/queries/PointerVariableSize/PointerVariableSize.qhelp similarity index 100% rename from src/drivers/general/queries/PointerVariableSize/PointerVariableSize.qhelp rename to src/qlpack/src/drivers/general/queries/PointerVariableSize/PointerVariableSize.qhelp diff --git a/src/drivers/general/queries/PointerVariableSize/PointerVariableSize.ql b/src/qlpack/src/drivers/general/queries/PointerVariableSize/PointerVariableSize.ql similarity index 100% rename from src/drivers/general/queries/PointerVariableSize/PointerVariableSize.ql rename to src/qlpack/src/drivers/general/queries/PointerVariableSize/PointerVariableSize.ql diff --git a/src/drivers/general/queries/PointerVariableSize/PointerVariableSize.sarif b/src/qlpack/src/drivers/general/queries/PointerVariableSize/PointerVariableSize.sarif similarity index 100% rename from src/drivers/general/queries/PointerVariableSize/PointerVariableSize.sarif rename to src/qlpack/src/drivers/general/queries/PointerVariableSize/PointerVariableSize.sarif diff --git a/src/drivers/general/queries/PointerVariableSize/driver_snippet.c b/src/qlpack/src/drivers/general/queries/PointerVariableSize/driver_snippet.c similarity index 100% rename from src/drivers/general/queries/PointerVariableSize/driver_snippet.c rename to src/qlpack/src/drivers/general/queries/PointerVariableSize/driver_snippet.c diff --git a/src/drivers/general/queries/PoolTagIntegral/PoolTagIntegral.qhelp b/src/qlpack/src/drivers/general/queries/PoolTagIntegral/PoolTagIntegral.qhelp similarity index 100% rename from src/drivers/general/queries/PoolTagIntegral/PoolTagIntegral.qhelp rename to src/qlpack/src/drivers/general/queries/PoolTagIntegral/PoolTagIntegral.qhelp diff --git a/src/drivers/general/queries/PoolTagIntegral/PoolTagIntegral.ql b/src/qlpack/src/drivers/general/queries/PoolTagIntegral/PoolTagIntegral.ql similarity index 100% rename from src/drivers/general/queries/PoolTagIntegral/PoolTagIntegral.ql rename to src/qlpack/src/drivers/general/queries/PoolTagIntegral/PoolTagIntegral.ql diff --git a/src/drivers/general/queries/PoolTagIntegral/PoolTagIntegral.sarif b/src/qlpack/src/drivers/general/queries/PoolTagIntegral/PoolTagIntegral.sarif similarity index 100% rename from src/drivers/general/queries/PoolTagIntegral/PoolTagIntegral.sarif rename to src/qlpack/src/drivers/general/queries/PoolTagIntegral/PoolTagIntegral.sarif diff --git a/src/drivers/general/queries/PoolTagIntegral/driver_snippet.c b/src/qlpack/src/drivers/general/queries/PoolTagIntegral/driver_snippet.c similarity index 100% rename from src/drivers/general/queries/PoolTagIntegral/driver_snippet.c rename to src/qlpack/src/drivers/general/queries/PoolTagIntegral/driver_snippet.c diff --git a/src/drivers/general/queries/RoleTypeCorrectlyUsed/RoleTypeCorrectlyUsed.qhelp b/src/qlpack/src/drivers/general/queries/RoleTypeCorrectlyUsed/RoleTypeCorrectlyUsed.qhelp similarity index 100% rename from src/drivers/general/queries/RoleTypeCorrectlyUsed/RoleTypeCorrectlyUsed.qhelp rename to src/qlpack/src/drivers/general/queries/RoleTypeCorrectlyUsed/RoleTypeCorrectlyUsed.qhelp diff --git a/src/drivers/general/queries/RoleTypeCorrectlyUsed/RoleTypeCorrectlyUsed.ql b/src/qlpack/src/drivers/general/queries/RoleTypeCorrectlyUsed/RoleTypeCorrectlyUsed.ql similarity index 100% rename from src/drivers/general/queries/RoleTypeCorrectlyUsed/RoleTypeCorrectlyUsed.ql rename to src/qlpack/src/drivers/general/queries/RoleTypeCorrectlyUsed/RoleTypeCorrectlyUsed.ql diff --git a/src/drivers/general/queries/RoleTypeCorrectlyUsed/RoleTypeCorrectlyUsed.sarif b/src/qlpack/src/drivers/general/queries/RoleTypeCorrectlyUsed/RoleTypeCorrectlyUsed.sarif similarity index 96% rename from src/drivers/general/queries/RoleTypeCorrectlyUsed/RoleTypeCorrectlyUsed.sarif rename to src/qlpack/src/drivers/general/queries/RoleTypeCorrectlyUsed/RoleTypeCorrectlyUsed.sarif index aab47630..e696dab2 100644 --- a/src/drivers/general/queries/RoleTypeCorrectlyUsed/RoleTypeCorrectlyUsed.sarif +++ b/src/qlpack/src/drivers/general/queries/RoleTypeCorrectlyUsed/RoleTypeCorrectlyUsed.sarif @@ -1,200 +1,200 @@ -{ - "$schema" : "https://json.schemastore.org/sarif-2.1.0.json", - "version" : "2.1.0", - "runs" : [ { - "tool" : { - "driver" : { - "name" : "CodeQL", - "organization" : "GitHub", - "semanticVersion" : "2.15.4", - "notifications" : [ { - "id" : "cpp/baseline/expected-extracted-files", - "name" : "cpp/baseline/expected-extracted-files", - "shortDescription" : { - "text" : "Expected extracted files" - }, - "fullDescription" : { - "text" : "Files appearing in the source archive that are expected to be extracted." - }, - "defaultConfiguration" : { - "enabled" : true - }, - "properties" : { - "tags" : [ "expected-extracted-files", "telemetry" ] - } - } ], - "rules" : [ { - "id" : "cpp/drivers/role-type-correctly-used", - "name" : "cpp/drivers/role-type-correctly-used", - "shortDescription" : { - "text" : "Incorrect Role Type Use" - }, - "fullDescription" : { - "text" : "A function is declared with a role type but used as an argument in a function that expects a different role type for that argument." - }, - "defaultConfiguration" : { - "enabled" : true, - "level" : "warning" - }, - "properties" : { - "tags" : [ "correctness" ], - "description" : "A function is declared with a role type but used as an argument in a function that expects a different role type for that argument.", - "feature.area" : "Multiple", - "id" : "cpp/drivers/role-type-correctly-used", - "impact" : "Insecure Coding Practice", - "kind" : "problem", - "name" : "Incorrect Role Type Use", - "opaqueid" : "CQLD-D0007", - "owner.email:" : "sdat@microsoft.com", - "platform" : "Desktop", - "precision" : "medium", - "problem.severity" : "warning", - "query-version" : "v2", - "repro.text" : "", - "scope" : "domainspecific" - } - } ] - }, - "extensions" : [ { - "name" : "microsoft/windows-drivers", - "semanticVersion" : "1.1.0+2affc3c634804dac7504a483a378cc9ba22a0f0b", - "locations" : [ { - "uri" : "file:///C:/codeql-home/Windows-Driver-Developer-Supplemental-Tools/src/", - "description" : { - "text" : "The QL pack root directory." - } - }, { - "uri" : "file:///C:/codeql-home/Windows-Driver-Developer-Supplemental-Tools/src/qlpack.yml", - "description" : { - "text" : "The QL pack definition file." - } - } ] - } ] - }, - "invocations" : [ { - "toolExecutionNotifications" : [ { - "locations" : [ { - "physicalLocation" : { - "artifactLocation" : { - "uri" : "driver/fail_driver1.c", - "uriBaseId" : "%SRCROOT%", - "index" : 1 - } - } - } ], - "message" : { - "text" : "" - }, - "level" : "none", - "descriptor" : { - "id" : "cpp/baseline/expected-extracted-files", - "index" : 0 - }, - "properties" : { - "formattedMessage" : { - "text" : "" - } - } - }, { - "locations" : [ { - "physicalLocation" : { - "artifactLocation" : { - "uri" : "driver/driver_snippet.c", - "uriBaseId" : "%SRCROOT%", - "index" : 0 - } - } - } ], - "message" : { - "text" : "" - }, - "level" : "none", - "descriptor" : { - "id" : "cpp/baseline/expected-extracted-files", - "index" : 0 - }, - "properties" : { - "formattedMessage" : { - "text" : "" - } - } - }, { - "locations" : [ { - "physicalLocation" : { - "artifactLocation" : { - "uri" : "driver/fail_driver1.h", - "uriBaseId" : "%SRCROOT%", - "index" : 2 - } - } - } ], - "message" : { - "text" : "" - }, - "level" : "none", - "descriptor" : { - "id" : "cpp/baseline/expected-extracted-files", - "index" : 0 - }, - "properties" : { - "formattedMessage" : { - "text" : "" - } - } - } ], - "executionSuccessful" : true - } ], - "artifacts" : [ { - "location" : { - "uri" : "driver/driver_snippet.c", - "uriBaseId" : "%SRCROOT%", - "index" : 0 - } - }, { - "location" : { - "uri" : "driver/fail_driver1.c", - "uriBaseId" : "%SRCROOT%", - "index" : 1 - } - }, { - "location" : { - "uri" : "driver/fail_driver1.h", - "uriBaseId" : "%SRCROOT%", - "index" : 2 - } - } ], - "results" : [ { - "ruleId" : "cpp/drivers/role-type-correctly-used", - "ruleIndex" : 0, - "rule" : { - "id" : "cpp/drivers/role-type-correctly-used", - "index" : 0 - }, - "message" : { - "text" : "Function BadUnload declared with role type but role type DRIVER_UNLOAD is expected." - }, - "locations" : [ { - "physicalLocation" : { - "artifactLocation" : { - "uri" : "driver/driver_snippet.c", - "uriBaseId" : "%SRCROOT%", - "index" : 0 - }, - "region" : { - "startLine" : 38, - "startColumn" : 34, - "endColumn" : 43 - } - } - } ], - "partialFingerprints" : { - "primaryLocationLineHash" : "9b23495b84787ea7:1", - "primaryLocationStartColumnFingerprint" : "29" - } - } ], - "columnKind" : "utf16CodeUnits", - "properties" : { - "semmle.formatSpecifier" : "sarifv2.1.0" - } - } ] +{ + "$schema" : "https://json.schemastore.org/sarif-2.1.0.json", + "version" : "2.1.0", + "runs" : [ { + "tool" : { + "driver" : { + "name" : "CodeQL", + "organization" : "GitHub", + "semanticVersion" : "2.15.4", + "notifications" : [ { + "id" : "cpp/baseline/expected-extracted-files", + "name" : "cpp/baseline/expected-extracted-files", + "shortDescription" : { + "text" : "Expected extracted files" + }, + "fullDescription" : { + "text" : "Files appearing in the source archive that are expected to be extracted." + }, + "defaultConfiguration" : { + "enabled" : true + }, + "properties" : { + "tags" : [ "expected-extracted-files", "telemetry" ] + } + } ], + "rules" : [ { + "id" : "cpp/drivers/role-type-correctly-used", + "name" : "cpp/drivers/role-type-correctly-used", + "shortDescription" : { + "text" : "Incorrect Role Type Use" + }, + "fullDescription" : { + "text" : "A function is declared with a role type but used as an argument in a function that expects a different role type for that argument." + }, + "defaultConfiguration" : { + "enabled" : true, + "level" : "warning" + }, + "properties" : { + "tags" : [ "correctness" ], + "description" : "A function is declared with a role type but used as an argument in a function that expects a different role type for that argument.", + "feature.area" : "Multiple", + "id" : "cpp/drivers/role-type-correctly-used", + "impact" : "Insecure Coding Practice", + "kind" : "problem", + "name" : "Incorrect Role Type Use", + "opaqueid" : "CQLD-D0007", + "owner.email:" : "sdat@microsoft.com", + "platform" : "Desktop", + "precision" : "medium", + "problem.severity" : "warning", + "query-version" : "v2", + "repro.text" : "", + "scope" : "domainspecific" + } + } ] + }, + "extensions" : [ { + "name" : "microsoft/windows-drivers", + "semanticVersion" : "1.1.0+2affc3c634804dac7504a483a378cc9ba22a0f0b", + "locations" : [ { + "uri" : "file:///C:/codeql-home/Windows-Driver-Developer-Supplemental-Tools/src/", + "description" : { + "text" : "The QL pack root directory." + } + }, { + "uri" : "file:///C:/codeql-home/Windows-Driver-Developer-Supplemental-Tools/src/qlpack.yml", + "description" : { + "text" : "The QL pack definition file." + } + } ] + } ] + }, + "invocations" : [ { + "toolExecutionNotifications" : [ { + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "driver/fail_driver1.c", + "uriBaseId" : "%SRCROOT%", + "index" : 1 + } + } + } ], + "message" : { + "text" : "" + }, + "level" : "none", + "descriptor" : { + "id" : "cpp/baseline/expected-extracted-files", + "index" : 0 + }, + "properties" : { + "formattedMessage" : { + "text" : "" + } + } + }, { + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "driver/driver_snippet.c", + "uriBaseId" : "%SRCROOT%", + "index" : 0 + } + } + } ], + "message" : { + "text" : "" + }, + "level" : "none", + "descriptor" : { + "id" : "cpp/baseline/expected-extracted-files", + "index" : 0 + }, + "properties" : { + "formattedMessage" : { + "text" : "" + } + } + }, { + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "driver/fail_driver1.h", + "uriBaseId" : "%SRCROOT%", + "index" : 2 + } + } + } ], + "message" : { + "text" : "" + }, + "level" : "none", + "descriptor" : { + "id" : "cpp/baseline/expected-extracted-files", + "index" : 0 + }, + "properties" : { + "formattedMessage" : { + "text" : "" + } + } + } ], + "executionSuccessful" : true + } ], + "artifacts" : [ { + "location" : { + "uri" : "driver/driver_snippet.c", + "uriBaseId" : "%SRCROOT%", + "index" : 0 + } + }, { + "location" : { + "uri" : "driver/fail_driver1.c", + "uriBaseId" : "%SRCROOT%", + "index" : 1 + } + }, { + "location" : { + "uri" : "driver/fail_driver1.h", + "uriBaseId" : "%SRCROOT%", + "index" : 2 + } + } ], + "results" : [ { + "ruleId" : "cpp/drivers/role-type-correctly-used", + "ruleIndex" : 0, + "rule" : { + "id" : "cpp/drivers/role-type-correctly-used", + "index" : 0 + }, + "message" : { + "text" : "Function BadUnload declared with role type but role type DRIVER_UNLOAD is expected." + }, + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "driver/driver_snippet.c", + "uriBaseId" : "%SRCROOT%", + "index" : 0 + }, + "region" : { + "startLine" : 38, + "startColumn" : 34, + "endColumn" : 43 + } + } + } ], + "partialFingerprints" : { + "primaryLocationLineHash" : "9b23495b84787ea7:1", + "primaryLocationStartColumnFingerprint" : "29" + } + } ], + "columnKind" : "utf16CodeUnits", + "properties" : { + "semmle.formatSpecifier" : "sarifv2.1.0" + } + } ] } \ No newline at end of file diff --git a/src/drivers/general/queries/RoleTypeCorrectlyUsed/driver_snippet.c b/src/qlpack/src/drivers/general/queries/RoleTypeCorrectlyUsed/driver_snippet.c similarity index 100% rename from src/drivers/general/queries/RoleTypeCorrectlyUsed/driver_snippet.c rename to src/qlpack/src/drivers/general/queries/RoleTypeCorrectlyUsed/driver_snippet.c diff --git a/src/drivers/general/queries/RoutineFunctionTypeNotExpected/RoutineFunctionTypeNotExpected.qhelp b/src/qlpack/src/drivers/general/queries/RoutineFunctionTypeNotExpected/RoutineFunctionTypeNotExpected.qhelp similarity index 100% rename from src/drivers/general/queries/RoutineFunctionTypeNotExpected/RoutineFunctionTypeNotExpected.qhelp rename to src/qlpack/src/drivers/general/queries/RoutineFunctionTypeNotExpected/RoutineFunctionTypeNotExpected.qhelp diff --git a/src/drivers/general/queries/RoutineFunctionTypeNotExpected/RoutineFunctionTypeNotExpected.ql b/src/qlpack/src/drivers/general/queries/RoutineFunctionTypeNotExpected/RoutineFunctionTypeNotExpected.ql similarity index 100% rename from src/drivers/general/queries/RoutineFunctionTypeNotExpected/RoutineFunctionTypeNotExpected.ql rename to src/qlpack/src/drivers/general/queries/RoutineFunctionTypeNotExpected/RoutineFunctionTypeNotExpected.ql diff --git a/src/drivers/general/queries/RoutineFunctionTypeNotExpected/RoutineFunctionTypeNotExpected.sarif b/src/qlpack/src/drivers/general/queries/RoutineFunctionTypeNotExpected/RoutineFunctionTypeNotExpected.sarif similarity index 96% rename from src/drivers/general/queries/RoutineFunctionTypeNotExpected/RoutineFunctionTypeNotExpected.sarif rename to src/qlpack/src/drivers/general/queries/RoutineFunctionTypeNotExpected/RoutineFunctionTypeNotExpected.sarif index 7ea811e5..a2fba07e 100644 --- a/src/drivers/general/queries/RoutineFunctionTypeNotExpected/RoutineFunctionTypeNotExpected.sarif +++ b/src/qlpack/src/drivers/general/queries/RoutineFunctionTypeNotExpected/RoutineFunctionTypeNotExpected.sarif @@ -1,413 +1,413 @@ -{ - "$schema" : "https://json.schemastore.org/sarif-2.1.0.json", - "version" : "2.1.0", - "runs" : [ { - "tool" : { - "driver" : { - "name" : "CodeQL", - "organization" : "GitHub", - "semanticVersion" : "2.15.4", - "notifications" : [ { - "id" : "cpp/baseline/expected-extracted-files", - "name" : "cpp/baseline/expected-extracted-files", - "shortDescription" : { - "text" : "Expected extracted files" - }, - "fullDescription" : { - "text" : "Files appearing in the source archive that are expected to be extracted." - }, - "defaultConfiguration" : { - "enabled" : true - }, - "properties" : { - "tags" : [ "expected-extracted-files", "telemetry" ] - } - } ], - "rules" : [ { - "id" : "cpp/drivers/routine-function-type-not-expected", - "name" : "cpp/drivers/routine-function-type-not-expected", - "shortDescription" : { - "text" : "Unexpected function return type for routine (C28127)" - }, - "fullDescription" : { - "text" : "The function being used as a routine does not exactly match the type expected." - }, - "defaultConfiguration" : { - "enabled" : true, - "level" : "warning" - }, - "properties" : { - "tags" : [ "correctness", "wddst" ], - "description" : "The function being used as a routine does not exactly match the type expected.", - "feature.area" : "Multiple", - "id" : "cpp/drivers/routine-function-type-not-expected", - "impact" : "Attack Surface Reduction", - "kind" : "problem", - "name" : "Unexpected function return type for routine (C28127)", - "opaqueid" : "CQLD-C28127", - "owner.email" : "sdat@microsoft.com", - "platform" : "Desktop", - "precision" : "high", - "problem.severity" : "warning", - "query-version" : "v2", - "repro.text" : "The following code locations use a function pointer with a return type that does not match the expected type", - "scope" : "domainspecific", - "security.severity" : "Low" - } - } ] - }, - "extensions" : [ { - "name" : "microsoft/windows-drivers", - "semanticVersion" : "1.0.12+7ade7ce2ebcb754809ebf7d2d9801d5d76167d5b", - "locations" : [ { - "uri" : "file:///C:/codeql-home/Windows-Driver-Developer-Supplemental-Tools/src/", - "description" : { - "text" : "The QL pack root directory." - } - }, { - "uri" : "file:///C:/codeql-home/Windows-Driver-Developer-Supplemental-Tools/src/qlpack.yml", - "description" : { - "text" : "The QL pack definition file." - } - } ] - } ] - }, - "invocations" : [ { - "toolExecutionNotifications" : [ { - "locations" : [ { - "physicalLocation" : { - "artifactLocation" : { - "uri" : "driver/driver_snippet.c", - "uriBaseId" : "%SRCROOT%", - "index" : 0 - } - } - } ], - "message" : { - "text" : "" - }, - "level" : "none", - "descriptor" : { - "id" : "cpp/baseline/expected-extracted-files", - "index" : 0 - }, - "properties" : { - "formattedMessage" : { - "text" : "" - } - } - }, { - "locations" : [ { - "physicalLocation" : { - "artifactLocation" : { - "uri" : "driver/fail_driver1.c", - "uriBaseId" : "%SRCROOT%", - "index" : 1 - } - } - } ], - "message" : { - "text" : "" - }, - "level" : "none", - "descriptor" : { - "id" : "cpp/baseline/expected-extracted-files", - "index" : 0 - }, - "properties" : { - "formattedMessage" : { - "text" : "" - } - } - }, { - "locations" : [ { - "physicalLocation" : { - "artifactLocation" : { - "uri" : "driver/fail_driver1.h", - "uriBaseId" : "%SRCROOT%", - "index" : 2 - } - } - } ], - "message" : { - "text" : "" - }, - "level" : "none", - "descriptor" : { - "id" : "cpp/baseline/expected-extracted-files", - "index" : 0 - }, - "properties" : { - "formattedMessage" : { - "text" : "" - } - } - } ], - "executionSuccessful" : true - } ], - "artifacts" : [ { - "location" : { - "uri" : "driver/driver_snippet.c", - "uriBaseId" : "%SRCROOT%", - "index" : 0 - } - }, { - "location" : { - "uri" : "driver/fail_driver1.c", - "uriBaseId" : "%SRCROOT%", - "index" : 1 - } - }, { - "location" : { - "uri" : "driver/fail_driver1.h", - "uriBaseId" : "%SRCROOT%", - "index" : 2 - } - } ], - "results" : [ { - "ruleId" : "cpp/drivers/routine-function-type-not-expected", - "ruleIndex" : 0, - "rule" : { - "id" : "cpp/drivers/routine-function-type-not-expected", - "index" : 0 - }, - "message" : { - "text" : "Function call [call to functionCallThatUsesFunctionPointer](1) passes in a function pointer [intFunctionToCall](2) for parameter [functionPointer](3), but the function signature of the provided function does not match what is expected: return type mismatch: expected: void, actual: int" - }, - "locations" : [ { - "physicalLocation" : { - "artifactLocation" : { - "uri" : "driver/driver_snippet.c", - "uriBaseId" : "%SRCROOT%", - "index" : 0 - }, - "region" : { - "startLine" : 92, - "startColumn" : 5, - "endColumn" : 40 - } - } - } ], - "partialFingerprints" : { - "primaryLocationLineHash" : "3156b91ec348a1bb:1", - "primaryLocationStartColumnFingerprint" : "0" - }, - "relatedLocations" : [ { - "id" : 1, - "physicalLocation" : { - "artifactLocation" : { - "uri" : "driver/driver_snippet.c", - "uriBaseId" : "%SRCROOT%", - "index" : 0 - }, - "region" : { - "startLine" : 92, - "startColumn" : 5, - "endColumn" : 40 - } - }, - "message" : { - "text" : "call to functionCallThatUsesFunctionPointer" - } - }, { - "id" : 2, - "physicalLocation" : { - "artifactLocation" : { - "uri" : "driver/driver_snippet.c", - "uriBaseId" : "%SRCROOT%", - "index" : 0 - }, - "region" : { - "startLine" : 38, - "startColumn" : 5, - "endColumn" : 22 - } - }, - "message" : { - "text" : "intFunctionToCall" - } - }, { - "id" : 3, - "physicalLocation" : { - "artifactLocation" : { - "uri" : "driver/driver_snippet.c", - "uriBaseId" : "%SRCROOT%", - "index" : 0 - }, - "region" : { - "startLine" : 50, - "startColumn" : 51, - "endColumn" : 66 - } - }, - "message" : { - "text" : "functionPointer" - } - } ] - }, { - "ruleId" : "cpp/drivers/routine-function-type-not-expected", - "ruleIndex" : 0, - "rule" : { - "id" : "cpp/drivers/routine-function-type-not-expected", - "index" : 0 - }, - "message" : { - "text" : "Function call [call to functionCallThatUsesFunctionPointer2](1) passes in a function pointer [intFunctionToCall](2) for parameter [functionPointer](3), but the function signature of the provided function does not match what is expected: return type mismatch: expected: void, actual: int" - }, - "locations" : [ { - "physicalLocation" : { - "artifactLocation" : { - "uri" : "driver/driver_snippet.c", - "uriBaseId" : "%SRCROOT%", - "index" : 0 - }, - "region" : { - "startLine" : 96, - "startColumn" : 5, - "endColumn" : 41 - } - } - } ], - "partialFingerprints" : { - "primaryLocationLineHash" : "b2e192116459028c:1", - "primaryLocationStartColumnFingerprint" : "0" - }, - "relatedLocations" : [ { - "id" : 1, - "physicalLocation" : { - "artifactLocation" : { - "uri" : "driver/driver_snippet.c", - "uriBaseId" : "%SRCROOT%", - "index" : 0 - }, - "region" : { - "startLine" : 96, - "startColumn" : 5, - "endColumn" : 41 - } - }, - "message" : { - "text" : "call to functionCallThatUsesFunctionPointer2" - } - }, { - "id" : 2, - "physicalLocation" : { - "artifactLocation" : { - "uri" : "driver/driver_snippet.c", - "uriBaseId" : "%SRCROOT%", - "index" : 0 - }, - "region" : { - "startLine" : 38, - "startColumn" : 5, - "endColumn" : 22 - } - }, - "message" : { - "text" : "intFunctionToCall" - } - }, { - "id" : 3, - "physicalLocation" : { - "artifactLocation" : { - "uri" : "driver/driver_snippet.c", - "uriBaseId" : "%SRCROOT%", - "index" : 0 - }, - "region" : { - "startLine" : 55, - "startColumn" : 60, - "endColumn" : 75 - } - }, - "message" : { - "text" : "functionPointer" - } - } ] - }, { - "ruleId" : "cpp/drivers/routine-function-type-not-expected", - "ruleIndex" : 0, - "rule" : { - "id" : "cpp/drivers/routine-function-type-not-expected", - "index" : 0 - }, - "message" : { - "text" : "Function call [call to functionCallThatUsesFunctionPointer3](1) passes in a function pointer [voidFunctionToCall](2) for parameter [functionPointer](3), but the function signature of the provided function does not match what is expected: parameter count mismatch: expected: 3 parameters, actual: 0 parameters" - }, - "locations" : [ { - "physicalLocation" : { - "artifactLocation" : { - "uri" : "driver/driver_snippet.c", - "uriBaseId" : "%SRCROOT%", - "index" : 0 - }, - "region" : { - "startLine" : 105, - "startColumn" : 5, - "endColumn" : 41 - } - } - } ], - "partialFingerprints" : { - "primaryLocationLineHash" : "69e17f41c5580c20:1", - "primaryLocationStartColumnFingerprint" : "0" - }, - "relatedLocations" : [ { - "id" : 1, - "physicalLocation" : { - "artifactLocation" : { - "uri" : "driver/driver_snippet.c", - "uriBaseId" : "%SRCROOT%", - "index" : 0 - }, - "region" : { - "startLine" : 105, - "startColumn" : 5, - "endColumn" : 41 - } - }, - "message" : { - "text" : "call to functionCallThatUsesFunctionPointer3" - } - }, { - "id" : 2, - "physicalLocation" : { - "artifactLocation" : { - "uri" : "driver/driver_snippet.c", - "uriBaseId" : "%SRCROOT%", - "index" : 0 - }, - "region" : { - "startLine" : 29, - "startColumn" : 6, - "endColumn" : 24 - } - }, - "message" : { - "text" : "voidFunctionToCall" - } - }, { - "id" : 3, - "physicalLocation" : { - "artifactLocation" : { - "uri" : "driver/driver_snippet.c", - "uriBaseId" : "%SRCROOT%", - "index" : 0 - }, - "region" : { - "startLine" : 66, - "startColumn" : 53, - "endColumn" : 68 - } - }, - "message" : { - "text" : "functionPointer" - } - } ] - } ], - "columnKind" : "utf16CodeUnits", - "properties" : { - "semmle.formatSpecifier" : "sarifv2.1.0" - } - } ] +{ + "$schema" : "https://json.schemastore.org/sarif-2.1.0.json", + "version" : "2.1.0", + "runs" : [ { + "tool" : { + "driver" : { + "name" : "CodeQL", + "organization" : "GitHub", + "semanticVersion" : "2.15.4", + "notifications" : [ { + "id" : "cpp/baseline/expected-extracted-files", + "name" : "cpp/baseline/expected-extracted-files", + "shortDescription" : { + "text" : "Expected extracted files" + }, + "fullDescription" : { + "text" : "Files appearing in the source archive that are expected to be extracted." + }, + "defaultConfiguration" : { + "enabled" : true + }, + "properties" : { + "tags" : [ "expected-extracted-files", "telemetry" ] + } + } ], + "rules" : [ { + "id" : "cpp/drivers/routine-function-type-not-expected", + "name" : "cpp/drivers/routine-function-type-not-expected", + "shortDescription" : { + "text" : "Unexpected function return type for routine (C28127)" + }, + "fullDescription" : { + "text" : "The function being used as a routine does not exactly match the type expected." + }, + "defaultConfiguration" : { + "enabled" : true, + "level" : "warning" + }, + "properties" : { + "tags" : [ "correctness", "wddst" ], + "description" : "The function being used as a routine does not exactly match the type expected.", + "feature.area" : "Multiple", + "id" : "cpp/drivers/routine-function-type-not-expected", + "impact" : "Attack Surface Reduction", + "kind" : "problem", + "name" : "Unexpected function return type for routine (C28127)", + "opaqueid" : "CQLD-C28127", + "owner.email" : "sdat@microsoft.com", + "platform" : "Desktop", + "precision" : "high", + "problem.severity" : "warning", + "query-version" : "v2", + "repro.text" : "The following code locations use a function pointer with a return type that does not match the expected type", + "scope" : "domainspecific", + "security.severity" : "Low" + } + } ] + }, + "extensions" : [ { + "name" : "microsoft/windows-drivers", + "semanticVersion" : "1.0.12+7ade7ce2ebcb754809ebf7d2d9801d5d76167d5b", + "locations" : [ { + "uri" : "file:///C:/codeql-home/Windows-Driver-Developer-Supplemental-Tools/src/", + "description" : { + "text" : "The QL pack root directory." + } + }, { + "uri" : "file:///C:/codeql-home/Windows-Driver-Developer-Supplemental-Tools/src/qlpack.yml", + "description" : { + "text" : "The QL pack definition file." + } + } ] + } ] + }, + "invocations" : [ { + "toolExecutionNotifications" : [ { + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "driver/driver_snippet.c", + "uriBaseId" : "%SRCROOT%", + "index" : 0 + } + } + } ], + "message" : { + "text" : "" + }, + "level" : "none", + "descriptor" : { + "id" : "cpp/baseline/expected-extracted-files", + "index" : 0 + }, + "properties" : { + "formattedMessage" : { + "text" : "" + } + } + }, { + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "driver/fail_driver1.c", + "uriBaseId" : "%SRCROOT%", + "index" : 1 + } + } + } ], + "message" : { + "text" : "" + }, + "level" : "none", + "descriptor" : { + "id" : "cpp/baseline/expected-extracted-files", + "index" : 0 + }, + "properties" : { + "formattedMessage" : { + "text" : "" + } + } + }, { + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "driver/fail_driver1.h", + "uriBaseId" : "%SRCROOT%", + "index" : 2 + } + } + } ], + "message" : { + "text" : "" + }, + "level" : "none", + "descriptor" : { + "id" : "cpp/baseline/expected-extracted-files", + "index" : 0 + }, + "properties" : { + "formattedMessage" : { + "text" : "" + } + } + } ], + "executionSuccessful" : true + } ], + "artifacts" : [ { + "location" : { + "uri" : "driver/driver_snippet.c", + "uriBaseId" : "%SRCROOT%", + "index" : 0 + } + }, { + "location" : { + "uri" : "driver/fail_driver1.c", + "uriBaseId" : "%SRCROOT%", + "index" : 1 + } + }, { + "location" : { + "uri" : "driver/fail_driver1.h", + "uriBaseId" : "%SRCROOT%", + "index" : 2 + } + } ], + "results" : [ { + "ruleId" : "cpp/drivers/routine-function-type-not-expected", + "ruleIndex" : 0, + "rule" : { + "id" : "cpp/drivers/routine-function-type-not-expected", + "index" : 0 + }, + "message" : { + "text" : "Function call [call to functionCallThatUsesFunctionPointer](1) passes in a function pointer [intFunctionToCall](2) for parameter [functionPointer](3), but the function signature of the provided function does not match what is expected: return type mismatch: expected: void, actual: int" + }, + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "driver/driver_snippet.c", + "uriBaseId" : "%SRCROOT%", + "index" : 0 + }, + "region" : { + "startLine" : 92, + "startColumn" : 5, + "endColumn" : 40 + } + } + } ], + "partialFingerprints" : { + "primaryLocationLineHash" : "3156b91ec348a1bb:1", + "primaryLocationStartColumnFingerprint" : "0" + }, + "relatedLocations" : [ { + "id" : 1, + "physicalLocation" : { + "artifactLocation" : { + "uri" : "driver/driver_snippet.c", + "uriBaseId" : "%SRCROOT%", + "index" : 0 + }, + "region" : { + "startLine" : 92, + "startColumn" : 5, + "endColumn" : 40 + } + }, + "message" : { + "text" : "call to functionCallThatUsesFunctionPointer" + } + }, { + "id" : 2, + "physicalLocation" : { + "artifactLocation" : { + "uri" : "driver/driver_snippet.c", + "uriBaseId" : "%SRCROOT%", + "index" : 0 + }, + "region" : { + "startLine" : 38, + "startColumn" : 5, + "endColumn" : 22 + } + }, + "message" : { + "text" : "intFunctionToCall" + } + }, { + "id" : 3, + "physicalLocation" : { + "artifactLocation" : { + "uri" : "driver/driver_snippet.c", + "uriBaseId" : "%SRCROOT%", + "index" : 0 + }, + "region" : { + "startLine" : 50, + "startColumn" : 51, + "endColumn" : 66 + } + }, + "message" : { + "text" : "functionPointer" + } + } ] + }, { + "ruleId" : "cpp/drivers/routine-function-type-not-expected", + "ruleIndex" : 0, + "rule" : { + "id" : "cpp/drivers/routine-function-type-not-expected", + "index" : 0 + }, + "message" : { + "text" : "Function call [call to functionCallThatUsesFunctionPointer2](1) passes in a function pointer [intFunctionToCall](2) for parameter [functionPointer](3), but the function signature of the provided function does not match what is expected: return type mismatch: expected: void, actual: int" + }, + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "driver/driver_snippet.c", + "uriBaseId" : "%SRCROOT%", + "index" : 0 + }, + "region" : { + "startLine" : 96, + "startColumn" : 5, + "endColumn" : 41 + } + } + } ], + "partialFingerprints" : { + "primaryLocationLineHash" : "b2e192116459028c:1", + "primaryLocationStartColumnFingerprint" : "0" + }, + "relatedLocations" : [ { + "id" : 1, + "physicalLocation" : { + "artifactLocation" : { + "uri" : "driver/driver_snippet.c", + "uriBaseId" : "%SRCROOT%", + "index" : 0 + }, + "region" : { + "startLine" : 96, + "startColumn" : 5, + "endColumn" : 41 + } + }, + "message" : { + "text" : "call to functionCallThatUsesFunctionPointer2" + } + }, { + "id" : 2, + "physicalLocation" : { + "artifactLocation" : { + "uri" : "driver/driver_snippet.c", + "uriBaseId" : "%SRCROOT%", + "index" : 0 + }, + "region" : { + "startLine" : 38, + "startColumn" : 5, + "endColumn" : 22 + } + }, + "message" : { + "text" : "intFunctionToCall" + } + }, { + "id" : 3, + "physicalLocation" : { + "artifactLocation" : { + "uri" : "driver/driver_snippet.c", + "uriBaseId" : "%SRCROOT%", + "index" : 0 + }, + "region" : { + "startLine" : 55, + "startColumn" : 60, + "endColumn" : 75 + } + }, + "message" : { + "text" : "functionPointer" + } + } ] + }, { + "ruleId" : "cpp/drivers/routine-function-type-not-expected", + "ruleIndex" : 0, + "rule" : { + "id" : "cpp/drivers/routine-function-type-not-expected", + "index" : 0 + }, + "message" : { + "text" : "Function call [call to functionCallThatUsesFunctionPointer3](1) passes in a function pointer [voidFunctionToCall](2) for parameter [functionPointer](3), but the function signature of the provided function does not match what is expected: parameter count mismatch: expected: 3 parameters, actual: 0 parameters" + }, + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "driver/driver_snippet.c", + "uriBaseId" : "%SRCROOT%", + "index" : 0 + }, + "region" : { + "startLine" : 105, + "startColumn" : 5, + "endColumn" : 41 + } + } + } ], + "partialFingerprints" : { + "primaryLocationLineHash" : "69e17f41c5580c20:1", + "primaryLocationStartColumnFingerprint" : "0" + }, + "relatedLocations" : [ { + "id" : 1, + "physicalLocation" : { + "artifactLocation" : { + "uri" : "driver/driver_snippet.c", + "uriBaseId" : "%SRCROOT%", + "index" : 0 + }, + "region" : { + "startLine" : 105, + "startColumn" : 5, + "endColumn" : 41 + } + }, + "message" : { + "text" : "call to functionCallThatUsesFunctionPointer3" + } + }, { + "id" : 2, + "physicalLocation" : { + "artifactLocation" : { + "uri" : "driver/driver_snippet.c", + "uriBaseId" : "%SRCROOT%", + "index" : 0 + }, + "region" : { + "startLine" : 29, + "startColumn" : 6, + "endColumn" : 24 + } + }, + "message" : { + "text" : "voidFunctionToCall" + } + }, { + "id" : 3, + "physicalLocation" : { + "artifactLocation" : { + "uri" : "driver/driver_snippet.c", + "uriBaseId" : "%SRCROOT%", + "index" : 0 + }, + "region" : { + "startLine" : 66, + "startColumn" : 53, + "endColumn" : 68 + } + }, + "message" : { + "text" : "functionPointer" + } + } ] + } ], + "columnKind" : "utf16CodeUnits", + "properties" : { + "semmle.formatSpecifier" : "sarifv2.1.0" + } + } ] } \ No newline at end of file diff --git a/src/drivers/general/queries/RoutineFunctionTypeNotExpected/driver_snippet.c b/src/qlpack/src/drivers/general/queries/RoutineFunctionTypeNotExpected/driver_snippet.c similarity index 100% rename from src/drivers/general/queries/RoutineFunctionTypeNotExpected/driver_snippet.c rename to src/qlpack/src/drivers/general/queries/RoutineFunctionTypeNotExpected/driver_snippet.c diff --git a/src/drivers/general/queries/StaticInitializer/StaticInitializer.qhelp b/src/qlpack/src/drivers/general/queries/StaticInitializer/StaticInitializer.qhelp similarity index 100% rename from src/drivers/general/queries/StaticInitializer/StaticInitializer.qhelp rename to src/qlpack/src/drivers/general/queries/StaticInitializer/StaticInitializer.qhelp diff --git a/src/drivers/general/queries/StaticInitializer/StaticInitializer.ql b/src/qlpack/src/drivers/general/queries/StaticInitializer/StaticInitializer.ql similarity index 100% rename from src/drivers/general/queries/StaticInitializer/StaticInitializer.ql rename to src/qlpack/src/drivers/general/queries/StaticInitializer/StaticInitializer.ql diff --git a/src/drivers/general/queries/StaticInitializer/StaticInitializer.sarif b/src/qlpack/src/drivers/general/queries/StaticInitializer/StaticInitializer.sarif similarity index 100% rename from src/drivers/general/queries/StaticInitializer/StaticInitializer.sarif rename to src/qlpack/src/drivers/general/queries/StaticInitializer/StaticInitializer.sarif diff --git a/src/drivers/general/queries/StaticInitializer/driver_snippet.cpp b/src/qlpack/src/drivers/general/queries/StaticInitializer/driver_snippet.cpp similarity index 100% rename from src/drivers/general/queries/StaticInitializer/driver_snippet.cpp rename to src/qlpack/src/drivers/general/queries/StaticInitializer/driver_snippet.cpp diff --git a/src/drivers/general/queries/StrSafe/StrSafe.qhelp b/src/qlpack/src/drivers/general/queries/StrSafe/StrSafe.qhelp similarity index 100% rename from src/drivers/general/queries/StrSafe/StrSafe.qhelp rename to src/qlpack/src/drivers/general/queries/StrSafe/StrSafe.qhelp diff --git a/src/drivers/general/queries/StrSafe/StrSafe.ql b/src/qlpack/src/drivers/general/queries/StrSafe/StrSafe.ql similarity index 100% rename from src/drivers/general/queries/StrSafe/StrSafe.ql rename to src/qlpack/src/drivers/general/queries/StrSafe/StrSafe.ql diff --git a/src/drivers/general/queries/StrSafe/StrSafe.sarif b/src/qlpack/src/drivers/general/queries/StrSafe/StrSafe.sarif similarity index 100% rename from src/drivers/general/queries/StrSafe/StrSafe.sarif rename to src/qlpack/src/drivers/general/queries/StrSafe/StrSafe.sarif diff --git a/src/drivers/general/queries/StrSafe/driver_snippet.c b/src/qlpack/src/drivers/general/queries/StrSafe/driver_snippet.c similarity index 100% rename from src/drivers/general/queries/StrSafe/driver_snippet.c rename to src/qlpack/src/drivers/general/queries/StrSafe/driver_snippet.c diff --git a/src/drivers/general/queries/StrictTypeMatch/StrictTypeMatch.qhelp b/src/qlpack/src/drivers/general/queries/StrictTypeMatch/StrictTypeMatch.qhelp similarity index 100% rename from src/drivers/general/queries/StrictTypeMatch/StrictTypeMatch.qhelp rename to src/qlpack/src/drivers/general/queries/StrictTypeMatch/StrictTypeMatch.qhelp diff --git a/src/drivers/general/queries/StrictTypeMatch/StrictTypeMatch.ql b/src/qlpack/src/drivers/general/queries/StrictTypeMatch/StrictTypeMatch.ql similarity index 100% rename from src/drivers/general/queries/StrictTypeMatch/StrictTypeMatch.ql rename to src/qlpack/src/drivers/general/queries/StrictTypeMatch/StrictTypeMatch.ql diff --git a/src/drivers/general/queries/StrictTypeMatch/StrictTypeMatch.sarif b/src/qlpack/src/drivers/general/queries/StrictTypeMatch/StrictTypeMatch.sarif similarity index 100% rename from src/drivers/general/queries/StrictTypeMatch/StrictTypeMatch.sarif rename to src/qlpack/src/drivers/general/queries/StrictTypeMatch/StrictTypeMatch.sarif diff --git a/src/drivers/general/queries/StrictTypeMatch/driver_snippet.c b/src/qlpack/src/drivers/general/queries/StrictTypeMatch/driver_snippet.c similarity index 100% rename from src/drivers/general/queries/StrictTypeMatch/driver_snippet.c rename to src/qlpack/src/drivers/general/queries/StrictTypeMatch/driver_snippet.c diff --git a/src/drivers/general/queries/WdkDeprecatedApis/WdkDeprecatedApis.sarif b/src/qlpack/src/drivers/general/queries/WdkDeprecatedApis/WdkDeprecatedApis.sarif similarity index 100% rename from src/drivers/general/queries/WdkDeprecatedApis/WdkDeprecatedApis.sarif rename to src/qlpack/src/drivers/general/queries/WdkDeprecatedApis/WdkDeprecatedApis.sarif diff --git a/src/drivers/general/queries/WdkDeprecatedApis/driver_snippet.c b/src/qlpack/src/drivers/general/queries/WdkDeprecatedApis/driver_snippet.c similarity index 100% rename from src/drivers/general/queries/WdkDeprecatedApis/driver_snippet.c rename to src/qlpack/src/drivers/general/queries/WdkDeprecatedApis/driver_snippet.c diff --git a/src/drivers/general/queries/WdkDeprecatedApis/wdk-deprecated-api.qhelp b/src/qlpack/src/drivers/general/queries/WdkDeprecatedApis/wdk-deprecated-api.qhelp similarity index 100% rename from src/drivers/general/queries/WdkDeprecatedApis/wdk-deprecated-api.qhelp rename to src/qlpack/src/drivers/general/queries/WdkDeprecatedApis/wdk-deprecated-api.qhelp diff --git a/src/drivers/general/queries/WdkDeprecatedApis/wdk-deprecated-api.ql b/src/qlpack/src/drivers/general/queries/WdkDeprecatedApis/wdk-deprecated-api.ql similarity index 100% rename from src/drivers/general/queries/WdkDeprecatedApis/wdk-deprecated-api.ql rename to src/qlpack/src/drivers/general/queries/WdkDeprecatedApis/wdk-deprecated-api.ql diff --git a/src/drivers/general/queries/experimental/DefaultPoolTagExtended/DefaultPoolTagExtended.qhelp b/src/qlpack/src/drivers/general/queries/experimental/DefaultPoolTagExtended/DefaultPoolTagExtended.qhelp similarity index 100% rename from src/drivers/general/queries/experimental/DefaultPoolTagExtended/DefaultPoolTagExtended.qhelp rename to src/qlpack/src/drivers/general/queries/experimental/DefaultPoolTagExtended/DefaultPoolTagExtended.qhelp diff --git a/src/drivers/general/queries/experimental/DefaultPoolTagExtended/DefaultPoolTagExtended.ql b/src/qlpack/src/drivers/general/queries/experimental/DefaultPoolTagExtended/DefaultPoolTagExtended.ql similarity index 100% rename from src/drivers/general/queries/experimental/DefaultPoolTagExtended/DefaultPoolTagExtended.ql rename to src/qlpack/src/drivers/general/queries/experimental/DefaultPoolTagExtended/DefaultPoolTagExtended.ql diff --git a/src/drivers/general/queries/experimental/DefaultPoolTagExtended/DefaultPoolTagExtended.sarif b/src/qlpack/src/drivers/general/queries/experimental/DefaultPoolTagExtended/DefaultPoolTagExtended.sarif similarity index 100% rename from src/drivers/general/queries/experimental/DefaultPoolTagExtended/DefaultPoolTagExtended.sarif rename to src/qlpack/src/drivers/general/queries/experimental/DefaultPoolTagExtended/DefaultPoolTagExtended.sarif diff --git a/src/drivers/general/queries/experimental/DefaultPoolTagExtended/driver_snippet.c b/src/qlpack/src/drivers/general/queries/experimental/DefaultPoolTagExtended/driver_snippet.c similarity index 100% rename from src/drivers/general/queries/experimental/DefaultPoolTagExtended/driver_snippet.c rename to src/qlpack/src/drivers/general/queries/experimental/DefaultPoolTagExtended/driver_snippet.c diff --git a/src/drivers/general/queries/experimental/DriverIsolationRtlViolation/DriverIsolationRtlViolation.qhelp b/src/qlpack/src/drivers/general/queries/experimental/DriverIsolationRtlViolation/DriverIsolationRtlViolation.qhelp similarity index 100% rename from src/drivers/general/queries/experimental/DriverIsolationRtlViolation/DriverIsolationRtlViolation.qhelp rename to src/qlpack/src/drivers/general/queries/experimental/DriverIsolationRtlViolation/DriverIsolationRtlViolation.qhelp diff --git a/src/drivers/general/queries/experimental/DriverIsolationRtlViolation/DriverIsolationRtlViolation.ql b/src/qlpack/src/drivers/general/queries/experimental/DriverIsolationRtlViolation/DriverIsolationRtlViolation.ql similarity index 100% rename from src/drivers/general/queries/experimental/DriverIsolationRtlViolation/DriverIsolationRtlViolation.ql rename to src/qlpack/src/drivers/general/queries/experimental/DriverIsolationRtlViolation/DriverIsolationRtlViolation.ql diff --git a/src/drivers/general/queries/experimental/DriverIsolationRtlViolation/DriverIsolationRtlViolation.sarif b/src/qlpack/src/drivers/general/queries/experimental/DriverIsolationRtlViolation/DriverIsolationRtlViolation.sarif similarity index 100% rename from src/drivers/general/queries/experimental/DriverIsolationRtlViolation/DriverIsolationRtlViolation.sarif rename to src/qlpack/src/drivers/general/queries/experimental/DriverIsolationRtlViolation/DriverIsolationRtlViolation.sarif diff --git a/src/drivers/general/queries/experimental/DriverIsolationRtlViolation/driver_snippet.c b/src/qlpack/src/drivers/general/queries/experimental/DriverIsolationRtlViolation/driver_snippet.c similarity index 100% rename from src/drivers/general/queries/experimental/DriverIsolationRtlViolation/driver_snippet.c rename to src/qlpack/src/drivers/general/queries/experimental/DriverIsolationRtlViolation/driver_snippet.c diff --git a/src/drivers/general/queries/experimental/DriverIsolationZwViolation1/DriverIsolationZwViolation1.qhelp b/src/qlpack/src/drivers/general/queries/experimental/DriverIsolationZwViolation1/DriverIsolationZwViolation1.qhelp similarity index 100% rename from src/drivers/general/queries/experimental/DriverIsolationZwViolation1/DriverIsolationZwViolation1.qhelp rename to src/qlpack/src/drivers/general/queries/experimental/DriverIsolationZwViolation1/DriverIsolationZwViolation1.qhelp diff --git a/src/drivers/general/queries/experimental/DriverIsolationZwViolation1/DriverIsolationZwViolation1.ql b/src/qlpack/src/drivers/general/queries/experimental/DriverIsolationZwViolation1/DriverIsolationZwViolation1.ql similarity index 100% rename from src/drivers/general/queries/experimental/DriverIsolationZwViolation1/DriverIsolationZwViolation1.ql rename to src/qlpack/src/drivers/general/queries/experimental/DriverIsolationZwViolation1/DriverIsolationZwViolation1.ql diff --git a/src/drivers/general/queries/experimental/DriverIsolationZwViolation1/DriverIsolationZwViolation1.sarif b/src/qlpack/src/drivers/general/queries/experimental/DriverIsolationZwViolation1/DriverIsolationZwViolation1.sarif similarity index 100% rename from src/drivers/general/queries/experimental/DriverIsolationZwViolation1/DriverIsolationZwViolation1.sarif rename to src/qlpack/src/drivers/general/queries/experimental/DriverIsolationZwViolation1/DriverIsolationZwViolation1.sarif diff --git a/src/drivers/general/queries/experimental/DriverIsolationZwViolation1/driver_snippet.c b/src/qlpack/src/drivers/general/queries/experimental/DriverIsolationZwViolation1/driver_snippet.c similarity index 100% rename from src/drivers/general/queries/experimental/DriverIsolationZwViolation1/driver_snippet.c rename to src/qlpack/src/drivers/general/queries/experimental/DriverIsolationZwViolation1/driver_snippet.c diff --git a/src/drivers/general/queries/experimental/DriverIsolationZwViolation2/DriverIsolationZwViolation2.qhelp b/src/qlpack/src/drivers/general/queries/experimental/DriverIsolationZwViolation2/DriverIsolationZwViolation2.qhelp similarity index 100% rename from src/drivers/general/queries/experimental/DriverIsolationZwViolation2/DriverIsolationZwViolation2.qhelp rename to src/qlpack/src/drivers/general/queries/experimental/DriverIsolationZwViolation2/DriverIsolationZwViolation2.qhelp diff --git a/src/drivers/general/queries/experimental/DriverIsolationZwViolation2/DriverIsolationZwViolation2.ql b/src/qlpack/src/drivers/general/queries/experimental/DriverIsolationZwViolation2/DriverIsolationZwViolation2.ql similarity index 100% rename from src/drivers/general/queries/experimental/DriverIsolationZwViolation2/DriverIsolationZwViolation2.ql rename to src/qlpack/src/drivers/general/queries/experimental/DriverIsolationZwViolation2/DriverIsolationZwViolation2.ql diff --git a/src/drivers/general/queries/experimental/DriverIsolationZwViolation2/DriverIsolationZwViolation2.sarif b/src/qlpack/src/drivers/general/queries/experimental/DriverIsolationZwViolation2/DriverIsolationZwViolation2.sarif similarity index 100% rename from src/drivers/general/queries/experimental/DriverIsolationZwViolation2/DriverIsolationZwViolation2.sarif rename to src/qlpack/src/drivers/general/queries/experimental/DriverIsolationZwViolation2/DriverIsolationZwViolation2.sarif diff --git a/src/drivers/general/queries/experimental/DriverIsolationZwViolation2/driver_snippet.c b/src/qlpack/src/drivers/general/queries/experimental/DriverIsolationZwViolation2/driver_snippet.c similarity index 100% rename from src/drivers/general/queries/experimental/DriverIsolationZwViolation2/driver_snippet.c rename to src/qlpack/src/drivers/general/queries/experimental/DriverIsolationZwViolation2/driver_snippet.c diff --git a/src/drivers/general/queries/experimental/KeSetEventIrql/KeSetEventIrql.qhelp b/src/qlpack/src/drivers/general/queries/experimental/KeSetEventIrql/KeSetEventIrql.qhelp similarity index 100% rename from src/drivers/general/queries/experimental/KeSetEventIrql/KeSetEventIrql.qhelp rename to src/qlpack/src/drivers/general/queries/experimental/KeSetEventIrql/KeSetEventIrql.qhelp diff --git a/src/drivers/general/queries/experimental/KeSetEventIrql/KeSetEventIrql.ql b/src/qlpack/src/drivers/general/queries/experimental/KeSetEventIrql/KeSetEventIrql.ql similarity index 100% rename from src/drivers/general/queries/experimental/KeSetEventIrql/KeSetEventIrql.ql rename to src/qlpack/src/drivers/general/queries/experimental/KeSetEventIrql/KeSetEventIrql.ql diff --git a/src/drivers/general/queries/experimental/KeSetEventIrql/KeSetEventIrql.sarif b/src/qlpack/src/drivers/general/queries/experimental/KeSetEventIrql/KeSetEventIrql.sarif similarity index 100% rename from src/drivers/general/queries/experimental/KeSetEventIrql/KeSetEventIrql.sarif rename to src/qlpack/src/drivers/general/queries/experimental/KeSetEventIrql/KeSetEventIrql.sarif diff --git a/src/drivers/general/queries/experimental/KeSetEventIrql/driver_snippet.c b/src/qlpack/src/drivers/general/queries/experimental/KeSetEventIrql/driver_snippet.c similarity index 100% rename from src/drivers/general/queries/experimental/KeSetEventIrql/driver_snippet.c rename to src/qlpack/src/drivers/general/queries/experimental/KeSetEventIrql/driver_snippet.c diff --git a/src/drivers/general/queries/experimental/UnicodeStringFreed/UnicodeStringFreed.qhelp b/src/qlpack/src/drivers/general/queries/experimental/UnicodeStringFreed/UnicodeStringFreed.qhelp similarity index 100% rename from src/drivers/general/queries/experimental/UnicodeStringFreed/UnicodeStringFreed.qhelp rename to src/qlpack/src/drivers/general/queries/experimental/UnicodeStringFreed/UnicodeStringFreed.qhelp diff --git a/src/drivers/general/queries/experimental/UnicodeStringFreed/UnicodeStringFreed.ql b/src/qlpack/src/drivers/general/queries/experimental/UnicodeStringFreed/UnicodeStringFreed.ql similarity index 100% rename from src/drivers/general/queries/experimental/UnicodeStringFreed/UnicodeStringFreed.ql rename to src/qlpack/src/drivers/general/queries/experimental/UnicodeStringFreed/UnicodeStringFreed.ql diff --git a/src/drivers/general/queries/experimental/UnicodeStringFreed/UnicodeStringFreed.sarif b/src/qlpack/src/drivers/general/queries/experimental/UnicodeStringFreed/UnicodeStringFreed.sarif similarity index 100% rename from src/drivers/general/queries/experimental/UnicodeStringFreed/UnicodeStringFreed.sarif rename to src/qlpack/src/drivers/general/queries/experimental/UnicodeStringFreed/UnicodeStringFreed.sarif diff --git a/src/drivers/general/queries/experimental/UnicodeStringFreed/driver_snippet.c b/src/qlpack/src/drivers/general/queries/experimental/UnicodeStringFreed/driver_snippet.c similarity index 100% rename from src/drivers/general/queries/experimental/UnicodeStringFreed/driver_snippet.c rename to src/qlpack/src/drivers/general/queries/experimental/UnicodeStringFreed/driver_snippet.c diff --git a/src/drivers/kmdf/libraries/KmdfDrivers.qll b/src/qlpack/src/drivers/kmdf/libraries/KmdfDrivers.qll similarity index 97% rename from src/drivers/kmdf/libraries/KmdfDrivers.qll rename to src/qlpack/src/drivers/kmdf/libraries/KmdfDrivers.qll index 0c47e2fd..eee58774 100644 --- a/src/drivers/kmdf/libraries/KmdfDrivers.qll +++ b/src/qlpack/src/drivers/kmdf/libraries/KmdfDrivers.qll @@ -1,1002 +1,1002 @@ -// Copyright (c) Microsoft Corporation. -// Licensed under the MIT license. -import cpp - -/** - * A KMDF Typedef type. This class is incomplete. It is used to represent a TypedefType in the KMDF library. - */ -class KmdfRoleTypeType extends TypedefType { - /* Callbacks */ - KmdfRoleTypeType() { - - this.getName().matches("EVT_WDF_CHILD_LIST_CREATE_DEVICE") or - this.getName().matches("EVT_WDF_CHILD_LIST_SCAN_FOR_CHILDREN") or - this.getName().matches("EVT_WDF_CHILD_LIST_IDENTIFICATION_DESCRIPTION_COPY") or - this.getName().matches("EVT_WDF_CHILD_LIST_IDENTIFICATION_DESCRIPTION_DUPLICATE") or - this.getName().matches("EVT_WDF_CHILD_LIST_IDENTIFICATION_DESCRIPTION_COMPARE") or - this.getName().matches("EVT_WDF_CHILD_LIST_IDENTIFICATION_DESCRIPTION_CLEANUP") or - this.getName().matches("EVT_WDF_CHILD_LIST_ADDRESS_DESCRIPTION_COPY") or - this.getName().matches("EVT_WDF_CHILD_LIST_ADDRESS_DESCRIPTION_DUPLICATE") or - this.getName().matches("EVT_WDF_CHILD_LIST_ADDRESS_DESCRIPTION_CLEANUP") or - this.getName().matches("EVT_WDF_CHILD_LIST_DEVICE_REENUMERATED") or - this.getName().matches("EVT_WDF_DEVICE_SHUTDOWN_NOTIFICATION") or - this.getName().matches("EVT_WDF_DEVICE_FILE_CREATE") or - this.getName().matches("EVT_WDF_FILE_CLOSE") or - this.getName().matches("EVT_WDF_FILE_CLEANUP") or - this.getName().matches("EVT_WDF_DEVICE_PNP_STATE_CHANGE_NOTIFICATION") or - this.getName().matches("EVT_WDF_DEVICE_POWER_STATE_CHANGE_NOTIFICATION") or - this.getName().matches("EVT_WDF_DEVICE_POWER_POLICY_STATE_CHANGE_NOTIFICATION") or - this.getName().matches("EVT_WDF_DEVICE_D0_ENTRY") or - this.getName().matches("EVT_WDF_DEVICE_D0_ENTRY_POST_INTERRUPTS_ENABLED") or - this.getName().matches("EVT_WDF_DEVICE_D0_ENTRY_POST_HARDWARE_ENABLED") or - this.getName().matches("EVT_WDF_DEVICE_D0_EXIT") or - this.getName().matches("EVT_WDF_DEVICE_D0_EXIT_PRE_INTERRUPTS_DISABLED") or - this.getName().matches("EVT_WDF_DEVICE_D0_EXIT_PRE_HARDWARE_DISABLED") or - this.getName().matches("EVT_WDF_DEVICE_PREPARE_HARDWARE") or - this.getName().matches("EVT_WDF_DEVICE_RELEASE_HARDWARE") or - this.getName().matches("EVT_WDF_DEVICE_SELF_MANAGED_IO_CLEANUP") or - this.getName().matches("EVT_WDF_DEVICE_SELF_MANAGED_IO_FLUSH") or - this.getName().matches("EVT_WDF_DEVICE_SELF_MANAGED_IO_INIT") or - this.getName().matches("EVT_WDF_DEVICE_SELF_MANAGED_IO_SUSPEND") or - this.getName().matches("EVT_WDF_DEVICE_SELF_MANAGED_IO_RESTART") or - this.getName().matches("EVT_WDF_DEVICE_QUERY_STOP") or - this.getName().matches("EVT_WDF_DEVICE_QUERY_REMOVE") or - this.getName().matches("EVT_WDF_DEVICE_SURPRISE_REMOVAL") or - this.getName().matches("EVT_WDF_DEVICE_USAGE_NOTIFICATION") or - this.getName().matches("EVT_WDF_DEVICE_USAGE_NOTIFICATION_EX") or - this.getName().matches("EVT_WDF_DEVICE_RELATIONS_QUERY") or - this.getName().matches("EVT_WDF_DEVICE_ARM_WAKE_FROM_S0") or - this.getName().matches("EVT_WDF_DEVICE_ARM_WAKE_FROM_SX") or - this.getName().matches("EVT_WDF_DEVICE_ARM_WAKE_FROM_SX_WITH_REASON") or - this.getName().matches("EVT_WDF_DEVICE_DISARM_WAKE_FROM_S0") or - this.getName().matches("EVT_WDF_DEVICE_DISARM_WAKE_FROM_SX") or - this.getName().matches("EVT_WDF_DEVICE_WAKE_FROM_S0_TRIGGERED") or - this.getName().matches("EVT_WDF_DEVICE_WAKE_FROM_SX_TRIGGERED") or - this.getName().matches("EVT_WDFDEVICE_WDM_IRP_PREPROCESS") or - this.getName().matches("EVT_WDFDEVICE_WDM_IRP_DISPATCH") or - this.getName().matches("EVT_WDF_IO_IN_CALLER_CONTEXT") or - this.getName().matches("EVT_WDFDEVICE_WDM_POST_PO_FX_REGISTER_DEVICE") or - this.getName().matches("EVT_WDFDEVICE_WDM_PRE_PO_FX_UNREGISTER_DEVICE") or - this.getName().matches("EVT_WDF_DMA_ENABLER_FILL") or - this.getName().matches("EVT_WDF_DMA_ENABLER_FLUSH") or - this.getName().matches("EVT_WDF_DMA_ENABLER_ENABLE") or - this.getName().matches("EVT_WDF_DMA_ENABLER_DISABLE") or - this.getName().matches("EVT_WDF_DMA_ENABLER_SELFMANAGED_IO_START") or - this.getName().matches("EVT_WDF_DMA_ENABLER_SELFMANAGED_IO_STOP") or - this.getName().matches("EVT_WDF_PROGRAM_DMA") or - this.getName().matches("EVT_WDF_DMA_TRANSACTION_CONFIGURE_DMA_CHANNEL") or - this.getName().matches("EVT_WDF_DMA_TRANSACTION_DMA_TRANSFER_COMPLETE") or - this.getName().matches("EVT_WDF_RESERVE_DMA") or - this.getName().matches("EVT_WDF_DPC") or - this.getName().matches("EVT_WDF_DRIVER_DEVICE_ADD") or - this.getName().matches("EVT_WDF_DRIVER_UNLOAD") or - this.getName().matches("EVT_WDF_TRACE_CALLBACK") or - this.getName().matches("EVT_WDF_DEVICE_FILTER_RESOURCE_REQUIREMENTS") or - this.getName().matches("EVT_WDF_DEVICE_REMOVE_ADDED_RESOURCES") or - this.getName().matches("EVT_WDF_INTERRUPT_ISR") or - this.getName().matches("EVT_WDF_INTERRUPT_SYNCHRONIZE") or - this.getName().matches("EVT_WDF_INTERRUPT_DPC") or - this.getName().matches("EVT_WDF_INTERRUPT_WORKITEM") or - this.getName().matches("EVT_WDF_INTERRUPT_ENABLE") or - this.getName().matches("EVT_WDF_INTERRUPT_DISABLE") or - this.getName().matches("EVT_WDF_IO_QUEUE_IO_DEFAULT") or - this.getName().matches("EVT_WDF_IO_QUEUE_IO_STOP") or - this.getName().matches("EVT_WDF_IO_QUEUE_IO_RESUME") or - this.getName().matches("EVT_WDF_IO_QUEUE_IO_READ") or - this.getName().matches("EVT_WDF_IO_QUEUE_IO_WRITE") or - this.getName().matches("EVT_WDF_IO_QUEUE_IO_DEVICE_CONTROL") or - this.getName().matches("EVT_WDF_IO_QUEUE_IO_INTERNAL_DEVICE_CONTROL") or - this.getName().matches("EVT_WDF_IO_QUEUE_IO_CANCELED_ON_QUEUE") or - this.getName().matches("EVT_WDF_IO_QUEUE_STATE") or - this.getName().matches("EVT_WDF_IO_ALLOCATE_RESOURCES_FOR_RESERVED_REQUEST") or - this.getName().matches("EVT_WDF_IO_ALLOCATE_REQUEST_RESOURCES") or - this.getName().matches("EVT_WDF_IO_WDM_IRP_FOR_FORWARD_PROGRESS") or - this.getName().matches("EVT_WDF_IO_TARGET_QUERY_REMOVE") or - this.getName().matches("EVT_WDF_IO_TARGET_REMOVE_CANCELED") or - this.getName().matches("EVT_WDF_IO_TARGET_REMOVE_COMPLETE") or - this.getName().matches("EVT_WDF_%_CONTEXT_CLEANUP%") or - this.getName().matches("EVT_WDF_%_CONTEXT_DESTROY%") or - this.getName().matches("EVT_WDF_DEVICE_RESOURCES_QUERY") or - this.getName().matches("EVT_WDF_DEVICE_RESOURCE_REQUIREMENTS_QUERY") or - this.getName().matches("EVT_WDF_DEVICE_EJECT") or - this.getName().matches("EVT_WDF_DEVICE_SET_LOCK") or - this.getName().matches("EVT_WDF_DEVICE_ENABLE_WAKE_AT_BUS") or - this.getName().matches("EVT_WDF_DEVICE_DISABLE_WAKE_AT_BUS") or - this.getName().matches("EVT_WDF_DEVICE_REPORTED_MISSING") or - this.getName().matches("EVT_WDF_DEVICE_PROCESS_QUERY_INTERFACE_REQUEST") or - this.getName().matches("EVT_WDF_REQUEST_CANCEL") or - this.getName().matches("EVT_WDF_REQUEST_COMPLETION_ROUTINE") or - this.getName().matches("EVT_WDF_TIMER") or - this.getName().matches("EVT_WDF_USB_READER_COMPLETION_ROUTINE") or - this.getName().matches("EVT_WDF_USB_READERS_FAILED") or - this.getName().matches("EVT_WDF_WMI_INSTANCE_QUERY_INSTANCE") or - this.getName().matches("EVT_WDF_WMI_INSTANCE_SET_INSTANCE") or - this.getName().matches("EVT_WDF_WMI_INSTANCE_SET_ITEM") or - this.getName().matches("EVT_WDF_WMI_INSTANCE_EXECUTE_METHOD") or - this.getName().matches("EVT_WDF_WMI_PROVIDER_FUNCTION_CONTROL") or - this.getName().matches("EVT_WDF_WORKITEM") - - } -} - -class KmdfCallbackRoutineTypedef extends KmdfRoleTypeType { - KmdfCallbackRoutineTypedef() { this.getFile().getBaseName().matches("%wdf%.h") } -} - -/* Callbacks */ -class KmdfEVTWdfChildListCreateDevice extends KmdfCallbackRoutine { - KmdfEVTWdfChildListCreateDevice() { - callbackType.getName().matches("EVT_WDF_CHILD_LIST_CREATE_DEVICE") - } -} - -class KmdfEVTWdfChildListScanForChildren extends KmdfCallbackRoutine { - KmdfEVTWdfChildListScanForChildren() { - callbackType.getName().matches("EVT_WDF_CHILD_LIST_SCAN_FOR_CHILDREN") - } -} - -class KmdfEVTWdfChildListIdentificationDescriptionCopy extends KmdfCallbackRoutine { - KmdfEVTWdfChildListIdentificationDescriptionCopy() { - callbackType.getName().matches("EVT_WDF_CHILD_LIST_IDENTIFICATION_DESCRIPTION_COPY") - } -} - -class KmdfEVTWdfChildListIdentificationDescriptionDuplicate extends KmdfCallbackRoutine { - KmdfEVTWdfChildListIdentificationDescriptionDuplicate() { - callbackType.getName().matches("EVT_WDF_CHILD_LIST_IDENTIFICATION_DESCRIPTION_DUPLICATE") - } -} - -class KmdfEVTWdfChildListIdentificationDescriptionCompare extends KmdfCallbackRoutine { - KmdfEVTWdfChildListIdentificationDescriptionCompare() { - callbackType.getName().matches("EVT_WDF_CHILD_LIST_IDENTIFICATION_DESCRIPTION_COMPARE") - } -} - -class KmdfEVTWdfChildListIdentificationDescriptionCleanup extends KmdfCallbackRoutine { - KmdfEVTWdfChildListIdentificationDescriptionCleanup() { - callbackType.getName().matches("EVT_WDF_CHILD_LIST_IDENTIFICATION_DESCRIPTION_CLEANUP") - } -} - -class KmdfEVTWdfChildListAddressDescriptionCopy extends KmdfCallbackRoutine { - KmdfEVTWdfChildListAddressDescriptionCopy() { - callbackType.getName().matches("EVT_WDF_CHILD_LIST_ADDRESS_DESCRIPTION_COPY") - } -} - -class KmdfEVTWdfChildListAddressDescriptionDuplicate extends KmdfCallbackRoutine { - KmdfEVTWdfChildListAddressDescriptionDuplicate() { - callbackType.getName().matches("EVT_WDF_CHILD_LIST_ADDRESS_DESCRIPTION_DUPLICATE") - } -} - -class KmdfEVTWdfChildListAddressDescriptionCleanup extends KmdfCallbackRoutine { - KmdfEVTWdfChildListAddressDescriptionCleanup() { - callbackType.getName().matches("EVT_WDF_CHILD_LIST_ADDRESS_DESCRIPTION_CLEANUP") - } -} - -class KmdfEVTWdfChildListDeviceReenumerated extends KmdfCallbackRoutine { - KmdfEVTWdfChildListDeviceReenumerated() { - callbackType.getName().matches("EVT_WDF_CHILD_LIST_DEVICE_REENUMERATED") - } -} - -class KmdfEVTWdfDeviceShutdownNotification extends KmdfCallbackRoutine { - KmdfEVTWdfDeviceShutdownNotification() { - callbackType.getName().matches("EVT_WDF_DEVICE_SHUTDOWN_NOTIFICATION") - } -} - -class KmdfEVTWdfDeviceFileCreate extends KmdfCallbackRoutine { - KmdfEVTWdfDeviceFileCreate() { callbackType.getName().matches("EVT_WDF_DEVICE_FILE_CREATE") } -} - -class KmdfEVTWdfFileClose extends KmdfCallbackRoutine { - KmdfEVTWdfFileClose() { callbackType.getName().matches("EVT_WDF_FILE_CLOSE") } -} - -class KmdfEVTWdfFileCleanup extends KmdfCallbackRoutine { - KmdfEVTWdfFileCleanup() { callbackType.getName().matches("EVT_WDF_FILE_CLEANUP") } -} - -class KmdfEVTWdfDevicePnpStateChangeNotification extends KmdfCallbackRoutine { - KmdfEVTWdfDevicePnpStateChangeNotification() { - callbackType.getName().matches("EVT_WDF_DEVICE_PNP_STATE_CHANGE_NOTIFICATION") - } -} - -class KmdfEVTWdfDevicePowerStateChangeNotification extends KmdfCallbackRoutine { - KmdfEVTWdfDevicePowerStateChangeNotification() { - callbackType.getName().matches("EVT_WDF_DEVICE_POWER_STATE_CHANGE_NOTIFICATION") - } -} - -class KmdfEVTWdfDevicePowerPolicyStateChangeNotification extends KmdfCallbackRoutine { - KmdfEVTWdfDevicePowerPolicyStateChangeNotification() { - callbackType.getName().matches("EVT_WDF_DEVICE_POWER_POLICY_STATE_CHANGE_NOTIFICATION") - } -} - -class KmdfEVTWdfDeviceD0Entry extends KmdfCallbackRoutine { - KmdfEVTWdfDeviceD0Entry() { callbackType.getName().matches("EVT_WDF_DEVICE_D0_ENTRY") } -} - -class KmdfEVTWdfDeviceD0EntryPostInterruptsEnabled extends KmdfCallbackRoutine { - KmdfEVTWdfDeviceD0EntryPostInterruptsEnabled() { - callbackType.getName().matches("EVT_WDF_DEVICE_D0_ENTRY_POST_INTERRUPTS_ENABLED") - } -} - -class KmdfEVTWdfDeviceD0EntryPostHardwareEnabled extends KmdfCallbackRoutine { - KmdfEVTWdfDeviceD0EntryPostHardwareEnabled() { - callbackType.getName().matches("EVT_WDF_DEVICE_D0_ENTRY_POST_HARDWARE_ENABLED") - } -} - -class KmdfEVTWdfDeviceD0Exit extends KmdfCallbackRoutine { - KmdfEVTWdfDeviceD0Exit() { callbackType.getName().matches("EVT_WDF_DEVICE_D0_EXIT") } -} - -class KmdfEVTWdfDeviceD0ExitPreInterruptsDisabled extends KmdfCallbackRoutine { - KmdfEVTWdfDeviceD0ExitPreInterruptsDisabled() { - callbackType.getName().matches("EVT_WDF_DEVICE_D0_EXIT_PRE_INTERRUPTS_DISABLED") - } -} - -class KmdfEVTWdfDeviceD0ExitPreHardwareDisabled extends KmdfCallbackRoutine { - KmdfEVTWdfDeviceD0ExitPreHardwareDisabled() { - callbackType.getName().matches("EVT_WDF_DEVICE_D0_EXIT_PRE_HARDWARE_DISABLED") - } -} - -class KmdfEVTWdfDevicePrepareHardware extends KmdfCallbackRoutine { - KmdfEVTWdfDevicePrepareHardware() { - callbackType.getName().matches("EVT_WDF_DEVICE_PREPARE_HARDWARE") - } -} - -class KmdfEVTWdfDeviceReleaseHardware extends KmdfCallbackRoutine { - KmdfEVTWdfDeviceReleaseHardware() { - callbackType.getName().matches("EVT_WDF_DEVICE_RELEASE_HARDWARE") - } -} - -class KmdfEVTWdfDeviceSelfManagedIoCleanup extends KmdfCallbackRoutine { - KmdfEVTWdfDeviceSelfManagedIoCleanup() { - callbackType.getName().matches("EVT_WDF_DEVICE_SELF_MANAGED_IO_CLEANUP") - } -} - -class KmdfEVTWdfDeviceSelfManagedIoFlush extends KmdfCallbackRoutine { - KmdfEVTWdfDeviceSelfManagedIoFlush() { - callbackType.getName().matches("EVT_WDF_DEVICE_SELF_MANAGED_IO_FLUSH") - } -} - -class KmdfEVTWdfDeviceSelfManagedIoInit extends KmdfCallbackRoutine { - KmdfEVTWdfDeviceSelfManagedIoInit() { - callbackType.getName().matches("EVT_WDF_DEVICE_SELF_MANAGED_IO_INIT") - } -} - -class KmdfEVTWdfDeviceSelfManagedIoSuspend extends KmdfCallbackRoutine { - KmdfEVTWdfDeviceSelfManagedIoSuspend() { - callbackType.getName().matches("EVT_WDF_DEVICE_SELF_MANAGED_IO_SUSPEND") - } -} - -class KmdfEVTWdfDeviceSelfManagedIoRestart extends KmdfCallbackRoutine { - KmdfEVTWdfDeviceSelfManagedIoRestart() { - callbackType.getName().matches("EVT_WDF_DEVICE_SELF_MANAGED_IO_RESTART") - } -} - -class KmdfEVTWdfDeviceQueryStop extends KmdfCallbackRoutine { - KmdfEVTWdfDeviceQueryStop() { callbackType.getName().matches("EVT_WDF_DEVICE_QUERY_STOP") } -} - -class KmdfEVTWdfDeviceQueryRemove extends KmdfCallbackRoutine { - KmdfEVTWdfDeviceQueryRemove() { callbackType.getName().matches("EVT_WDF_DEVICE_QUERY_REMOVE") } -} - -class KmdfEVTWdfDeviceSurpriseRemoval extends KmdfCallbackRoutine { - KmdfEVTWdfDeviceSurpriseRemoval() { - callbackType.getName().matches("EVT_WDF_DEVICE_SURPRISE_REMOVAL") - } -} - -class KmdfEVTWdfDeviceUsageNotification extends KmdfCallbackRoutine { - KmdfEVTWdfDeviceUsageNotification() { - callbackType.getName().matches("EVT_WDF_DEVICE_USAGE_NOTIFICATION") - } -} - -class KmdfEVTWdfDeviceUsageNotificationEx extends KmdfCallbackRoutine { - KmdfEVTWdfDeviceUsageNotificationEx() { - callbackType.getName().matches("EVT_WDF_DEVICE_USAGE_NOTIFICATION_EX") - } -} - -class KmdfEVTWdfDeviceRelationsQuery extends KmdfCallbackRoutine { - KmdfEVTWdfDeviceRelationsQuery() { - callbackType.getName().matches("EVT_WDF_DEVICE_RELATIONS_QUERY") - } -} - -class KmdfEVTWdfDeviceArmWakeFromS0 extends KmdfCallbackRoutine { - KmdfEVTWdfDeviceArmWakeFromS0() { - callbackType.getName().matches("EVT_WDF_DEVICE_ARM_WAKE_FROM_S0") - } -} - -class KmdfEVTWdfDeviceArmWakeFromSx extends KmdfCallbackRoutine { - KmdfEVTWdfDeviceArmWakeFromSx() { - callbackType.getName().matches("EVT_WDF_DEVICE_ARM_WAKE_FROM_SX") - } -} - -class KmdfEVTWdfDeviceArmWakeFromSxWithReason extends KmdfCallbackRoutine { - KmdfEVTWdfDeviceArmWakeFromSxWithReason() { - callbackType.getName().matches("EVT_WDF_DEVICE_ARM_WAKE_FROM_SX_WITH_REASON") - } -} - -class KmdfEVTWdfDeviceDisarmWakeFromS0 extends KmdfCallbackRoutine { - KmdfEVTWdfDeviceDisarmWakeFromS0() { - callbackType.getName().matches("EVT_WDF_DEVICE_DISARM_WAKE_FROM_S0") - } -} - -class KmdfEVTWdfDeviceDisarmWakeFromSx extends KmdfCallbackRoutine { - KmdfEVTWdfDeviceDisarmWakeFromSx() { - callbackType.getName().matches("EVT_WDF_DEVICE_DISARM_WAKE_FROM_SX") - } -} - -class KmdfEVTWdfDeviceWakeFromS0Triggered extends KmdfCallbackRoutine { - KmdfEVTWdfDeviceWakeFromS0Triggered() { - callbackType.getName().matches("EVT_WDF_DEVICE_WAKE_FROM_S0_TRIGGERED") - } -} - -class KmdfEVTWdfDeviceWakeFromSxTriggered extends KmdfCallbackRoutine { - KmdfEVTWdfDeviceWakeFromSxTriggered() { - callbackType.getName().matches("EVT_WDF_DEVICE_WAKE_FROM_SX_TRIGGERED") - } -} - -class KmdfEVTWdfdeviceWdmIrpPreprocess extends KmdfCallbackRoutine { - KmdfEVTWdfdeviceWdmIrpPreprocess() { - callbackType.getName().matches("EVT_WDFDEVICE_WDM_IRP_PREPROCESS") - } -} - -class KmdfEVTWdfdeviceWdmIrpDispatch extends KmdfCallbackRoutine { - KmdfEVTWdfdeviceWdmIrpDispatch() { - callbackType.getName().matches("EVT_WDFDEVICE_WDM_IRP_DISPATCH") - } -} - -class KmdfEVTWdfIoInCallerContext extends KmdfCallbackRoutine { - KmdfEVTWdfIoInCallerContext() { callbackType.getName().matches("EVT_WDF_IO_IN_CALLER_CONTEXT") } -} - -class KmdfEVTWdfdeviceWdmPostPoFxRegisterDevice extends KmdfCallbackRoutine { - KmdfEVTWdfdeviceWdmPostPoFxRegisterDevice() { - callbackType.getName().matches("EVT_WDFDEVICE_WDM_POST_PO_FX_REGISTER_DEVICE") - } -} - -class KmdfEVTWdfdeviceWdmPrePoFxUnregisterDevice extends KmdfCallbackRoutine { - KmdfEVTWdfdeviceWdmPrePoFxUnregisterDevice() { - callbackType.getName().matches("EVT_WDFDEVICE_WDM_PRE_PO_FX_UNREGISTER_DEVICE") - } -} - -class KmdfEVTWdfDmaEnablerFill extends KmdfCallbackRoutine { - KmdfEVTWdfDmaEnablerFill() { callbackType.getName().matches("EVT_WDF_DMA_ENABLER_FILL") } -} - -class KmdfEVTWdfDmaEnablerFlush extends KmdfCallbackRoutine { - KmdfEVTWdfDmaEnablerFlush() { callbackType.getName().matches("EVT_WDF_DMA_ENABLER_FLUSH") } -} - -class KmdfEVTWdfDmaEnablerEnable extends KmdfCallbackRoutine { - KmdfEVTWdfDmaEnablerEnable() { callbackType.getName().matches("EVT_WDF_DMA_ENABLER_ENABLE") } -} - -class KmdfEVTWdfDmaEnablerDisable extends KmdfCallbackRoutine { - KmdfEVTWdfDmaEnablerDisable() { callbackType.getName().matches("EVT_WDF_DMA_ENABLER_DISABLE") } -} - -class KmdfEVTWdfDmaEnablerSelfmanagedIoStart extends KmdfCallbackRoutine { - KmdfEVTWdfDmaEnablerSelfmanagedIoStart() { - callbackType.getName().matches("EVT_WDF_DMA_ENABLER_SELFMANAGED_IO_START") - } -} - -class KmdfEVTWdfDmaEnablerSelfmanagedIoStop extends KmdfCallbackRoutine { - KmdfEVTWdfDmaEnablerSelfmanagedIoStop() { - callbackType.getName().matches("EVT_WDF_DMA_ENABLER_SELFMANAGED_IO_STOP") - } -} - -class KmdfEVTWdfProgramDma extends KmdfCallbackRoutine { - KmdfEVTWdfProgramDma() { callbackType.getName().matches("EVT_WDF_PROGRAM_DMA") } -} - -class KmdfEVTWdfDmaTransactionConfigureDmaChannel extends KmdfCallbackRoutine { - KmdfEVTWdfDmaTransactionConfigureDmaChannel() { - callbackType.getName().matches("EVT_WDF_DMA_TRANSACTION_CONFIGURE_DMA_CHANNEL") - } -} - -class KmdfEVTWdfDmaTransactionDmaTransferComplete extends KmdfCallbackRoutine { - KmdfEVTWdfDmaTransactionDmaTransferComplete() { - callbackType.getName().matches("EVT_WDF_DMA_TRANSACTION_DMA_TRANSFER_COMPLETE") - } -} - -class KmdfEVTWdfReserveDma extends KmdfCallbackRoutine { - KmdfEVTWdfReserveDma() { callbackType.getName().matches("EVT_WDF_RESERVE_DMA") } -} - -class KmdfEVTWdfDpc extends KmdfCallbackRoutine { - KmdfEVTWdfDpc() { callbackType.getName().matches("EVT_WDF_DPC") } -} - -class KmdfEVTWdfDriverDeviceAdd extends KmdfCallbackRoutine { - KmdfEVTWdfDriverDeviceAdd() { callbackType.getName().matches("EVT_WDF_DRIVER_DEVICE_ADD") } -} - -class KmdfEVTWdfDriverUnload extends KmdfCallbackRoutine { - KmdfEVTWdfDriverUnload() { callbackType.getName().matches("EVT_WDF_DRIVER_UNLOAD") } -} - -class KmdfEVTWdfTraceCallback extends KmdfCallbackRoutine { - KmdfEVTWdfTraceCallback() { callbackType.getName().matches("EVT_WDF_TRACE_CALLBACK") } -} - -class KmdfEVTWdfDeviceFilterResourceRequirements extends KmdfCallbackRoutine { - KmdfEVTWdfDeviceFilterResourceRequirements() { - callbackType.getName().matches("EVT_WDF_DEVICE_FILTER_RESOURCE_REQUIREMENTS") - } -} - -class KmdfEVTWdfDeviceRemoveAddedResources extends KmdfCallbackRoutine { - KmdfEVTWdfDeviceRemoveAddedResources() { - callbackType.getName().matches("EVT_WDF_DEVICE_REMOVE_ADDED_RESOURCES") - } -} - -class KmdfEVTWdfInterruptIsr extends KmdfCallbackRoutine { - KmdfEVTWdfInterruptIsr() { callbackType.getName().matches("EVT_WDF_INTERRUPT_ISR") } -} - -class KmdfEVTWdfInterruptSynchronize extends KmdfCallbackRoutine { - KmdfEVTWdfInterruptSynchronize() { - callbackType.getName().matches("EVT_WDF_INTERRUPT_SYNCHRONIZE") - } -} - -class KmdfEVTWdfInterruptDpc extends KmdfCallbackRoutine { - KmdfEVTWdfInterruptDpc() { callbackType.getName().matches("EVT_WDF_INTERRUPT_DPC") } -} - -class KmdfEVTWdfInterruptWorkitem extends KmdfCallbackRoutine { - KmdfEVTWdfInterruptWorkitem() { callbackType.getName().matches("EVT_WDF_INTERRUPT_WORKITEM") } -} - -class KmdfEVTWdfInterruptEnable extends KmdfCallbackRoutine { - KmdfEVTWdfInterruptEnable() { callbackType.getName().matches("EVT_WDF_INTERRUPT_ENABLE") } -} - -class KmdfEVTWdfInterruptDisable extends KmdfCallbackRoutine { - KmdfEVTWdfInterruptDisable() { callbackType.getName().matches("EVT_WDF_INTERRUPT_DISABLE") } -} - -class KmdfEVTWdfIoQueueIoDefault extends KmdfCallbackRoutine { - KmdfEVTWdfIoQueueIoDefault() { callbackType.getName().matches("EVT_WDF_IO_QUEUE_IO_DEFAULT") } -} - -class KmdfEVTWdfIoQueueIoStop extends KmdfCallbackRoutine { - KmdfEVTWdfIoQueueIoStop() { callbackType.getName().matches("EVT_WDF_IO_QUEUE_IO_STOP") } -} - -class KmdfEVTWdfIoQueueIoResume extends KmdfCallbackRoutine { - KmdfEVTWdfIoQueueIoResume() { callbackType.getName().matches("EVT_WDF_IO_QUEUE_IO_RESUME") } -} - -class KmdfEVTWdfIoQueueIoRead extends KmdfCallbackRoutine { - KmdfEVTWdfIoQueueIoRead() { callbackType.getName().matches("EVT_WDF_IO_QUEUE_IO_READ") } -} - -class KmdfEVTWdfIoQueueIoWrite extends KmdfCallbackRoutine { - KmdfEVTWdfIoQueueIoWrite() { callbackType.getName().matches("EVT_WDF_IO_QUEUE_IO_WRITE") } -} - -class KmdfEVTWdfIoQueueIoDeviceControl extends KmdfCallbackRoutine { - KmdfEVTWdfIoQueueIoDeviceControl() { - callbackType.getName().matches("EVT_WDF_IO_QUEUE_IO_DEVICE_CONTROL") - } -} - -class KmdfEVTWdfIoQueueIoInternalDeviceControl extends KmdfCallbackRoutine { - KmdfEVTWdfIoQueueIoInternalDeviceControl() { - callbackType.getName().matches("EVT_WDF_IO_QUEUE_IO_INTERNAL_DEVICE_CONTROL") - } -} - -class KmdfEVTWdfIoQueueIoCanceledOnQueue extends KmdfCallbackRoutine { - KmdfEVTWdfIoQueueIoCanceledOnQueue() { - callbackType.getName().matches("EVT_WDF_IO_QUEUE_IO_CANCELED_ON_QUEUE") - } -} - -class KmdfEVTWdfIoQueueState extends KmdfCallbackRoutine { - KmdfEVTWdfIoQueueState() { callbackType.getName().matches("EVT_WDF_IO_QUEUE_STATE") } -} - -class KmdfEVTWdfIoAllocateResourcesForReservedRequest extends KmdfCallbackRoutine { - KmdfEVTWdfIoAllocateResourcesForReservedRequest() { - callbackType.getName().matches("EVT_WDF_IO_ALLOCATE_RESOURCES_FOR_RESERVED_REQUEST") - } -} - -class KmdfEVTWdfIoAllocateRequestResources extends KmdfCallbackRoutine { - KmdfEVTWdfIoAllocateRequestResources() { - callbackType.getName().matches("EVT_WDF_IO_ALLOCATE_REQUEST_RESOURCES") - } -} - -class KmdfEVTWdfIoWdmIrpForForwardProgress extends KmdfCallbackRoutine { - KmdfEVTWdfIoWdmIrpForForwardProgress() { - callbackType.getName().matches("EVT_WDF_IO_WDM_IRP_FOR_FORWARD_PROGRESS") - } -} - -class KmdfEVTWdfIoTargetQueryRemove extends KmdfCallbackRoutine { - KmdfEVTWdfIoTargetQueryRemove() { - callbackType.getName().matches("EVT_WDF_IO_TARGET_QUERY_REMOVE") - } -} - -class KmdfEVTWdfIoTargetRemoveCanceled extends KmdfCallbackRoutine { - KmdfEVTWdfIoTargetRemoveCanceled() { - callbackType.getName().matches("EVT_WDF_IO_TARGET_REMOVE_CANCELED") - } -} - -class KmdfEVTWdfIoTargetRemoveComplete extends KmdfCallbackRoutine { - KmdfEVTWdfIoTargetRemoveComplete() { - callbackType.getName().matches("EVT_WDF_IO_TARGET_REMOVE_COMPLETE") - } -} - -class KmdfEVTWdfObjectContextCleanup extends KmdfCallbackRoutine { - KmdfEVTWdfObjectContextCleanup() { - callbackType.getName().matches("EVT_WDF_OBJECT_CONTEXT_CLEANUP") - } -} - -class KmdfEVTWdfObjectContextDestroy extends KmdfCallbackRoutine { - KmdfEVTWdfObjectContextDestroy() { - callbackType.getName().matches("EVT_WDF_OBJECT_CONTEXT_DESTROY") - } -} - -class KmdfEVTWdfDeviceResourcesQuery extends KmdfCallbackRoutine { - KmdfEVTWdfDeviceResourcesQuery() { - callbackType.getName().matches("EVT_WDF_DEVICE_RESOURCES_QUERY") - } -} - -class KmdfEVTWdfDeviceResourceRequirementsQuery extends KmdfCallbackRoutine { - KmdfEVTWdfDeviceResourceRequirementsQuery() { - callbackType.getName().matches("EVT_WDF_DEVICE_RESOURCE_REQUIREMENTS_QUERY") - } -} - -class KmdfEVTWdfDeviceEject extends KmdfCallbackRoutine { - KmdfEVTWdfDeviceEject() { callbackType.getName().matches("EVT_WDF_DEVICE_EJECT") } -} - -class KmdfEVTWdfDeviceSetLock extends KmdfCallbackRoutine { - KmdfEVTWdfDeviceSetLock() { callbackType.getName().matches("EVT_WDF_DEVICE_SET_LOCK") } -} - -class KmdfEVTWdfDeviceEnableWakeAtBus extends KmdfCallbackRoutine { - KmdfEVTWdfDeviceEnableWakeAtBus() { - callbackType.getName().matches("EVT_WDF_DEVICE_ENABLE_WAKE_AT_BUS") - } -} - -class KmdfEVTWdfDeviceDisableWakeAtBus extends KmdfCallbackRoutine { - KmdfEVTWdfDeviceDisableWakeAtBus() { - callbackType.getName().matches("EVT_WDF_DEVICE_DISABLE_WAKE_AT_BUS") - } -} - -class KmdfEVTWdfDeviceReportedMissing extends KmdfCallbackRoutine { - KmdfEVTWdfDeviceReportedMissing() { - callbackType.getName().matches("EVT_WDF_DEVICE_REPORTED_MISSING") - } -} - -class KmdfEVTWdfDeviceProcessQueryInterfaceRequest extends KmdfCallbackRoutine { - KmdfEVTWdfDeviceProcessQueryInterfaceRequest() { - callbackType.getName().matches("EVT_WDF_DEVICE_PROCESS_QUERY_INTERFACE_REQUEST") - } -} - -class KmdfEVTWdfRequestCancel extends KmdfCallbackRoutine { - KmdfEVTWdfRequestCancel() { callbackType.getName().matches("EVT_WDF_REQUEST_CANCEL") } -} - -class KmdfEVTWdfRequestCompletionRoutine extends KmdfCallbackRoutine { - KmdfEVTWdfRequestCompletionRoutine() { - callbackType.getName().matches("EVT_WDF_REQUEST_COMPLETION_ROUTINE") - } -} - -class KmdfEVTWdfTimer extends KmdfCallbackRoutine { - KmdfEVTWdfTimer() { callbackType.getName().matches("EVT_WDF_TIMER") } -} - -class KmdfEVTWdfUsbReaderCompletionRoutine extends KmdfCallbackRoutine { - KmdfEVTWdfUsbReaderCompletionRoutine() { - callbackType.getName().matches("EVT_WDF_USB_READER_COMPLETION_ROUTINE") - } -} - -class KmdfEVTWdfUsbReadersFailed extends KmdfCallbackRoutine { - KmdfEVTWdfUsbReadersFailed() { callbackType.getName().matches("EVT_WDF_USB_READERS_FAILED") } -} - -class KmdfEVTWdfWmiInstanceQueryInstance extends KmdfCallbackRoutine { - KmdfEVTWdfWmiInstanceQueryInstance() { - callbackType.getName().matches("EVT_WDF_WMI_INSTANCE_QUERY_INSTANCE") - } -} - -class KmdfEVTWdfWmiInstanceSetInstance extends KmdfCallbackRoutine { - KmdfEVTWdfWmiInstanceSetInstance() { - callbackType.getName().matches("EVT_WDF_WMI_INSTANCE_SET_INSTANCE") - } -} - -class KmdfEVTWdfWmiInstanceSetItem extends KmdfCallbackRoutine { - KmdfEVTWdfWmiInstanceSetItem() { callbackType.getName().matches("EVT_WDF_WMI_INSTANCE_SET_ITEM") } -} - -class KmdfEVTWdfWmiInstanceExecuteMethod extends KmdfCallbackRoutine { - KmdfEVTWdfWmiInstanceExecuteMethod() { - callbackType.getName().matches("EVT_WDF_WMI_INSTANCE_EXECUTE_METHOD") - } -} - -class KmdfEVTWdfWmiProviderFunctionControl extends KmdfCallbackRoutine { - KmdfEVTWdfWmiProviderFunctionControl() { - callbackType.getName().matches("EVT_WDF_WMI_PROVIDER_FUNCTION_CONTROL") - } -} - -class KmdfEVTWdfWorkitem extends KmdfCallbackRoutine { - KmdfEVTWdfWorkitem() { callbackType.getName().matches("EVT_WDF_WORKITEM") } -} - -/** - * A KMDF callback routine, defined by having a typedef in its definition - * that matches the standard KMDF callbacks. - */ -class KmdfCallbackRoutine extends Function { - /** The typedef representing what callback this is. */ - KmdfRoleTypeType callbackType; - - KmdfCallbackRoutine() { - exists(FunctionDeclarationEntry fde | - fde.getFunction() = this and - fde.getTypedefType() = callbackType and - fde.getFile().getAnIncludedFile().getBaseName().matches("%wdf.h") - ) - } -} - -/** The DeviceAdd callback. Its callback typedef is "EVT_WDF_DRIVER_DEVICE_ADD". */ -class KmdfEvtDriverDeviceAdd extends KmdfCallbackRoutine { - KmdfEvtDriverDeviceAdd() { callbackType.getName().matches("EVT_WDF_DRIVER_DEVICE_ADD") } -} - -/** - * A KMDF Function. This class is incomplete. It is used to represent a Function in the KMDF library. - */ -class KmdfFunc extends Function { - KmdfFunc() { this.getFile().getBaseName().matches("wdf%.h") } -} - -/** - * A KMDF Struct. This class is incomplete. It is used to represent a Struct in the KMDF library. - */ -class KmdfStruct extends Struct { - KmdfStruct() { this.getFile().getBaseName().matches("wdf%.h") } -} - -/* KMDF Structs */ -class KmdfWDFPowerRoutineTimedOutData extends KmdfStruct { - KmdfWDFPowerRoutineTimedOutData() { this.getName().matches("_WDF_POWER_ROUTINE_TIMED_OUT_DATA") } -} - -class KmdfWDFRequestFatalErrorInformationLengthMismatchData extends KmdfStruct { - KmdfWDFRequestFatalErrorInformationLengthMismatchData() { - this.getName().matches("_WDF_REQUEST_FATAL_ERROR_INFORMATION_LENGTH_MISMATCH_DATA") - } -} - -class KmdfWDFQueueFatalErrorData extends KmdfStruct { - KmdfWDFQueueFatalErrorData() { this.getName().matches("_WDF_QUEUE_FATAL_ERROR_DATA") } -} - -class KmdfWDFChildIdentificationDescriptionHeader extends KmdfStruct { - KmdfWDFChildIdentificationDescriptionHeader() { - this.getName().matches("_WDF_CHILD_IDENTIFICATION_DESCRIPTION_HEADER") - } -} - -class KmdfWDFChildAddressDescriptionHeader extends KmdfStruct { - KmdfWDFChildAddressDescriptionHeader() { - this.getName().matches("_WDF_CHILD_ADDRESS_DESCRIPTION_HEADER") - } -} - -class KmdfWDFChildRetrieveInfo extends KmdfStruct { - KmdfWDFChildRetrieveInfo() { this.getName().matches("_WDF_CHILD_RETRIEVE_INFO") } -} - -class KmdfWDFChildListConfig extends KmdfStruct { - KmdfWDFChildListConfig() { this.getName().matches("_WDF_CHILD_LIST_CONFIG") } -} - -class KmdfWDFChildListIterator extends KmdfStruct { - KmdfWDFChildListIterator() { this.getName().matches("_WDF_CHILD_LIST_ITERATOR") } -} - -class KmdfWDFCommonBufferConfig extends KmdfStruct { - KmdfWDFCommonBufferConfig() { this.getName().matches("_WDF_COMMON_BUFFER_CONFIG") } -} - -class KmdfWDFTaskSendOptions extends KmdfStruct { - KmdfWDFTaskSendOptions() { this.getName().matches("_WDF_TASK_SEND_OPTIONS") } -} - -class KmdfWDFFileobjectConfig extends KmdfStruct { - KmdfWDFFileobjectConfig() { this.getName().matches("_WDF_FILEOBJECT_CONFIG") } -} - -class KmdfWDFDevicePnpNotificationData extends KmdfStruct { - KmdfWDFDevicePnpNotificationData() { this.getName().matches("_WDF_DEVICE_PNP_NOTIFICATION_DATA") } -} - -class KmdfWDFDevicePowerNotificationData extends KmdfStruct { - KmdfWDFDevicePowerNotificationData() { - this.getName().matches("_WDF_DEVICE_POWER_NOTIFICATION_DATA") - } -} - -class KmdfWDFDevicePowerPolicyNotificationData extends KmdfStruct { - KmdfWDFDevicePowerPolicyNotificationData() { - this.getName().matches("_WDF_DEVICE_POWER_POLICY_NOTIFICATION_DATA") - } -} - -class KmdfWDFPnppowerEventCallbacks extends KmdfStruct { - KmdfWDFPnppowerEventCallbacks() { this.getName().matches("_WDF_PNPPOWER_EVENT_CALLBACKS") } -} - -class KmdfWDFPowerPolicyEventCallbacks extends KmdfStruct { - KmdfWDFPowerPolicyEventCallbacks() { this.getName().matches("_WDF_POWER_POLICY_EVENT_CALLBACKS") } -} - -class KmdfWDFDevicePowerPolicyIdleSettings extends KmdfStruct { - KmdfWDFDevicePowerPolicyIdleSettings() { - this.getName().matches("_WDF_DEVICE_POWER_POLICY_IDLE_SETTINGS") - } -} - -class KmdfWDFDevicePowerPolicyWakeSettings extends KmdfStruct { - KmdfWDFDevicePowerPolicyWakeSettings() { - this.getName().matches("_WDF_DEVICE_POWER_POLICY_WAKE_SETTINGS") - } -} - -class KmdfWDFDeviceState extends KmdfStruct { - KmdfWDFDeviceState() { this.getName().matches("_WDF_DEVICE_STATE") } -} - -class KmdfWDFDevicePnpCapabilities extends KmdfStruct { - KmdfWDFDevicePnpCapabilities() { this.getName().matches("_WDF_DEVICE_PNP_CAPABILITIES") } -} - -class KmdfWDFDevicePowerCapabilities extends KmdfStruct { - KmdfWDFDevicePowerCapabilities() { this.getName().matches("_WDF_DEVICE_POWER_CAPABILITIES") } -} - -class KmdfWDFRemoveLockOptions extends KmdfStruct { - KmdfWDFRemoveLockOptions() { this.getName().matches("_WDF_REMOVE_LOCK_OPTIONS") } -} - -class KmdfWDFPowerFrameworkSettings extends KmdfStruct { - KmdfWDFPowerFrameworkSettings() { this.getName().matches("_WDF_POWER_FRAMEWORK_SETTINGS") } -} - -class KmdfWDFIoTypeConfig extends KmdfStruct { - KmdfWDFIoTypeConfig() { this.getName().matches("_WDF_IO_TYPE_CONFIG") } -} - -class KmdfWDFDevicePropertyData extends KmdfStruct { - KmdfWDFDevicePropertyData() { this.getName().matches("_WDF_DEVICE_PROPERTY_DATA") } -} - -class KmdfWDFDmaEnablerConfig extends KmdfStruct { - KmdfWDFDmaEnablerConfig() { this.getName().matches("_WDF_DMA_ENABLER_CONFIG") } -} - -class KmdfWDFDmaSystemProfileConfig extends KmdfStruct { - KmdfWDFDmaSystemProfileConfig() { this.getName().matches("_WDF_DMA_SYSTEM_PROFILE_CONFIG") } -} - -class KmdfWDFDpcConfig extends KmdfStruct { - KmdfWDFDpcConfig() { this.getName().matches("_WDF_DPC_CONFIG") } -} - -class KmdfWDFDriverConfig extends KmdfStruct { - KmdfWDFDriverConfig() { this.getName().matches("_WDF_DRIVER_CONFIG") } -} - -class KmdfWDFDriverVersionAvailableParams extends KmdfStruct { - KmdfWDFDriverVersionAvailableParams() { - this.getName().matches("_WDF_DRIVER_VERSION_AVAILABLE_PARAMS") - } -} - -class KmdfWDFFdoEventCallbacks extends KmdfStruct { - KmdfWDFFdoEventCallbacks() { this.getName().matches("_WDF_FDO_EVENT_CALLBACKS") } -} - -class KmdfWDFDriverGlobals extends KmdfStruct { - KmdfWDFDriverGlobals() { this.getName().matches("_WDF_DRIVER_GLOBALS") } -} - -class KmdfWDFCoinstallerInstallOptions extends KmdfStruct { - KmdfWDFCoinstallerInstallOptions() { this.getName().matches("_WDF_COINSTALLER_INSTALL_OPTIONS") } -} - -class KmdfWDFInterruptConfig extends KmdfStruct { - KmdfWDFInterruptConfig() { this.getName().matches("_WDF_INTERRUPT_CONFIG") } -} - -class KmdfWDFInterruptInfo extends KmdfStruct { - KmdfWDFInterruptInfo() { this.getName().matches("_WDF_INTERRUPT_INFO") } -} - -class KmdfWDFInterruptExtendedPolicy extends KmdfStruct { - KmdfWDFInterruptExtendedPolicy() { this.getName().matches("_WDF_INTERRUPT_EXTENDED_POLICY") } -} - -class KmdfWDFIoQueueConfig extends KmdfStruct { - KmdfWDFIoQueueConfig() { this.getName().matches("_WDF_IO_QUEUE_CONFIG") } -} - -class KmdfWDFIoQueueForwardProgressPolicy extends KmdfStruct { - KmdfWDFIoQueueForwardProgressPolicy() { - this.getName().matches("_WDF_IO_QUEUE_FORWARD_PROGRESS_POLICY") - } -} - -class KmdfWDFIoTargetOpenParams extends KmdfStruct { - KmdfWDFIoTargetOpenParams() { this.getName().matches("_WDF_IO_TARGET_OPEN_PARAMS") } -} - -class KmdfWDFMEMORYOffset extends KmdfStruct { - KmdfWDFMEMORYOffset() { this.getName().matches("_WDFMEMORY_OFFSET") } -} - -class KmdfWDFMemoryDescriptor extends KmdfStruct { - KmdfWDFMemoryDescriptor() { this.getName().matches("_WDF_MEMORY_DESCRIPTOR") } -} - -class KmdfWDFObjectAttributes extends KmdfStruct { - KmdfWDFObjectAttributes() { this.getName().matches("_WDF_OBJECT_ATTRIBUTES") } -} - -class KmdfWDFObjectContextTypeInfo extends KmdfStruct { - KmdfWDFObjectContextTypeInfo() { this.getName().matches("_WDF_OBJECT_CONTEXT_TYPE_INFO") } -} - -class KmdfWDFCustomTypeContext extends KmdfStruct { - KmdfWDFCustomTypeContext() { this.getName().matches("_WDF_CUSTOM_TYPE_CONTEXT") } -} - -class KmdfWDFPdoEventCallbacks extends KmdfStruct { - KmdfWDFPdoEventCallbacks() { this.getName().matches("_WDF_PDO_EVENT_CALLBACKS") } -} - -class KmdfWDFQueryInterfaceConfig extends KmdfStruct { - KmdfWDFQueryInterfaceConfig() { this.getName().matches("_WDF_QUERY_INTERFACE_CONFIG") } -} - -class KmdfWDFRequestParameters extends KmdfStruct { - KmdfWDFRequestParameters() { this.getName().matches("_WDF_REQUEST_PARAMETERS") } -} - -class KmdfWDFRequestCompletionParams extends KmdfStruct { - KmdfWDFRequestCompletionParams() { this.getName().matches("_WDF_REQUEST_COMPLETION_PARAMS") } -} - -class KmdfWDFRequestReuseParams extends KmdfStruct { - KmdfWDFRequestReuseParams() { this.getName().matches("_WDF_REQUEST_REUSE_PARAMS") } -} - -class KmdfWDFRequestSendOptions extends KmdfStruct { - KmdfWDFRequestSendOptions() { this.getName().matches("_WDF_REQUEST_SEND_OPTIONS") } -} - -class KmdfWDFRequestForwardOptions extends KmdfStruct { - KmdfWDFRequestForwardOptions() { this.getName().matches("_WDF_REQUEST_FORWARD_OPTIONS") } -} - -class KmdfWDFTimerConfig extends KmdfStruct { - KmdfWDFTimerConfig() { this.getName().matches("_WDF_TIMER_CONFIG") } -} - -class KmdfWDFUsbRequestCompletionParams extends KmdfStruct { - KmdfWDFUsbRequestCompletionParams() { - this.getName().matches("_WDF_USB_REQUEST_COMPLETION_PARAMS") - } -} - -class KmdfWDFUsbContinuousReaderConfig extends KmdfStruct { - KmdfWDFUsbContinuousReaderConfig() { this.getName().matches("_WDF_USB_CONTINUOUS_READER_CONFIG") } -} - -class KmdfWDFUsbDeviceInformation extends KmdfStruct { - KmdfWDFUsbDeviceInformation() { this.getName().matches("_WDF_USB_DEVICE_INFORMATION") } -} - -class KmdfWDFUsbInterfaceSettingPair extends KmdfStruct { - KmdfWDFUsbInterfaceSettingPair() { this.getName().matches("_WDF_USB_INTERFACE_SETTING_PAIR") } -} - -class KmdfWDFUsbDeviceSelectConfigParams extends KmdfStruct { - KmdfWDFUsbDeviceSelectConfigParams() { - this.getName().matches("_WDF_USB_DEVICE_SELECT_CONFIG_PARAMS") - } -} - -class KmdfWDFUsbInterfaceSelectSettingParams extends KmdfStruct { - KmdfWDFUsbInterfaceSelectSettingParams() { - this.getName().matches("_WDF_USB_INTERFACE_SELECT_SETTING_PARAMS") - } -} - -class KmdfWDFUsbPipeInformation extends KmdfStruct { - KmdfWDFUsbPipeInformation() { this.getName().matches("_WDF_USB_PIPE_INFORMATION") } -} - -class KmdfWDFUsbDeviceCreateConfig extends KmdfStruct { - KmdfWDFUsbDeviceCreateConfig() { this.getName().matches("_WDF_USB_DEVICE_CREATE_CONFIG") } -} - -class KmdfWDFWmiProviderConfig extends KmdfStruct { - KmdfWDFWmiProviderConfig() { this.getName().matches("_WDF_WMI_PROVIDER_CONFIG") } -} - -class KmdfWDFWmiInstanceConfig extends KmdfStruct { - KmdfWDFWmiInstanceConfig() { this.getName().matches("_WDF_WMI_INSTANCE_CONFIG") } -} - -class KmdfWDFWorkitemConfig extends KmdfStruct { - KmdfWDFWorkitemConfig() { this.getName().matches("_WDF_WORKITEM_CONFIG") } -} +// Copyright (c) Microsoft Corporation. +// Licensed under the MIT license. +import cpp + +/** + * A KMDF Typedef type. This class is incomplete. It is used to represent a TypedefType in the KMDF library. + */ +class KmdfRoleTypeType extends TypedefType { + /* Callbacks */ + KmdfRoleTypeType() { + + this.getName().matches("EVT_WDF_CHILD_LIST_CREATE_DEVICE") or + this.getName().matches("EVT_WDF_CHILD_LIST_SCAN_FOR_CHILDREN") or + this.getName().matches("EVT_WDF_CHILD_LIST_IDENTIFICATION_DESCRIPTION_COPY") or + this.getName().matches("EVT_WDF_CHILD_LIST_IDENTIFICATION_DESCRIPTION_DUPLICATE") or + this.getName().matches("EVT_WDF_CHILD_LIST_IDENTIFICATION_DESCRIPTION_COMPARE") or + this.getName().matches("EVT_WDF_CHILD_LIST_IDENTIFICATION_DESCRIPTION_CLEANUP") or + this.getName().matches("EVT_WDF_CHILD_LIST_ADDRESS_DESCRIPTION_COPY") or + this.getName().matches("EVT_WDF_CHILD_LIST_ADDRESS_DESCRIPTION_DUPLICATE") or + this.getName().matches("EVT_WDF_CHILD_LIST_ADDRESS_DESCRIPTION_CLEANUP") or + this.getName().matches("EVT_WDF_CHILD_LIST_DEVICE_REENUMERATED") or + this.getName().matches("EVT_WDF_DEVICE_SHUTDOWN_NOTIFICATION") or + this.getName().matches("EVT_WDF_DEVICE_FILE_CREATE") or + this.getName().matches("EVT_WDF_FILE_CLOSE") or + this.getName().matches("EVT_WDF_FILE_CLEANUP") or + this.getName().matches("EVT_WDF_DEVICE_PNP_STATE_CHANGE_NOTIFICATION") or + this.getName().matches("EVT_WDF_DEVICE_POWER_STATE_CHANGE_NOTIFICATION") or + this.getName().matches("EVT_WDF_DEVICE_POWER_POLICY_STATE_CHANGE_NOTIFICATION") or + this.getName().matches("EVT_WDF_DEVICE_D0_ENTRY") or + this.getName().matches("EVT_WDF_DEVICE_D0_ENTRY_POST_INTERRUPTS_ENABLED") or + this.getName().matches("EVT_WDF_DEVICE_D0_ENTRY_POST_HARDWARE_ENABLED") or + this.getName().matches("EVT_WDF_DEVICE_D0_EXIT") or + this.getName().matches("EVT_WDF_DEVICE_D0_EXIT_PRE_INTERRUPTS_DISABLED") or + this.getName().matches("EVT_WDF_DEVICE_D0_EXIT_PRE_HARDWARE_DISABLED") or + this.getName().matches("EVT_WDF_DEVICE_PREPARE_HARDWARE") or + this.getName().matches("EVT_WDF_DEVICE_RELEASE_HARDWARE") or + this.getName().matches("EVT_WDF_DEVICE_SELF_MANAGED_IO_CLEANUP") or + this.getName().matches("EVT_WDF_DEVICE_SELF_MANAGED_IO_FLUSH") or + this.getName().matches("EVT_WDF_DEVICE_SELF_MANAGED_IO_INIT") or + this.getName().matches("EVT_WDF_DEVICE_SELF_MANAGED_IO_SUSPEND") or + this.getName().matches("EVT_WDF_DEVICE_SELF_MANAGED_IO_RESTART") or + this.getName().matches("EVT_WDF_DEVICE_QUERY_STOP") or + this.getName().matches("EVT_WDF_DEVICE_QUERY_REMOVE") or + this.getName().matches("EVT_WDF_DEVICE_SURPRISE_REMOVAL") or + this.getName().matches("EVT_WDF_DEVICE_USAGE_NOTIFICATION") or + this.getName().matches("EVT_WDF_DEVICE_USAGE_NOTIFICATION_EX") or + this.getName().matches("EVT_WDF_DEVICE_RELATIONS_QUERY") or + this.getName().matches("EVT_WDF_DEVICE_ARM_WAKE_FROM_S0") or + this.getName().matches("EVT_WDF_DEVICE_ARM_WAKE_FROM_SX") or + this.getName().matches("EVT_WDF_DEVICE_ARM_WAKE_FROM_SX_WITH_REASON") or + this.getName().matches("EVT_WDF_DEVICE_DISARM_WAKE_FROM_S0") or + this.getName().matches("EVT_WDF_DEVICE_DISARM_WAKE_FROM_SX") or + this.getName().matches("EVT_WDF_DEVICE_WAKE_FROM_S0_TRIGGERED") or + this.getName().matches("EVT_WDF_DEVICE_WAKE_FROM_SX_TRIGGERED") or + this.getName().matches("EVT_WDFDEVICE_WDM_IRP_PREPROCESS") or + this.getName().matches("EVT_WDFDEVICE_WDM_IRP_DISPATCH") or + this.getName().matches("EVT_WDF_IO_IN_CALLER_CONTEXT") or + this.getName().matches("EVT_WDFDEVICE_WDM_POST_PO_FX_REGISTER_DEVICE") or + this.getName().matches("EVT_WDFDEVICE_WDM_PRE_PO_FX_UNREGISTER_DEVICE") or + this.getName().matches("EVT_WDF_DMA_ENABLER_FILL") or + this.getName().matches("EVT_WDF_DMA_ENABLER_FLUSH") or + this.getName().matches("EVT_WDF_DMA_ENABLER_ENABLE") or + this.getName().matches("EVT_WDF_DMA_ENABLER_DISABLE") or + this.getName().matches("EVT_WDF_DMA_ENABLER_SELFMANAGED_IO_START") or + this.getName().matches("EVT_WDF_DMA_ENABLER_SELFMANAGED_IO_STOP") or + this.getName().matches("EVT_WDF_PROGRAM_DMA") or + this.getName().matches("EVT_WDF_DMA_TRANSACTION_CONFIGURE_DMA_CHANNEL") or + this.getName().matches("EVT_WDF_DMA_TRANSACTION_DMA_TRANSFER_COMPLETE") or + this.getName().matches("EVT_WDF_RESERVE_DMA") or + this.getName().matches("EVT_WDF_DPC") or + this.getName().matches("EVT_WDF_DRIVER_DEVICE_ADD") or + this.getName().matches("EVT_WDF_DRIVER_UNLOAD") or + this.getName().matches("EVT_WDF_TRACE_CALLBACK") or + this.getName().matches("EVT_WDF_DEVICE_FILTER_RESOURCE_REQUIREMENTS") or + this.getName().matches("EVT_WDF_DEVICE_REMOVE_ADDED_RESOURCES") or + this.getName().matches("EVT_WDF_INTERRUPT_ISR") or + this.getName().matches("EVT_WDF_INTERRUPT_SYNCHRONIZE") or + this.getName().matches("EVT_WDF_INTERRUPT_DPC") or + this.getName().matches("EVT_WDF_INTERRUPT_WORKITEM") or + this.getName().matches("EVT_WDF_INTERRUPT_ENABLE") or + this.getName().matches("EVT_WDF_INTERRUPT_DISABLE") or + this.getName().matches("EVT_WDF_IO_QUEUE_IO_DEFAULT") or + this.getName().matches("EVT_WDF_IO_QUEUE_IO_STOP") or + this.getName().matches("EVT_WDF_IO_QUEUE_IO_RESUME") or + this.getName().matches("EVT_WDF_IO_QUEUE_IO_READ") or + this.getName().matches("EVT_WDF_IO_QUEUE_IO_WRITE") or + this.getName().matches("EVT_WDF_IO_QUEUE_IO_DEVICE_CONTROL") or + this.getName().matches("EVT_WDF_IO_QUEUE_IO_INTERNAL_DEVICE_CONTROL") or + this.getName().matches("EVT_WDF_IO_QUEUE_IO_CANCELED_ON_QUEUE") or + this.getName().matches("EVT_WDF_IO_QUEUE_STATE") or + this.getName().matches("EVT_WDF_IO_ALLOCATE_RESOURCES_FOR_RESERVED_REQUEST") or + this.getName().matches("EVT_WDF_IO_ALLOCATE_REQUEST_RESOURCES") or + this.getName().matches("EVT_WDF_IO_WDM_IRP_FOR_FORWARD_PROGRESS") or + this.getName().matches("EVT_WDF_IO_TARGET_QUERY_REMOVE") or + this.getName().matches("EVT_WDF_IO_TARGET_REMOVE_CANCELED") or + this.getName().matches("EVT_WDF_IO_TARGET_REMOVE_COMPLETE") or + this.getName().matches("EVT_WDF_%_CONTEXT_CLEANUP%") or + this.getName().matches("EVT_WDF_%_CONTEXT_DESTROY%") or + this.getName().matches("EVT_WDF_DEVICE_RESOURCES_QUERY") or + this.getName().matches("EVT_WDF_DEVICE_RESOURCE_REQUIREMENTS_QUERY") or + this.getName().matches("EVT_WDF_DEVICE_EJECT") or + this.getName().matches("EVT_WDF_DEVICE_SET_LOCK") or + this.getName().matches("EVT_WDF_DEVICE_ENABLE_WAKE_AT_BUS") or + this.getName().matches("EVT_WDF_DEVICE_DISABLE_WAKE_AT_BUS") or + this.getName().matches("EVT_WDF_DEVICE_REPORTED_MISSING") or + this.getName().matches("EVT_WDF_DEVICE_PROCESS_QUERY_INTERFACE_REQUEST") or + this.getName().matches("EVT_WDF_REQUEST_CANCEL") or + this.getName().matches("EVT_WDF_REQUEST_COMPLETION_ROUTINE") or + this.getName().matches("EVT_WDF_TIMER") or + this.getName().matches("EVT_WDF_USB_READER_COMPLETION_ROUTINE") or + this.getName().matches("EVT_WDF_USB_READERS_FAILED") or + this.getName().matches("EVT_WDF_WMI_INSTANCE_QUERY_INSTANCE") or + this.getName().matches("EVT_WDF_WMI_INSTANCE_SET_INSTANCE") or + this.getName().matches("EVT_WDF_WMI_INSTANCE_SET_ITEM") or + this.getName().matches("EVT_WDF_WMI_INSTANCE_EXECUTE_METHOD") or + this.getName().matches("EVT_WDF_WMI_PROVIDER_FUNCTION_CONTROL") or + this.getName().matches("EVT_WDF_WORKITEM") + + } +} + +class KmdfCallbackRoutineTypedef extends KmdfRoleTypeType { + KmdfCallbackRoutineTypedef() { this.getFile().getBaseName().matches("%wdf%.h") } +} + +/* Callbacks */ +class KmdfEVTWdfChildListCreateDevice extends KmdfCallbackRoutine { + KmdfEVTWdfChildListCreateDevice() { + callbackType.getName().matches("EVT_WDF_CHILD_LIST_CREATE_DEVICE") + } +} + +class KmdfEVTWdfChildListScanForChildren extends KmdfCallbackRoutine { + KmdfEVTWdfChildListScanForChildren() { + callbackType.getName().matches("EVT_WDF_CHILD_LIST_SCAN_FOR_CHILDREN") + } +} + +class KmdfEVTWdfChildListIdentificationDescriptionCopy extends KmdfCallbackRoutine { + KmdfEVTWdfChildListIdentificationDescriptionCopy() { + callbackType.getName().matches("EVT_WDF_CHILD_LIST_IDENTIFICATION_DESCRIPTION_COPY") + } +} + +class KmdfEVTWdfChildListIdentificationDescriptionDuplicate extends KmdfCallbackRoutine { + KmdfEVTWdfChildListIdentificationDescriptionDuplicate() { + callbackType.getName().matches("EVT_WDF_CHILD_LIST_IDENTIFICATION_DESCRIPTION_DUPLICATE") + } +} + +class KmdfEVTWdfChildListIdentificationDescriptionCompare extends KmdfCallbackRoutine { + KmdfEVTWdfChildListIdentificationDescriptionCompare() { + callbackType.getName().matches("EVT_WDF_CHILD_LIST_IDENTIFICATION_DESCRIPTION_COMPARE") + } +} + +class KmdfEVTWdfChildListIdentificationDescriptionCleanup extends KmdfCallbackRoutine { + KmdfEVTWdfChildListIdentificationDescriptionCleanup() { + callbackType.getName().matches("EVT_WDF_CHILD_LIST_IDENTIFICATION_DESCRIPTION_CLEANUP") + } +} + +class KmdfEVTWdfChildListAddressDescriptionCopy extends KmdfCallbackRoutine { + KmdfEVTWdfChildListAddressDescriptionCopy() { + callbackType.getName().matches("EVT_WDF_CHILD_LIST_ADDRESS_DESCRIPTION_COPY") + } +} + +class KmdfEVTWdfChildListAddressDescriptionDuplicate extends KmdfCallbackRoutine { + KmdfEVTWdfChildListAddressDescriptionDuplicate() { + callbackType.getName().matches("EVT_WDF_CHILD_LIST_ADDRESS_DESCRIPTION_DUPLICATE") + } +} + +class KmdfEVTWdfChildListAddressDescriptionCleanup extends KmdfCallbackRoutine { + KmdfEVTWdfChildListAddressDescriptionCleanup() { + callbackType.getName().matches("EVT_WDF_CHILD_LIST_ADDRESS_DESCRIPTION_CLEANUP") + } +} + +class KmdfEVTWdfChildListDeviceReenumerated extends KmdfCallbackRoutine { + KmdfEVTWdfChildListDeviceReenumerated() { + callbackType.getName().matches("EVT_WDF_CHILD_LIST_DEVICE_REENUMERATED") + } +} + +class KmdfEVTWdfDeviceShutdownNotification extends KmdfCallbackRoutine { + KmdfEVTWdfDeviceShutdownNotification() { + callbackType.getName().matches("EVT_WDF_DEVICE_SHUTDOWN_NOTIFICATION") + } +} + +class KmdfEVTWdfDeviceFileCreate extends KmdfCallbackRoutine { + KmdfEVTWdfDeviceFileCreate() { callbackType.getName().matches("EVT_WDF_DEVICE_FILE_CREATE") } +} + +class KmdfEVTWdfFileClose extends KmdfCallbackRoutine { + KmdfEVTWdfFileClose() { callbackType.getName().matches("EVT_WDF_FILE_CLOSE") } +} + +class KmdfEVTWdfFileCleanup extends KmdfCallbackRoutine { + KmdfEVTWdfFileCleanup() { callbackType.getName().matches("EVT_WDF_FILE_CLEANUP") } +} + +class KmdfEVTWdfDevicePnpStateChangeNotification extends KmdfCallbackRoutine { + KmdfEVTWdfDevicePnpStateChangeNotification() { + callbackType.getName().matches("EVT_WDF_DEVICE_PNP_STATE_CHANGE_NOTIFICATION") + } +} + +class KmdfEVTWdfDevicePowerStateChangeNotification extends KmdfCallbackRoutine { + KmdfEVTWdfDevicePowerStateChangeNotification() { + callbackType.getName().matches("EVT_WDF_DEVICE_POWER_STATE_CHANGE_NOTIFICATION") + } +} + +class KmdfEVTWdfDevicePowerPolicyStateChangeNotification extends KmdfCallbackRoutine { + KmdfEVTWdfDevicePowerPolicyStateChangeNotification() { + callbackType.getName().matches("EVT_WDF_DEVICE_POWER_POLICY_STATE_CHANGE_NOTIFICATION") + } +} + +class KmdfEVTWdfDeviceD0Entry extends KmdfCallbackRoutine { + KmdfEVTWdfDeviceD0Entry() { callbackType.getName().matches("EVT_WDF_DEVICE_D0_ENTRY") } +} + +class KmdfEVTWdfDeviceD0EntryPostInterruptsEnabled extends KmdfCallbackRoutine { + KmdfEVTWdfDeviceD0EntryPostInterruptsEnabled() { + callbackType.getName().matches("EVT_WDF_DEVICE_D0_ENTRY_POST_INTERRUPTS_ENABLED") + } +} + +class KmdfEVTWdfDeviceD0EntryPostHardwareEnabled extends KmdfCallbackRoutine { + KmdfEVTWdfDeviceD0EntryPostHardwareEnabled() { + callbackType.getName().matches("EVT_WDF_DEVICE_D0_ENTRY_POST_HARDWARE_ENABLED") + } +} + +class KmdfEVTWdfDeviceD0Exit extends KmdfCallbackRoutine { + KmdfEVTWdfDeviceD0Exit() { callbackType.getName().matches("EVT_WDF_DEVICE_D0_EXIT") } +} + +class KmdfEVTWdfDeviceD0ExitPreInterruptsDisabled extends KmdfCallbackRoutine { + KmdfEVTWdfDeviceD0ExitPreInterruptsDisabled() { + callbackType.getName().matches("EVT_WDF_DEVICE_D0_EXIT_PRE_INTERRUPTS_DISABLED") + } +} + +class KmdfEVTWdfDeviceD0ExitPreHardwareDisabled extends KmdfCallbackRoutine { + KmdfEVTWdfDeviceD0ExitPreHardwareDisabled() { + callbackType.getName().matches("EVT_WDF_DEVICE_D0_EXIT_PRE_HARDWARE_DISABLED") + } +} + +class KmdfEVTWdfDevicePrepareHardware extends KmdfCallbackRoutine { + KmdfEVTWdfDevicePrepareHardware() { + callbackType.getName().matches("EVT_WDF_DEVICE_PREPARE_HARDWARE") + } +} + +class KmdfEVTWdfDeviceReleaseHardware extends KmdfCallbackRoutine { + KmdfEVTWdfDeviceReleaseHardware() { + callbackType.getName().matches("EVT_WDF_DEVICE_RELEASE_HARDWARE") + } +} + +class KmdfEVTWdfDeviceSelfManagedIoCleanup extends KmdfCallbackRoutine { + KmdfEVTWdfDeviceSelfManagedIoCleanup() { + callbackType.getName().matches("EVT_WDF_DEVICE_SELF_MANAGED_IO_CLEANUP") + } +} + +class KmdfEVTWdfDeviceSelfManagedIoFlush extends KmdfCallbackRoutine { + KmdfEVTWdfDeviceSelfManagedIoFlush() { + callbackType.getName().matches("EVT_WDF_DEVICE_SELF_MANAGED_IO_FLUSH") + } +} + +class KmdfEVTWdfDeviceSelfManagedIoInit extends KmdfCallbackRoutine { + KmdfEVTWdfDeviceSelfManagedIoInit() { + callbackType.getName().matches("EVT_WDF_DEVICE_SELF_MANAGED_IO_INIT") + } +} + +class KmdfEVTWdfDeviceSelfManagedIoSuspend extends KmdfCallbackRoutine { + KmdfEVTWdfDeviceSelfManagedIoSuspend() { + callbackType.getName().matches("EVT_WDF_DEVICE_SELF_MANAGED_IO_SUSPEND") + } +} + +class KmdfEVTWdfDeviceSelfManagedIoRestart extends KmdfCallbackRoutine { + KmdfEVTWdfDeviceSelfManagedIoRestart() { + callbackType.getName().matches("EVT_WDF_DEVICE_SELF_MANAGED_IO_RESTART") + } +} + +class KmdfEVTWdfDeviceQueryStop extends KmdfCallbackRoutine { + KmdfEVTWdfDeviceQueryStop() { callbackType.getName().matches("EVT_WDF_DEVICE_QUERY_STOP") } +} + +class KmdfEVTWdfDeviceQueryRemove extends KmdfCallbackRoutine { + KmdfEVTWdfDeviceQueryRemove() { callbackType.getName().matches("EVT_WDF_DEVICE_QUERY_REMOVE") } +} + +class KmdfEVTWdfDeviceSurpriseRemoval extends KmdfCallbackRoutine { + KmdfEVTWdfDeviceSurpriseRemoval() { + callbackType.getName().matches("EVT_WDF_DEVICE_SURPRISE_REMOVAL") + } +} + +class KmdfEVTWdfDeviceUsageNotification extends KmdfCallbackRoutine { + KmdfEVTWdfDeviceUsageNotification() { + callbackType.getName().matches("EVT_WDF_DEVICE_USAGE_NOTIFICATION") + } +} + +class KmdfEVTWdfDeviceUsageNotificationEx extends KmdfCallbackRoutine { + KmdfEVTWdfDeviceUsageNotificationEx() { + callbackType.getName().matches("EVT_WDF_DEVICE_USAGE_NOTIFICATION_EX") + } +} + +class KmdfEVTWdfDeviceRelationsQuery extends KmdfCallbackRoutine { + KmdfEVTWdfDeviceRelationsQuery() { + callbackType.getName().matches("EVT_WDF_DEVICE_RELATIONS_QUERY") + } +} + +class KmdfEVTWdfDeviceArmWakeFromS0 extends KmdfCallbackRoutine { + KmdfEVTWdfDeviceArmWakeFromS0() { + callbackType.getName().matches("EVT_WDF_DEVICE_ARM_WAKE_FROM_S0") + } +} + +class KmdfEVTWdfDeviceArmWakeFromSx extends KmdfCallbackRoutine { + KmdfEVTWdfDeviceArmWakeFromSx() { + callbackType.getName().matches("EVT_WDF_DEVICE_ARM_WAKE_FROM_SX") + } +} + +class KmdfEVTWdfDeviceArmWakeFromSxWithReason extends KmdfCallbackRoutine { + KmdfEVTWdfDeviceArmWakeFromSxWithReason() { + callbackType.getName().matches("EVT_WDF_DEVICE_ARM_WAKE_FROM_SX_WITH_REASON") + } +} + +class KmdfEVTWdfDeviceDisarmWakeFromS0 extends KmdfCallbackRoutine { + KmdfEVTWdfDeviceDisarmWakeFromS0() { + callbackType.getName().matches("EVT_WDF_DEVICE_DISARM_WAKE_FROM_S0") + } +} + +class KmdfEVTWdfDeviceDisarmWakeFromSx extends KmdfCallbackRoutine { + KmdfEVTWdfDeviceDisarmWakeFromSx() { + callbackType.getName().matches("EVT_WDF_DEVICE_DISARM_WAKE_FROM_SX") + } +} + +class KmdfEVTWdfDeviceWakeFromS0Triggered extends KmdfCallbackRoutine { + KmdfEVTWdfDeviceWakeFromS0Triggered() { + callbackType.getName().matches("EVT_WDF_DEVICE_WAKE_FROM_S0_TRIGGERED") + } +} + +class KmdfEVTWdfDeviceWakeFromSxTriggered extends KmdfCallbackRoutine { + KmdfEVTWdfDeviceWakeFromSxTriggered() { + callbackType.getName().matches("EVT_WDF_DEVICE_WAKE_FROM_SX_TRIGGERED") + } +} + +class KmdfEVTWdfdeviceWdmIrpPreprocess extends KmdfCallbackRoutine { + KmdfEVTWdfdeviceWdmIrpPreprocess() { + callbackType.getName().matches("EVT_WDFDEVICE_WDM_IRP_PREPROCESS") + } +} + +class KmdfEVTWdfdeviceWdmIrpDispatch extends KmdfCallbackRoutine { + KmdfEVTWdfdeviceWdmIrpDispatch() { + callbackType.getName().matches("EVT_WDFDEVICE_WDM_IRP_DISPATCH") + } +} + +class KmdfEVTWdfIoInCallerContext extends KmdfCallbackRoutine { + KmdfEVTWdfIoInCallerContext() { callbackType.getName().matches("EVT_WDF_IO_IN_CALLER_CONTEXT") } +} + +class KmdfEVTWdfdeviceWdmPostPoFxRegisterDevice extends KmdfCallbackRoutine { + KmdfEVTWdfdeviceWdmPostPoFxRegisterDevice() { + callbackType.getName().matches("EVT_WDFDEVICE_WDM_POST_PO_FX_REGISTER_DEVICE") + } +} + +class KmdfEVTWdfdeviceWdmPrePoFxUnregisterDevice extends KmdfCallbackRoutine { + KmdfEVTWdfdeviceWdmPrePoFxUnregisterDevice() { + callbackType.getName().matches("EVT_WDFDEVICE_WDM_PRE_PO_FX_UNREGISTER_DEVICE") + } +} + +class KmdfEVTWdfDmaEnablerFill extends KmdfCallbackRoutine { + KmdfEVTWdfDmaEnablerFill() { callbackType.getName().matches("EVT_WDF_DMA_ENABLER_FILL") } +} + +class KmdfEVTWdfDmaEnablerFlush extends KmdfCallbackRoutine { + KmdfEVTWdfDmaEnablerFlush() { callbackType.getName().matches("EVT_WDF_DMA_ENABLER_FLUSH") } +} + +class KmdfEVTWdfDmaEnablerEnable extends KmdfCallbackRoutine { + KmdfEVTWdfDmaEnablerEnable() { callbackType.getName().matches("EVT_WDF_DMA_ENABLER_ENABLE") } +} + +class KmdfEVTWdfDmaEnablerDisable extends KmdfCallbackRoutine { + KmdfEVTWdfDmaEnablerDisable() { callbackType.getName().matches("EVT_WDF_DMA_ENABLER_DISABLE") } +} + +class KmdfEVTWdfDmaEnablerSelfmanagedIoStart extends KmdfCallbackRoutine { + KmdfEVTWdfDmaEnablerSelfmanagedIoStart() { + callbackType.getName().matches("EVT_WDF_DMA_ENABLER_SELFMANAGED_IO_START") + } +} + +class KmdfEVTWdfDmaEnablerSelfmanagedIoStop extends KmdfCallbackRoutine { + KmdfEVTWdfDmaEnablerSelfmanagedIoStop() { + callbackType.getName().matches("EVT_WDF_DMA_ENABLER_SELFMANAGED_IO_STOP") + } +} + +class KmdfEVTWdfProgramDma extends KmdfCallbackRoutine { + KmdfEVTWdfProgramDma() { callbackType.getName().matches("EVT_WDF_PROGRAM_DMA") } +} + +class KmdfEVTWdfDmaTransactionConfigureDmaChannel extends KmdfCallbackRoutine { + KmdfEVTWdfDmaTransactionConfigureDmaChannel() { + callbackType.getName().matches("EVT_WDF_DMA_TRANSACTION_CONFIGURE_DMA_CHANNEL") + } +} + +class KmdfEVTWdfDmaTransactionDmaTransferComplete extends KmdfCallbackRoutine { + KmdfEVTWdfDmaTransactionDmaTransferComplete() { + callbackType.getName().matches("EVT_WDF_DMA_TRANSACTION_DMA_TRANSFER_COMPLETE") + } +} + +class KmdfEVTWdfReserveDma extends KmdfCallbackRoutine { + KmdfEVTWdfReserveDma() { callbackType.getName().matches("EVT_WDF_RESERVE_DMA") } +} + +class KmdfEVTWdfDpc extends KmdfCallbackRoutine { + KmdfEVTWdfDpc() { callbackType.getName().matches("EVT_WDF_DPC") } +} + +class KmdfEVTWdfDriverDeviceAdd extends KmdfCallbackRoutine { + KmdfEVTWdfDriverDeviceAdd() { callbackType.getName().matches("EVT_WDF_DRIVER_DEVICE_ADD") } +} + +class KmdfEVTWdfDriverUnload extends KmdfCallbackRoutine { + KmdfEVTWdfDriverUnload() { callbackType.getName().matches("EVT_WDF_DRIVER_UNLOAD") } +} + +class KmdfEVTWdfTraceCallback extends KmdfCallbackRoutine { + KmdfEVTWdfTraceCallback() { callbackType.getName().matches("EVT_WDF_TRACE_CALLBACK") } +} + +class KmdfEVTWdfDeviceFilterResourceRequirements extends KmdfCallbackRoutine { + KmdfEVTWdfDeviceFilterResourceRequirements() { + callbackType.getName().matches("EVT_WDF_DEVICE_FILTER_RESOURCE_REQUIREMENTS") + } +} + +class KmdfEVTWdfDeviceRemoveAddedResources extends KmdfCallbackRoutine { + KmdfEVTWdfDeviceRemoveAddedResources() { + callbackType.getName().matches("EVT_WDF_DEVICE_REMOVE_ADDED_RESOURCES") + } +} + +class KmdfEVTWdfInterruptIsr extends KmdfCallbackRoutine { + KmdfEVTWdfInterruptIsr() { callbackType.getName().matches("EVT_WDF_INTERRUPT_ISR") } +} + +class KmdfEVTWdfInterruptSynchronize extends KmdfCallbackRoutine { + KmdfEVTWdfInterruptSynchronize() { + callbackType.getName().matches("EVT_WDF_INTERRUPT_SYNCHRONIZE") + } +} + +class KmdfEVTWdfInterruptDpc extends KmdfCallbackRoutine { + KmdfEVTWdfInterruptDpc() { callbackType.getName().matches("EVT_WDF_INTERRUPT_DPC") } +} + +class KmdfEVTWdfInterruptWorkitem extends KmdfCallbackRoutine { + KmdfEVTWdfInterruptWorkitem() { callbackType.getName().matches("EVT_WDF_INTERRUPT_WORKITEM") } +} + +class KmdfEVTWdfInterruptEnable extends KmdfCallbackRoutine { + KmdfEVTWdfInterruptEnable() { callbackType.getName().matches("EVT_WDF_INTERRUPT_ENABLE") } +} + +class KmdfEVTWdfInterruptDisable extends KmdfCallbackRoutine { + KmdfEVTWdfInterruptDisable() { callbackType.getName().matches("EVT_WDF_INTERRUPT_DISABLE") } +} + +class KmdfEVTWdfIoQueueIoDefault extends KmdfCallbackRoutine { + KmdfEVTWdfIoQueueIoDefault() { callbackType.getName().matches("EVT_WDF_IO_QUEUE_IO_DEFAULT") } +} + +class KmdfEVTWdfIoQueueIoStop extends KmdfCallbackRoutine { + KmdfEVTWdfIoQueueIoStop() { callbackType.getName().matches("EVT_WDF_IO_QUEUE_IO_STOP") } +} + +class KmdfEVTWdfIoQueueIoResume extends KmdfCallbackRoutine { + KmdfEVTWdfIoQueueIoResume() { callbackType.getName().matches("EVT_WDF_IO_QUEUE_IO_RESUME") } +} + +class KmdfEVTWdfIoQueueIoRead extends KmdfCallbackRoutine { + KmdfEVTWdfIoQueueIoRead() { callbackType.getName().matches("EVT_WDF_IO_QUEUE_IO_READ") } +} + +class KmdfEVTWdfIoQueueIoWrite extends KmdfCallbackRoutine { + KmdfEVTWdfIoQueueIoWrite() { callbackType.getName().matches("EVT_WDF_IO_QUEUE_IO_WRITE") } +} + +class KmdfEVTWdfIoQueueIoDeviceControl extends KmdfCallbackRoutine { + KmdfEVTWdfIoQueueIoDeviceControl() { + callbackType.getName().matches("EVT_WDF_IO_QUEUE_IO_DEVICE_CONTROL") + } +} + +class KmdfEVTWdfIoQueueIoInternalDeviceControl extends KmdfCallbackRoutine { + KmdfEVTWdfIoQueueIoInternalDeviceControl() { + callbackType.getName().matches("EVT_WDF_IO_QUEUE_IO_INTERNAL_DEVICE_CONTROL") + } +} + +class KmdfEVTWdfIoQueueIoCanceledOnQueue extends KmdfCallbackRoutine { + KmdfEVTWdfIoQueueIoCanceledOnQueue() { + callbackType.getName().matches("EVT_WDF_IO_QUEUE_IO_CANCELED_ON_QUEUE") + } +} + +class KmdfEVTWdfIoQueueState extends KmdfCallbackRoutine { + KmdfEVTWdfIoQueueState() { callbackType.getName().matches("EVT_WDF_IO_QUEUE_STATE") } +} + +class KmdfEVTWdfIoAllocateResourcesForReservedRequest extends KmdfCallbackRoutine { + KmdfEVTWdfIoAllocateResourcesForReservedRequest() { + callbackType.getName().matches("EVT_WDF_IO_ALLOCATE_RESOURCES_FOR_RESERVED_REQUEST") + } +} + +class KmdfEVTWdfIoAllocateRequestResources extends KmdfCallbackRoutine { + KmdfEVTWdfIoAllocateRequestResources() { + callbackType.getName().matches("EVT_WDF_IO_ALLOCATE_REQUEST_RESOURCES") + } +} + +class KmdfEVTWdfIoWdmIrpForForwardProgress extends KmdfCallbackRoutine { + KmdfEVTWdfIoWdmIrpForForwardProgress() { + callbackType.getName().matches("EVT_WDF_IO_WDM_IRP_FOR_FORWARD_PROGRESS") + } +} + +class KmdfEVTWdfIoTargetQueryRemove extends KmdfCallbackRoutine { + KmdfEVTWdfIoTargetQueryRemove() { + callbackType.getName().matches("EVT_WDF_IO_TARGET_QUERY_REMOVE") + } +} + +class KmdfEVTWdfIoTargetRemoveCanceled extends KmdfCallbackRoutine { + KmdfEVTWdfIoTargetRemoveCanceled() { + callbackType.getName().matches("EVT_WDF_IO_TARGET_REMOVE_CANCELED") + } +} + +class KmdfEVTWdfIoTargetRemoveComplete extends KmdfCallbackRoutine { + KmdfEVTWdfIoTargetRemoveComplete() { + callbackType.getName().matches("EVT_WDF_IO_TARGET_REMOVE_COMPLETE") + } +} + +class KmdfEVTWdfObjectContextCleanup extends KmdfCallbackRoutine { + KmdfEVTWdfObjectContextCleanup() { + callbackType.getName().matches("EVT_WDF_OBJECT_CONTEXT_CLEANUP") + } +} + +class KmdfEVTWdfObjectContextDestroy extends KmdfCallbackRoutine { + KmdfEVTWdfObjectContextDestroy() { + callbackType.getName().matches("EVT_WDF_OBJECT_CONTEXT_DESTROY") + } +} + +class KmdfEVTWdfDeviceResourcesQuery extends KmdfCallbackRoutine { + KmdfEVTWdfDeviceResourcesQuery() { + callbackType.getName().matches("EVT_WDF_DEVICE_RESOURCES_QUERY") + } +} + +class KmdfEVTWdfDeviceResourceRequirementsQuery extends KmdfCallbackRoutine { + KmdfEVTWdfDeviceResourceRequirementsQuery() { + callbackType.getName().matches("EVT_WDF_DEVICE_RESOURCE_REQUIREMENTS_QUERY") + } +} + +class KmdfEVTWdfDeviceEject extends KmdfCallbackRoutine { + KmdfEVTWdfDeviceEject() { callbackType.getName().matches("EVT_WDF_DEVICE_EJECT") } +} + +class KmdfEVTWdfDeviceSetLock extends KmdfCallbackRoutine { + KmdfEVTWdfDeviceSetLock() { callbackType.getName().matches("EVT_WDF_DEVICE_SET_LOCK") } +} + +class KmdfEVTWdfDeviceEnableWakeAtBus extends KmdfCallbackRoutine { + KmdfEVTWdfDeviceEnableWakeAtBus() { + callbackType.getName().matches("EVT_WDF_DEVICE_ENABLE_WAKE_AT_BUS") + } +} + +class KmdfEVTWdfDeviceDisableWakeAtBus extends KmdfCallbackRoutine { + KmdfEVTWdfDeviceDisableWakeAtBus() { + callbackType.getName().matches("EVT_WDF_DEVICE_DISABLE_WAKE_AT_BUS") + } +} + +class KmdfEVTWdfDeviceReportedMissing extends KmdfCallbackRoutine { + KmdfEVTWdfDeviceReportedMissing() { + callbackType.getName().matches("EVT_WDF_DEVICE_REPORTED_MISSING") + } +} + +class KmdfEVTWdfDeviceProcessQueryInterfaceRequest extends KmdfCallbackRoutine { + KmdfEVTWdfDeviceProcessQueryInterfaceRequest() { + callbackType.getName().matches("EVT_WDF_DEVICE_PROCESS_QUERY_INTERFACE_REQUEST") + } +} + +class KmdfEVTWdfRequestCancel extends KmdfCallbackRoutine { + KmdfEVTWdfRequestCancel() { callbackType.getName().matches("EVT_WDF_REQUEST_CANCEL") } +} + +class KmdfEVTWdfRequestCompletionRoutine extends KmdfCallbackRoutine { + KmdfEVTWdfRequestCompletionRoutine() { + callbackType.getName().matches("EVT_WDF_REQUEST_COMPLETION_ROUTINE") + } +} + +class KmdfEVTWdfTimer extends KmdfCallbackRoutine { + KmdfEVTWdfTimer() { callbackType.getName().matches("EVT_WDF_TIMER") } +} + +class KmdfEVTWdfUsbReaderCompletionRoutine extends KmdfCallbackRoutine { + KmdfEVTWdfUsbReaderCompletionRoutine() { + callbackType.getName().matches("EVT_WDF_USB_READER_COMPLETION_ROUTINE") + } +} + +class KmdfEVTWdfUsbReadersFailed extends KmdfCallbackRoutine { + KmdfEVTWdfUsbReadersFailed() { callbackType.getName().matches("EVT_WDF_USB_READERS_FAILED") } +} + +class KmdfEVTWdfWmiInstanceQueryInstance extends KmdfCallbackRoutine { + KmdfEVTWdfWmiInstanceQueryInstance() { + callbackType.getName().matches("EVT_WDF_WMI_INSTANCE_QUERY_INSTANCE") + } +} + +class KmdfEVTWdfWmiInstanceSetInstance extends KmdfCallbackRoutine { + KmdfEVTWdfWmiInstanceSetInstance() { + callbackType.getName().matches("EVT_WDF_WMI_INSTANCE_SET_INSTANCE") + } +} + +class KmdfEVTWdfWmiInstanceSetItem extends KmdfCallbackRoutine { + KmdfEVTWdfWmiInstanceSetItem() { callbackType.getName().matches("EVT_WDF_WMI_INSTANCE_SET_ITEM") } +} + +class KmdfEVTWdfWmiInstanceExecuteMethod extends KmdfCallbackRoutine { + KmdfEVTWdfWmiInstanceExecuteMethod() { + callbackType.getName().matches("EVT_WDF_WMI_INSTANCE_EXECUTE_METHOD") + } +} + +class KmdfEVTWdfWmiProviderFunctionControl extends KmdfCallbackRoutine { + KmdfEVTWdfWmiProviderFunctionControl() { + callbackType.getName().matches("EVT_WDF_WMI_PROVIDER_FUNCTION_CONTROL") + } +} + +class KmdfEVTWdfWorkitem extends KmdfCallbackRoutine { + KmdfEVTWdfWorkitem() { callbackType.getName().matches("EVT_WDF_WORKITEM") } +} + +/** + * A KMDF callback routine, defined by having a typedef in its definition + * that matches the standard KMDF callbacks. + */ +class KmdfCallbackRoutine extends Function { + /** The typedef representing what callback this is. */ + KmdfRoleTypeType callbackType; + + KmdfCallbackRoutine() { + exists(FunctionDeclarationEntry fde | + fde.getFunction() = this and + fde.getTypedefType() = callbackType and + fde.getFile().getAnIncludedFile().getBaseName().matches("%wdf.h") + ) + } +} + +/** The DeviceAdd callback. Its callback typedef is "EVT_WDF_DRIVER_DEVICE_ADD". */ +class KmdfEvtDriverDeviceAdd extends KmdfCallbackRoutine { + KmdfEvtDriverDeviceAdd() { callbackType.getName().matches("EVT_WDF_DRIVER_DEVICE_ADD") } +} + +/** + * A KMDF Function. This class is incomplete. It is used to represent a Function in the KMDF library. + */ +class KmdfFunc extends Function { + KmdfFunc() { this.getFile().getBaseName().matches("wdf%.h") } +} + +/** + * A KMDF Struct. This class is incomplete. It is used to represent a Struct in the KMDF library. + */ +class KmdfStruct extends Struct { + KmdfStruct() { this.getFile().getBaseName().matches("wdf%.h") } +} + +/* KMDF Structs */ +class KmdfWDFPowerRoutineTimedOutData extends KmdfStruct { + KmdfWDFPowerRoutineTimedOutData() { this.getName().matches("_WDF_POWER_ROUTINE_TIMED_OUT_DATA") } +} + +class KmdfWDFRequestFatalErrorInformationLengthMismatchData extends KmdfStruct { + KmdfWDFRequestFatalErrorInformationLengthMismatchData() { + this.getName().matches("_WDF_REQUEST_FATAL_ERROR_INFORMATION_LENGTH_MISMATCH_DATA") + } +} + +class KmdfWDFQueueFatalErrorData extends KmdfStruct { + KmdfWDFQueueFatalErrorData() { this.getName().matches("_WDF_QUEUE_FATAL_ERROR_DATA") } +} + +class KmdfWDFChildIdentificationDescriptionHeader extends KmdfStruct { + KmdfWDFChildIdentificationDescriptionHeader() { + this.getName().matches("_WDF_CHILD_IDENTIFICATION_DESCRIPTION_HEADER") + } +} + +class KmdfWDFChildAddressDescriptionHeader extends KmdfStruct { + KmdfWDFChildAddressDescriptionHeader() { + this.getName().matches("_WDF_CHILD_ADDRESS_DESCRIPTION_HEADER") + } +} + +class KmdfWDFChildRetrieveInfo extends KmdfStruct { + KmdfWDFChildRetrieveInfo() { this.getName().matches("_WDF_CHILD_RETRIEVE_INFO") } +} + +class KmdfWDFChildListConfig extends KmdfStruct { + KmdfWDFChildListConfig() { this.getName().matches("_WDF_CHILD_LIST_CONFIG") } +} + +class KmdfWDFChildListIterator extends KmdfStruct { + KmdfWDFChildListIterator() { this.getName().matches("_WDF_CHILD_LIST_ITERATOR") } +} + +class KmdfWDFCommonBufferConfig extends KmdfStruct { + KmdfWDFCommonBufferConfig() { this.getName().matches("_WDF_COMMON_BUFFER_CONFIG") } +} + +class KmdfWDFTaskSendOptions extends KmdfStruct { + KmdfWDFTaskSendOptions() { this.getName().matches("_WDF_TASK_SEND_OPTIONS") } +} + +class KmdfWDFFileobjectConfig extends KmdfStruct { + KmdfWDFFileobjectConfig() { this.getName().matches("_WDF_FILEOBJECT_CONFIG") } +} + +class KmdfWDFDevicePnpNotificationData extends KmdfStruct { + KmdfWDFDevicePnpNotificationData() { this.getName().matches("_WDF_DEVICE_PNP_NOTIFICATION_DATA") } +} + +class KmdfWDFDevicePowerNotificationData extends KmdfStruct { + KmdfWDFDevicePowerNotificationData() { + this.getName().matches("_WDF_DEVICE_POWER_NOTIFICATION_DATA") + } +} + +class KmdfWDFDevicePowerPolicyNotificationData extends KmdfStruct { + KmdfWDFDevicePowerPolicyNotificationData() { + this.getName().matches("_WDF_DEVICE_POWER_POLICY_NOTIFICATION_DATA") + } +} + +class KmdfWDFPnppowerEventCallbacks extends KmdfStruct { + KmdfWDFPnppowerEventCallbacks() { this.getName().matches("_WDF_PNPPOWER_EVENT_CALLBACKS") } +} + +class KmdfWDFPowerPolicyEventCallbacks extends KmdfStruct { + KmdfWDFPowerPolicyEventCallbacks() { this.getName().matches("_WDF_POWER_POLICY_EVENT_CALLBACKS") } +} + +class KmdfWDFDevicePowerPolicyIdleSettings extends KmdfStruct { + KmdfWDFDevicePowerPolicyIdleSettings() { + this.getName().matches("_WDF_DEVICE_POWER_POLICY_IDLE_SETTINGS") + } +} + +class KmdfWDFDevicePowerPolicyWakeSettings extends KmdfStruct { + KmdfWDFDevicePowerPolicyWakeSettings() { + this.getName().matches("_WDF_DEVICE_POWER_POLICY_WAKE_SETTINGS") + } +} + +class KmdfWDFDeviceState extends KmdfStruct { + KmdfWDFDeviceState() { this.getName().matches("_WDF_DEVICE_STATE") } +} + +class KmdfWDFDevicePnpCapabilities extends KmdfStruct { + KmdfWDFDevicePnpCapabilities() { this.getName().matches("_WDF_DEVICE_PNP_CAPABILITIES") } +} + +class KmdfWDFDevicePowerCapabilities extends KmdfStruct { + KmdfWDFDevicePowerCapabilities() { this.getName().matches("_WDF_DEVICE_POWER_CAPABILITIES") } +} + +class KmdfWDFRemoveLockOptions extends KmdfStruct { + KmdfWDFRemoveLockOptions() { this.getName().matches("_WDF_REMOVE_LOCK_OPTIONS") } +} + +class KmdfWDFPowerFrameworkSettings extends KmdfStruct { + KmdfWDFPowerFrameworkSettings() { this.getName().matches("_WDF_POWER_FRAMEWORK_SETTINGS") } +} + +class KmdfWDFIoTypeConfig extends KmdfStruct { + KmdfWDFIoTypeConfig() { this.getName().matches("_WDF_IO_TYPE_CONFIG") } +} + +class KmdfWDFDevicePropertyData extends KmdfStruct { + KmdfWDFDevicePropertyData() { this.getName().matches("_WDF_DEVICE_PROPERTY_DATA") } +} + +class KmdfWDFDmaEnablerConfig extends KmdfStruct { + KmdfWDFDmaEnablerConfig() { this.getName().matches("_WDF_DMA_ENABLER_CONFIG") } +} + +class KmdfWDFDmaSystemProfileConfig extends KmdfStruct { + KmdfWDFDmaSystemProfileConfig() { this.getName().matches("_WDF_DMA_SYSTEM_PROFILE_CONFIG") } +} + +class KmdfWDFDpcConfig extends KmdfStruct { + KmdfWDFDpcConfig() { this.getName().matches("_WDF_DPC_CONFIG") } +} + +class KmdfWDFDriverConfig extends KmdfStruct { + KmdfWDFDriverConfig() { this.getName().matches("_WDF_DRIVER_CONFIG") } +} + +class KmdfWDFDriverVersionAvailableParams extends KmdfStruct { + KmdfWDFDriverVersionAvailableParams() { + this.getName().matches("_WDF_DRIVER_VERSION_AVAILABLE_PARAMS") + } +} + +class KmdfWDFFdoEventCallbacks extends KmdfStruct { + KmdfWDFFdoEventCallbacks() { this.getName().matches("_WDF_FDO_EVENT_CALLBACKS") } +} + +class KmdfWDFDriverGlobals extends KmdfStruct { + KmdfWDFDriverGlobals() { this.getName().matches("_WDF_DRIVER_GLOBALS") } +} + +class KmdfWDFCoinstallerInstallOptions extends KmdfStruct { + KmdfWDFCoinstallerInstallOptions() { this.getName().matches("_WDF_COINSTALLER_INSTALL_OPTIONS") } +} + +class KmdfWDFInterruptConfig extends KmdfStruct { + KmdfWDFInterruptConfig() { this.getName().matches("_WDF_INTERRUPT_CONFIG") } +} + +class KmdfWDFInterruptInfo extends KmdfStruct { + KmdfWDFInterruptInfo() { this.getName().matches("_WDF_INTERRUPT_INFO") } +} + +class KmdfWDFInterruptExtendedPolicy extends KmdfStruct { + KmdfWDFInterruptExtendedPolicy() { this.getName().matches("_WDF_INTERRUPT_EXTENDED_POLICY") } +} + +class KmdfWDFIoQueueConfig extends KmdfStruct { + KmdfWDFIoQueueConfig() { this.getName().matches("_WDF_IO_QUEUE_CONFIG") } +} + +class KmdfWDFIoQueueForwardProgressPolicy extends KmdfStruct { + KmdfWDFIoQueueForwardProgressPolicy() { + this.getName().matches("_WDF_IO_QUEUE_FORWARD_PROGRESS_POLICY") + } +} + +class KmdfWDFIoTargetOpenParams extends KmdfStruct { + KmdfWDFIoTargetOpenParams() { this.getName().matches("_WDF_IO_TARGET_OPEN_PARAMS") } +} + +class KmdfWDFMEMORYOffset extends KmdfStruct { + KmdfWDFMEMORYOffset() { this.getName().matches("_WDFMEMORY_OFFSET") } +} + +class KmdfWDFMemoryDescriptor extends KmdfStruct { + KmdfWDFMemoryDescriptor() { this.getName().matches("_WDF_MEMORY_DESCRIPTOR") } +} + +class KmdfWDFObjectAttributes extends KmdfStruct { + KmdfWDFObjectAttributes() { this.getName().matches("_WDF_OBJECT_ATTRIBUTES") } +} + +class KmdfWDFObjectContextTypeInfo extends KmdfStruct { + KmdfWDFObjectContextTypeInfo() { this.getName().matches("_WDF_OBJECT_CONTEXT_TYPE_INFO") } +} + +class KmdfWDFCustomTypeContext extends KmdfStruct { + KmdfWDFCustomTypeContext() { this.getName().matches("_WDF_CUSTOM_TYPE_CONTEXT") } +} + +class KmdfWDFPdoEventCallbacks extends KmdfStruct { + KmdfWDFPdoEventCallbacks() { this.getName().matches("_WDF_PDO_EVENT_CALLBACKS") } +} + +class KmdfWDFQueryInterfaceConfig extends KmdfStruct { + KmdfWDFQueryInterfaceConfig() { this.getName().matches("_WDF_QUERY_INTERFACE_CONFIG") } +} + +class KmdfWDFRequestParameters extends KmdfStruct { + KmdfWDFRequestParameters() { this.getName().matches("_WDF_REQUEST_PARAMETERS") } +} + +class KmdfWDFRequestCompletionParams extends KmdfStruct { + KmdfWDFRequestCompletionParams() { this.getName().matches("_WDF_REQUEST_COMPLETION_PARAMS") } +} + +class KmdfWDFRequestReuseParams extends KmdfStruct { + KmdfWDFRequestReuseParams() { this.getName().matches("_WDF_REQUEST_REUSE_PARAMS") } +} + +class KmdfWDFRequestSendOptions extends KmdfStruct { + KmdfWDFRequestSendOptions() { this.getName().matches("_WDF_REQUEST_SEND_OPTIONS") } +} + +class KmdfWDFRequestForwardOptions extends KmdfStruct { + KmdfWDFRequestForwardOptions() { this.getName().matches("_WDF_REQUEST_FORWARD_OPTIONS") } +} + +class KmdfWDFTimerConfig extends KmdfStruct { + KmdfWDFTimerConfig() { this.getName().matches("_WDF_TIMER_CONFIG") } +} + +class KmdfWDFUsbRequestCompletionParams extends KmdfStruct { + KmdfWDFUsbRequestCompletionParams() { + this.getName().matches("_WDF_USB_REQUEST_COMPLETION_PARAMS") + } +} + +class KmdfWDFUsbContinuousReaderConfig extends KmdfStruct { + KmdfWDFUsbContinuousReaderConfig() { this.getName().matches("_WDF_USB_CONTINUOUS_READER_CONFIG") } +} + +class KmdfWDFUsbDeviceInformation extends KmdfStruct { + KmdfWDFUsbDeviceInformation() { this.getName().matches("_WDF_USB_DEVICE_INFORMATION") } +} + +class KmdfWDFUsbInterfaceSettingPair extends KmdfStruct { + KmdfWDFUsbInterfaceSettingPair() { this.getName().matches("_WDF_USB_INTERFACE_SETTING_PAIR") } +} + +class KmdfWDFUsbDeviceSelectConfigParams extends KmdfStruct { + KmdfWDFUsbDeviceSelectConfigParams() { + this.getName().matches("_WDF_USB_DEVICE_SELECT_CONFIG_PARAMS") + } +} + +class KmdfWDFUsbInterfaceSelectSettingParams extends KmdfStruct { + KmdfWDFUsbInterfaceSelectSettingParams() { + this.getName().matches("_WDF_USB_INTERFACE_SELECT_SETTING_PARAMS") + } +} + +class KmdfWDFUsbPipeInformation extends KmdfStruct { + KmdfWDFUsbPipeInformation() { this.getName().matches("_WDF_USB_PIPE_INFORMATION") } +} + +class KmdfWDFUsbDeviceCreateConfig extends KmdfStruct { + KmdfWDFUsbDeviceCreateConfig() { this.getName().matches("_WDF_USB_DEVICE_CREATE_CONFIG") } +} + +class KmdfWDFWmiProviderConfig extends KmdfStruct { + KmdfWDFWmiProviderConfig() { this.getName().matches("_WDF_WMI_PROVIDER_CONFIG") } +} + +class KmdfWDFWmiInstanceConfig extends KmdfStruct { + KmdfWDFWmiInstanceConfig() { this.getName().matches("_WDF_WMI_INSTANCE_CONFIG") } +} + +class KmdfWDFWorkitemConfig extends KmdfStruct { + KmdfWDFWorkitemConfig() { this.getName().matches("_WDF_WORKITEM_CONFIG") } +} diff --git a/src/drivers/kmdf/queries/FloatSafeExit/FloatSafeExit.qhelp b/src/qlpack/src/drivers/kmdf/queries/FloatSafeExit/FloatSafeExit.qhelp similarity index 100% rename from src/drivers/kmdf/queries/FloatSafeExit/FloatSafeExit.qhelp rename to src/qlpack/src/drivers/kmdf/queries/FloatSafeExit/FloatSafeExit.qhelp diff --git a/src/drivers/kmdf/queries/FloatSafeExit/FloatSafeExit.ql b/src/qlpack/src/drivers/kmdf/queries/FloatSafeExit/FloatSafeExit.ql similarity index 100% rename from src/drivers/kmdf/queries/FloatSafeExit/FloatSafeExit.ql rename to src/qlpack/src/drivers/kmdf/queries/FloatSafeExit/FloatSafeExit.ql diff --git a/src/drivers/kmdf/queries/FloatSafeExit/FloatSafeExit.sarif b/src/qlpack/src/drivers/kmdf/queries/FloatSafeExit/FloatSafeExit.sarif similarity index 100% rename from src/drivers/kmdf/queries/FloatSafeExit/FloatSafeExit.sarif rename to src/qlpack/src/drivers/kmdf/queries/FloatSafeExit/FloatSafeExit.sarif diff --git a/src/drivers/kmdf/queries/FloatSafeExit/driver_snippet.c b/src/qlpack/src/drivers/kmdf/queries/FloatSafeExit/driver_snippet.c similarity index 100% rename from src/drivers/kmdf/queries/FloatSafeExit/driver_snippet.c rename to src/qlpack/src/drivers/kmdf/queries/FloatSafeExit/driver_snippet.c diff --git a/src/drivers/kmdf/queries/FloatUnsafeExit/FloatUnsafeExit.qhelp b/src/qlpack/src/drivers/kmdf/queries/FloatUnsafeExit/FloatUnsafeExit.qhelp similarity index 100% rename from src/drivers/kmdf/queries/FloatUnsafeExit/FloatUnsafeExit.qhelp rename to src/qlpack/src/drivers/kmdf/queries/FloatUnsafeExit/FloatUnsafeExit.qhelp diff --git a/src/drivers/kmdf/queries/FloatUnsafeExit/FloatUnsafeExit.ql b/src/qlpack/src/drivers/kmdf/queries/FloatUnsafeExit/FloatUnsafeExit.ql similarity index 100% rename from src/drivers/kmdf/queries/FloatUnsafeExit/FloatUnsafeExit.ql rename to src/qlpack/src/drivers/kmdf/queries/FloatUnsafeExit/FloatUnsafeExit.ql diff --git a/src/drivers/kmdf/queries/FloatUnsafeExit/FloatUnsafeExit.sarif b/src/qlpack/src/drivers/kmdf/queries/FloatUnsafeExit/FloatUnsafeExit.sarif similarity index 100% rename from src/drivers/kmdf/queries/FloatUnsafeExit/FloatUnsafeExit.sarif rename to src/qlpack/src/drivers/kmdf/queries/FloatUnsafeExit/FloatUnsafeExit.sarif diff --git a/src/drivers/kmdf/queries/FloatUnsafeExit/driver_snippet.c b/src/qlpack/src/drivers/kmdf/queries/FloatUnsafeExit/driver_snippet.c similarity index 100% rename from src/drivers/kmdf/queries/FloatUnsafeExit/driver_snippet.c rename to src/qlpack/src/drivers/kmdf/queries/FloatUnsafeExit/driver_snippet.c diff --git a/src/drivers/kmdf/queries/experimental/DeviceInitApi/DeviceInitApi.ql b/src/qlpack/src/drivers/kmdf/queries/experimental/DeviceInitApi/DeviceInitApi.ql similarity index 100% rename from src/drivers/kmdf/queries/experimental/DeviceInitApi/DeviceInitApi.ql rename to src/qlpack/src/drivers/kmdf/queries/experimental/DeviceInitApi/DeviceInitApi.ql diff --git a/src/drivers/kmdf/queries/experimental/DeviceInitApi/DeviceInitApi.sarif b/src/qlpack/src/drivers/kmdf/queries/experimental/DeviceInitApi/DeviceInitApi.sarif similarity index 100% rename from src/drivers/kmdf/queries/experimental/DeviceInitApi/DeviceInitApi.sarif rename to src/qlpack/src/drivers/kmdf/queries/experimental/DeviceInitApi/DeviceInitApi.sarif diff --git a/src/drivers/kmdf/queries/experimental/DeviceInitApi/__test_device_init_api.c b/src/qlpack/src/drivers/kmdf/queries/experimental/DeviceInitApi/__test_device_init_api.c similarity index 100% rename from src/drivers/kmdf/queries/experimental/DeviceInitApi/__test_device_init_api.c rename to src/qlpack/src/drivers/kmdf/queries/experimental/DeviceInitApi/__test_device_init_api.c diff --git a/src/drivers/kmdf/queries/experimental/DeviceInitApi/driver_snippet.c b/src/qlpack/src/drivers/kmdf/queries/experimental/DeviceInitApi/driver_snippet.c similarity index 100% rename from src/drivers/kmdf/queries/experimental/DeviceInitApi/driver_snippet.c rename to src/qlpack/src/drivers/kmdf/queries/experimental/DeviceInitApi/driver_snippet.c diff --git a/src/drivers/kmdf/queries/wfp/ConnectRedirectHandleCreation/ConnectRedirectHandleCreation.qlhelp b/src/qlpack/src/drivers/kmdf/queries/wfp/ConnectRedirectHandleCreation/ConnectRedirectHandleCreation.qlhelp similarity index 100% rename from src/drivers/kmdf/queries/wfp/ConnectRedirectHandleCreation/ConnectRedirectHandleCreation.qlhelp rename to src/qlpack/src/drivers/kmdf/queries/wfp/ConnectRedirectHandleCreation/ConnectRedirectHandleCreation.qlhelp diff --git a/src/drivers/kmdf/queries/wfp/ConnectRedirectHandleCreation/ConnectRedirectHandleCreation.sarif b/src/qlpack/src/drivers/kmdf/queries/wfp/ConnectRedirectHandleCreation/ConnectRedirectHandleCreation.sarif similarity index 100% rename from src/drivers/kmdf/queries/wfp/ConnectRedirectHandleCreation/ConnectRedirectHandleCreation.sarif rename to src/qlpack/src/drivers/kmdf/queries/wfp/ConnectRedirectHandleCreation/ConnectRedirectHandleCreation.sarif diff --git a/src/drivers/kmdf/queries/wfp/ConnectRedirectHandleCreation/ConnectRedirectMultipleCallsHandleCreation.ql b/src/qlpack/src/drivers/kmdf/queries/wfp/ConnectRedirectHandleCreation/ConnectRedirectMultipleCallsHandleCreation.ql similarity index 100% rename from src/drivers/kmdf/queries/wfp/ConnectRedirectHandleCreation/ConnectRedirectMultipleCallsHandleCreation.ql rename to src/qlpack/src/drivers/kmdf/queries/wfp/ConnectRedirectHandleCreation/ConnectRedirectMultipleCallsHandleCreation.ql diff --git a/src/drivers/kmdf/queries/wfp/ConnectRedirectHandleCreation/driver_snippet.c b/src/qlpack/src/drivers/kmdf/queries/wfp/ConnectRedirectHandleCreation/driver_snippet.c similarity index 100% rename from src/drivers/kmdf/queries/wfp/ConnectRedirectHandleCreation/driver_snippet.c rename to src/qlpack/src/drivers/kmdf/queries/wfp/ConnectRedirectHandleCreation/driver_snippet.c diff --git a/src/drivers/kmdf/queries/wfp/ConnectRedirectPendClassify/ConnectRedirectPendClassify.ql b/src/qlpack/src/drivers/kmdf/queries/wfp/ConnectRedirectPendClassify/ConnectRedirectPendClassify.ql similarity index 100% rename from src/drivers/kmdf/queries/wfp/ConnectRedirectPendClassify/ConnectRedirectPendClassify.ql rename to src/qlpack/src/drivers/kmdf/queries/wfp/ConnectRedirectPendClassify/ConnectRedirectPendClassify.ql diff --git a/src/drivers/kmdf/queries/wfp/ConnectRedirectPendClassify/ConnectRedirectPendClassify.qlhelp b/src/qlpack/src/drivers/kmdf/queries/wfp/ConnectRedirectPendClassify/ConnectRedirectPendClassify.qlhelp similarity index 100% rename from src/drivers/kmdf/queries/wfp/ConnectRedirectPendClassify/ConnectRedirectPendClassify.qlhelp rename to src/qlpack/src/drivers/kmdf/queries/wfp/ConnectRedirectPendClassify/ConnectRedirectPendClassify.qlhelp diff --git a/src/drivers/kmdf/queries/wfp/ConnectRedirectPendClassify/ConnectRedirectPendClassify.sarif b/src/qlpack/src/drivers/kmdf/queries/wfp/ConnectRedirectPendClassify/ConnectRedirectPendClassify.sarif similarity index 100% rename from src/drivers/kmdf/queries/wfp/ConnectRedirectPendClassify/ConnectRedirectPendClassify.sarif rename to src/qlpack/src/drivers/kmdf/queries/wfp/ConnectRedirectPendClassify/ConnectRedirectPendClassify.sarif diff --git a/src/drivers/kmdf/queries/wfp/ConnectRedirectPendClassify/driver_snippet.c b/src/qlpack/src/drivers/kmdf/queries/wfp/ConnectRedirectPendClassify/driver_snippet.c similarity index 100% rename from src/drivers/kmdf/queries/wfp/ConnectRedirectPendClassify/driver_snippet.c rename to src/qlpack/src/drivers/kmdf/queries/wfp/ConnectRedirectPendClassify/driver_snippet.c diff --git a/src/drivers/kmdf/queries/wfp/FlowLayerCalloutReturnsBlock/FlowLayerCalloutReturnsBlock.ql b/src/qlpack/src/drivers/kmdf/queries/wfp/FlowLayerCalloutReturnsBlock/FlowLayerCalloutReturnsBlock.ql similarity index 100% rename from src/drivers/kmdf/queries/wfp/FlowLayerCalloutReturnsBlock/FlowLayerCalloutReturnsBlock.ql rename to src/qlpack/src/drivers/kmdf/queries/wfp/FlowLayerCalloutReturnsBlock/FlowLayerCalloutReturnsBlock.ql diff --git a/src/drivers/kmdf/queries/wfp/FlowLayerCalloutReturnsBlock/FlowLayerCalloutReturnsBlock.qlhelp b/src/qlpack/src/drivers/kmdf/queries/wfp/FlowLayerCalloutReturnsBlock/FlowLayerCalloutReturnsBlock.qlhelp similarity index 100% rename from src/drivers/kmdf/queries/wfp/FlowLayerCalloutReturnsBlock/FlowLayerCalloutReturnsBlock.qlhelp rename to src/qlpack/src/drivers/kmdf/queries/wfp/FlowLayerCalloutReturnsBlock/FlowLayerCalloutReturnsBlock.qlhelp diff --git a/src/drivers/kmdf/queries/wfp/FlowLayerCalloutReturnsBlock/FlowLayerCalloutReturnsBlock.sarif b/src/qlpack/src/drivers/kmdf/queries/wfp/FlowLayerCalloutReturnsBlock/FlowLayerCalloutReturnsBlock.sarif similarity index 100% rename from src/drivers/kmdf/queries/wfp/FlowLayerCalloutReturnsBlock/FlowLayerCalloutReturnsBlock.sarif rename to src/qlpack/src/drivers/kmdf/queries/wfp/FlowLayerCalloutReturnsBlock/FlowLayerCalloutReturnsBlock.sarif diff --git a/src/drivers/kmdf/queries/wfp/FlowLayerCalloutReturnsBlock/driver_snippet.c b/src/qlpack/src/drivers/kmdf/queries/wfp/FlowLayerCalloutReturnsBlock/driver_snippet.c similarity index 100% rename from src/drivers/kmdf/queries/wfp/FlowLayerCalloutReturnsBlock/driver_snippet.c rename to src/qlpack/src/drivers/kmdf/queries/wfp/FlowLayerCalloutReturnsBlock/driver_snippet.c diff --git a/src/drivers/kmdf/queries/wfp/InlineConnectRedirect/InlineConnectRedirectCalloutShouldNotSetReauthorize.ql b/src/qlpack/src/drivers/kmdf/queries/wfp/InlineConnectRedirect/InlineConnectRedirectCalloutShouldNotSetReauthorize.ql similarity index 100% rename from src/drivers/kmdf/queries/wfp/InlineConnectRedirect/InlineConnectRedirectCalloutShouldNotSetReauthorize.ql rename to src/qlpack/src/drivers/kmdf/queries/wfp/InlineConnectRedirect/InlineConnectRedirectCalloutShouldNotSetReauthorize.ql diff --git a/src/drivers/kmdf/queries/wfp/InlineConnectRedirect/InlineConnectRedirectCalloutShouldNotSetReauthorize.qlhelp b/src/qlpack/src/drivers/kmdf/queries/wfp/InlineConnectRedirect/InlineConnectRedirectCalloutShouldNotSetReauthorize.qlhelp similarity index 100% rename from src/drivers/kmdf/queries/wfp/InlineConnectRedirect/InlineConnectRedirectCalloutShouldNotSetReauthorize.qlhelp rename to src/qlpack/src/drivers/kmdf/queries/wfp/InlineConnectRedirect/InlineConnectRedirectCalloutShouldNotSetReauthorize.qlhelp diff --git a/src/drivers/kmdf/queries/wfp/InlineConnectRedirect/InlineConnectRedirectCalloutShouldNotSetReauthorize.sarif b/src/qlpack/src/drivers/kmdf/queries/wfp/InlineConnectRedirect/InlineConnectRedirectCalloutShouldNotSetReauthorize.sarif similarity index 100% rename from src/drivers/kmdf/queries/wfp/InlineConnectRedirect/InlineConnectRedirectCalloutShouldNotSetReauthorize.sarif rename to src/qlpack/src/drivers/kmdf/queries/wfp/InlineConnectRedirect/InlineConnectRedirectCalloutShouldNotSetReauthorize.sarif diff --git a/src/drivers/kmdf/queries/wfp/InlineConnectRedirect/driver_snippet.c b/src/qlpack/src/drivers/kmdf/queries/wfp/InlineConnectRedirect/driver_snippet.c similarity index 100% rename from src/drivers/kmdf/queries/wfp/InlineConnectRedirect/driver_snippet.c rename to src/qlpack/src/drivers/kmdf/queries/wfp/InlineConnectRedirect/driver_snippet.c diff --git a/src/drivers/kmdf/queries/wfp/OobStreamInjection/OobStreamInjectionReturnsBlock.ql b/src/qlpack/src/drivers/kmdf/queries/wfp/OobStreamInjection/OobStreamInjectionReturnsBlock.ql similarity index 100% rename from src/drivers/kmdf/queries/wfp/OobStreamInjection/OobStreamInjectionReturnsBlock.ql rename to src/qlpack/src/drivers/kmdf/queries/wfp/OobStreamInjection/OobStreamInjectionReturnsBlock.ql diff --git a/src/drivers/kmdf/queries/wfp/OobStreamInjection/OobStreamInjectionReturnsBlock.qlhelp b/src/qlpack/src/drivers/kmdf/queries/wfp/OobStreamInjection/OobStreamInjectionReturnsBlock.qlhelp similarity index 100% rename from src/drivers/kmdf/queries/wfp/OobStreamInjection/OobStreamInjectionReturnsBlock.qlhelp rename to src/qlpack/src/drivers/kmdf/queries/wfp/OobStreamInjection/OobStreamInjectionReturnsBlock.qlhelp diff --git a/src/drivers/kmdf/queries/wfp/OobStreamInjection/OobStreamInjectionReturnsBlock.sarif b/src/qlpack/src/drivers/kmdf/queries/wfp/OobStreamInjection/OobStreamInjectionReturnsBlock.sarif similarity index 100% rename from src/drivers/kmdf/queries/wfp/OobStreamInjection/OobStreamInjectionReturnsBlock.sarif rename to src/qlpack/src/drivers/kmdf/queries/wfp/OobStreamInjection/OobStreamInjectionReturnsBlock.sarif diff --git a/src/drivers/kmdf/queries/wfp/OobStreamInjection/driver_snippet.c b/src/qlpack/src/drivers/kmdf/queries/wfp/OobStreamInjection/driver_snippet.c similarity index 100% rename from src/drivers/kmdf/queries/wfp/OobStreamInjection/driver_snippet.c rename to src/qlpack/src/drivers/kmdf/queries/wfp/OobStreamInjection/driver_snippet.c diff --git a/src/drivers/kmdf/queries/wfp/StreamCalloutsSetActionType/StreamCalloutSetActionType.qlhelp b/src/qlpack/src/drivers/kmdf/queries/wfp/StreamCalloutsSetActionType/StreamCalloutSetActionType.qlhelp similarity index 100% rename from src/drivers/kmdf/queries/wfp/StreamCalloutsSetActionType/StreamCalloutSetActionType.qlhelp rename to src/qlpack/src/drivers/kmdf/queries/wfp/StreamCalloutsSetActionType/StreamCalloutSetActionType.qlhelp diff --git a/src/drivers/kmdf/queries/wfp/StreamCalloutsSetActionType/StreamCalloutSetActionType.sarif b/src/qlpack/src/drivers/kmdf/queries/wfp/StreamCalloutsSetActionType/StreamCalloutSetActionType.sarif similarity index 100% rename from src/drivers/kmdf/queries/wfp/StreamCalloutsSetActionType/StreamCalloutSetActionType.sarif rename to src/qlpack/src/drivers/kmdf/queries/wfp/StreamCalloutsSetActionType/StreamCalloutSetActionType.sarif diff --git a/src/drivers/kmdf/queries/wfp/StreamCalloutsSetActionType/StreamCalloutsSetActionType.ql b/src/qlpack/src/drivers/kmdf/queries/wfp/StreamCalloutsSetActionType/StreamCalloutsSetActionType.ql similarity index 100% rename from src/drivers/kmdf/queries/wfp/StreamCalloutsSetActionType/StreamCalloutsSetActionType.ql rename to src/qlpack/src/drivers/kmdf/queries/wfp/StreamCalloutsSetActionType/StreamCalloutsSetActionType.ql diff --git a/src/drivers/kmdf/queries/wfp/StreamCalloutsSetActionType/driver_snippet.c b/src/qlpack/src/drivers/kmdf/queries/wfp/StreamCalloutsSetActionType/driver_snippet.c similarity index 100% rename from src/drivers/kmdf/queries/wfp/StreamCalloutsSetActionType/driver_snippet.c rename to src/qlpack/src/drivers/kmdf/queries/wfp/StreamCalloutsSetActionType/driver_snippet.c diff --git a/src/drivers/kmdf/queries/wfp/StreamInspectionCallViolation/StreamInspectionFunctionCallViolation.ql b/src/qlpack/src/drivers/kmdf/queries/wfp/StreamInspectionCallViolation/StreamInspectionFunctionCallViolation.ql similarity index 100% rename from src/drivers/kmdf/queries/wfp/StreamInspectionCallViolation/StreamInspectionFunctionCallViolation.ql rename to src/qlpack/src/drivers/kmdf/queries/wfp/StreamInspectionCallViolation/StreamInspectionFunctionCallViolation.ql diff --git a/src/drivers/kmdf/queries/wfp/StreamInspectionCallViolation/StreamInspectionFunctionCallViolation.qlhelp b/src/qlpack/src/drivers/kmdf/queries/wfp/StreamInspectionCallViolation/StreamInspectionFunctionCallViolation.qlhelp similarity index 100% rename from src/drivers/kmdf/queries/wfp/StreamInspectionCallViolation/StreamInspectionFunctionCallViolation.qlhelp rename to src/qlpack/src/drivers/kmdf/queries/wfp/StreamInspectionCallViolation/StreamInspectionFunctionCallViolation.qlhelp diff --git a/src/drivers/kmdf/queries/wfp/StreamInspectionCallViolation/StreamInspectionFunctionCallViolation.sarif b/src/qlpack/src/drivers/kmdf/queries/wfp/StreamInspectionCallViolation/StreamInspectionFunctionCallViolation.sarif similarity index 100% rename from src/drivers/kmdf/queries/wfp/StreamInspectionCallViolation/StreamInspectionFunctionCallViolation.sarif rename to src/qlpack/src/drivers/kmdf/queries/wfp/StreamInspectionCallViolation/StreamInspectionFunctionCallViolation.sarif diff --git a/src/drivers/kmdf/queries/wfp/StreamInspectionCallViolation/driver_snippet.c b/src/qlpack/src/drivers/kmdf/queries/wfp/StreamInspectionCallViolation/driver_snippet.c similarity index 100% rename from src/drivers/kmdf/queries/wfp/StreamInspectionCallViolation/driver_snippet.c rename to src/qlpack/src/drivers/kmdf/queries/wfp/StreamInspectionCallViolation/driver_snippet.c diff --git a/src/drivers/kmdf/queries/wfp/TransportLayerCannotInjectCloneDuringClassify/TransportLayerCannotInjectCloneDuringClassify.ql b/src/qlpack/src/drivers/kmdf/queries/wfp/TransportLayerCannotInjectCloneDuringClassify/TransportLayerCannotInjectCloneDuringClassify.ql similarity index 100% rename from src/drivers/kmdf/queries/wfp/TransportLayerCannotInjectCloneDuringClassify/TransportLayerCannotInjectCloneDuringClassify.ql rename to src/qlpack/src/drivers/kmdf/queries/wfp/TransportLayerCannotInjectCloneDuringClassify/TransportLayerCannotInjectCloneDuringClassify.ql diff --git a/src/drivers/kmdf/queries/wfp/TransportLayerCannotInjectCloneDuringClassify/TransportLayerCannotInjectCloneDuringClassify.qlhelp b/src/qlpack/src/drivers/kmdf/queries/wfp/TransportLayerCannotInjectCloneDuringClassify/TransportLayerCannotInjectCloneDuringClassify.qlhelp similarity index 100% rename from src/drivers/kmdf/queries/wfp/TransportLayerCannotInjectCloneDuringClassify/TransportLayerCannotInjectCloneDuringClassify.qlhelp rename to src/qlpack/src/drivers/kmdf/queries/wfp/TransportLayerCannotInjectCloneDuringClassify/TransportLayerCannotInjectCloneDuringClassify.qlhelp diff --git a/src/drivers/kmdf/queries/wfp/TransportLayerCannotInjectCloneDuringClassify/TransportLayerCannotInjectCloneDuringclassify.sarif b/src/qlpack/src/drivers/kmdf/queries/wfp/TransportLayerCannotInjectCloneDuringClassify/TransportLayerCannotInjectCloneDuringclassify.sarif similarity index 100% rename from src/drivers/kmdf/queries/wfp/TransportLayerCannotInjectCloneDuringClassify/TransportLayerCannotInjectCloneDuringclassify.sarif rename to src/qlpack/src/drivers/kmdf/queries/wfp/TransportLayerCannotInjectCloneDuringClassify/TransportLayerCannotInjectCloneDuringclassify.sarif diff --git a/src/drivers/kmdf/queries/wfp/TransportLayerCannotInjectCloneDuringClassify/driver_snippet.c b/src/qlpack/src/drivers/kmdf/queries/wfp/TransportLayerCannotInjectCloneDuringClassify/driver_snippet.c similarity index 100% rename from src/drivers/kmdf/queries/wfp/TransportLayerCannotInjectCloneDuringClassify/driver_snippet.c rename to src/qlpack/src/drivers/kmdf/queries/wfp/TransportLayerCannotInjectCloneDuringClassify/driver_snippet.c diff --git a/src/drivers/libraries/DriverIsolation.qll b/src/qlpack/src/drivers/libraries/DriverIsolation.qll similarity index 100% rename from src/drivers/libraries/DriverIsolation.qll rename to src/qlpack/src/drivers/libraries/DriverIsolation.qll diff --git a/src/drivers/libraries/Irql.qll b/src/qlpack/src/drivers/libraries/Irql.qll similarity index 97% rename from src/drivers/libraries/Irql.qll rename to src/qlpack/src/drivers/libraries/Irql.qll index 19907787..45b3e630 100644 --- a/src/drivers/libraries/Irql.qll +++ b/src/qlpack/src/drivers/libraries/Irql.qll @@ -1,886 +1,886 @@ -// Copyright (c) Microsoft Corporation. -// Licensed under the MIT license. -/** - * Provides classes related to calculating and estimating the IRQL in a Windows device driver. - * - * For best results, this library expects to be used in tandem with IRQL annotations. A limited - * amount of functionality is still present even when no annotations are present, primarily around - * measuring direct calls to KeRaiseIrql and KeLowerIrql. - * - * Much of this library's analysis is intraprocedural or limited interprocedural, using a simple - * analysis based on call sites to a given function. Full interprocedural analysis that relies on the - * implicit behaviors of the WDM driver model, etc. is not yet supported. - */ - - import cpp - import drivers.libraries.SAL - import drivers.wdm.libraries.WdmDrivers - import drivers.libraries.IrqlDataFlow - import drivers.libraries.Page - import drivers.libraries.RoleTypes - - - - - /** - * A macro in wdm.h that represents an IRQL level, - * such as PASSIVE_LEVEL, DISPATCH_LEVEL, etc. - */ - - class IrqlMacro extends Macro { - int irqlLevelAsInt; - - - IrqlMacro() { - this.getName().matches("%_LEVEL") and - this.getFile().getBaseName() = "wdm.h" and - this.getBody().toInt() = irqlLevelAsInt and - irqlLevelAsInt >= 0 and - irqlLevelAsInt <= 31 - } - - /** Returns the integer value of this IRQL level. */ - - int getIrqlLevel() { result = irqlLevelAsInt } - } - - /** - * Returns the highest IRQL in wdm.h across this database. - * May cause incorrect results if database contains both 32-bit - * and 64-bit builds. - */ - - int getGlobalMaxIrqlLevel() { - result = - any(int i | - exists(IrqlMacro im | - i = im.getIrqlLevel() and - not exists(IrqlMacro im2 | im2 != im and im2.getIrqlLevel() > im.getIrqlLevel()) - ) - ) - } - - /** - * Represents a real (not -1) Irql level, between 0 and the max for the architecture this - * database was built to target. - */ - class IrqlValue extends int { - IrqlValue() { this = [0 .. getGlobalMaxIrqlLevel()] } - } - - /** An \_IRQL\_saves\_global\_(parameter, kind) annotation. */ - - class IrqlSavesGlobalAnnotation extends SALAnnotation { - MacroInvocation irqlMacroInvocation; - - - IrqlSavesGlobalAnnotation() { - // Needs to include other function and parameter annotations too - this.getMacroName() = ["__drv_savesIRQLGlobal", "_IRQL_saves_global_"] and - irqlMacroInvocation.getParentInvocation() = this - } - } - - /** An \_IRQL\_restores\_global\_(parameter, kind) annotation. */ - - class IrqlRestoresGlobalAnnotation extends SALAnnotation { - MacroInvocation irqlMacroInvocation; - - - IrqlRestoresGlobalAnnotation() { - // Needs to include other function and parameter annotations too - this.getMacroName() = ["__drv_restoresIRQLGlobal", "_IRQL_restores_global_"] and - irqlMacroInvocation.getParentInvocation() = this - } - } - - /** - * Standard IRQL annotations which apply to entire functions and manipulate or constrain the IRQL. - */ - - class IrqlFunctionAnnotation extends SALAnnotation { - string irqlLevel; - string irqlAnnotationName; - string innerAnnotationName; - string fullInnerAnnotationString; - - - IrqlFunctionAnnotation() { - ( - this.getMacroName() = - [ - "__drv_requiresIRQL", "_IRQL_requires_", "_drv_minIRQL", "_IRQL_requires_min_", - "_drv_maxIRQL", "_IRQL_requires_max_", "__drv_raisesIRQL", "_IRQL_raises_", - "__drv_maxFunctionIRQL", "_IRQL_always_function_max_", "__drv_minFunctionIRQL", - "_IRQL_always_function_min_" - ] and - irqlLevel = this.getUnexpandedArgument(0) and - innerAnnotationName = this.getMacroName() and - fullInnerAnnotationString = this.getMacroName() + "(" + irqlLevel + ")" - or - // Special case: _IRQL_saves_ annotations can apply to a whole function, - // but do not have an associated IRQL value. - this.getMacroName() = ["__drv_savesIRQL", "_IRQL_saves_"] and - irqlLevel = "NA_IRQL_SAVES" and - innerAnnotationName = this.getMacroName() and - fullInnerAnnotationString = this.getMacroName() + "(" + irqlLevel + ")" - or - // // Conditional IRQL annotations within a _When_ annotation - this.getMacroName() = ["_When_"] and - fullInnerAnnotationString = this.getUnexpandedArgument(1).toString() and - ( - fullInnerAnnotationString.matches("__drv_requiresIRQL%") and - innerAnnotationName = "__drv_requiresIRQL" - or - fullInnerAnnotationString.matches("_IRQL_requires_%") and - innerAnnotationName = "_IRQL_requires_" - or - fullInnerAnnotationString.matches("_drv_minIRQL%") and - innerAnnotationName = "_drv_minIRQL" - or - fullInnerAnnotationString.matches("_drv_maxIRQL%") and - innerAnnotationName = "_drv_maxIRQL" - or - fullInnerAnnotationString.matches("_IRQL_requires_max_%") and - innerAnnotationName = "_IRQL_requires_max_" - or - fullInnerAnnotationString.matches("_IRQL_raises_%") and - innerAnnotationName = "_IRQL_raises_" - or - fullInnerAnnotationString.matches("__drv_maxFunctionIRQL%") and - innerAnnotationName = "__drv_maxFunctionIRQL" - or - fullInnerAnnotationString.matches("_IRQL_always_function_max_%") and - innerAnnotationName = "_IRQL_always_function_max_" - or - fullInnerAnnotationString.matches("__drv_minFunctionIRQL%") and - innerAnnotationName = "__drv_minFunctionIRQL" - or - fullInnerAnnotationString.matches("_IRQL_always_function_min_%") and - innerAnnotationName = "_IRQL_always_function_min_" - ) and - irqlLevel = - fullInnerAnnotationString - .substring(fullInnerAnnotationString.indexOf(innerAnnotationName + "(") + 1 + - innerAnnotationName.length(), - fullInnerAnnotationString - .indexOf(")", 0, - fullInnerAnnotationString.indexOf(innerAnnotationName + "(") + 1 + - innerAnnotationName.length())) - ) and - irqlAnnotationName = this.getMacroName() - } - - /** Returns the text of this annotation (i.e. \_IRQL\_requires\_, etc.) */ - - string getIrqlMacroName() { - if this.getMacroName() = ["_When_"] - then result = innerAnnotationName - else result = irqlAnnotationName - } - - - string getIrqlLevelString() { result = irqlLevel } - - /** - * Evaluate the IRQL specified in this annotation, if possible. - * - * This will return -1 if the IRQL specified is anything other than a standard - * IRQL level (i.e. PASSIVE_LEVEL). This includes statements like "DPC_LEVEL - 1". - */ - - int getIrqlLevel() { - // Special case for DPC_LEVEL, which is not defined normally - if this.getIrqlLevelString() = "DPC_LEVEL" - then result = 2 - else - if exists(IrqlMacro im | im.getHead().matches(this.getIrqlLevelString())) - then - result = - any(int i | - exists(IrqlMacro im | - im.getIrqlLevel() = i and - im.getHead().matches(this.getIrqlLevelString()) - ) - ) - else - if exists(int i | i = this.getIrqlLevelString().toInt()) - then result = this.getIrqlLevelString().toInt() - else result = -1 - } - } - - /** Represents an "\_IRQL\_requires\_same\_" annotation. */ - class IrqlSameAnnotation extends SALAnnotation { - string irqlAnnotationName; - - IrqlSameAnnotation() { - this.getMacroName() = ["__drv_sameIRQL", "_IRQL_requires_same_"] and - irqlAnnotationName = this.getMacroName() - } - - string getIrqlMacroName() { result = irqlAnnotationName } - } - - /** An "\_IRQL\_requires\_max\_" annotation. */ - class IrqlMaxAnnotation extends IrqlFunctionAnnotation { - IrqlMaxAnnotation() { this.getIrqlMacroName() = ["_drv_maxIRQL", "_IRQL_requires_max_"] } - } - - /** An "\_IRQL\_raises\_" annotation. */ - class IrqlRaisesAnnotation extends IrqlFunctionAnnotation { - IrqlRaisesAnnotation() { this.getIrqlMacroName() = ["__drv_raisesIRQL", "_IRQL_raises_"] } - } - - /** An "\_IRQL\_requires\_min\_" annotation. */ - class IrqlMinAnnotation extends IrqlFunctionAnnotation { - IrqlMinAnnotation() { this.getIrqlMacroName() = ["_drv_minIRQL", "_IRQL_requires_min_"] } - } - - /** An "\_IRQL\_requires\_" annotation. */ - class IrqlRequiresAnnotation extends IrqlFunctionAnnotation { - IrqlRequiresAnnotation() { this.getIrqlMacroName() = ["__drv_requiresIRQL", "_IRQL_requires_"] } - } - - /** An "\_IRQL\_always\_function\_max\_" annotation. */ - class IrqlAlwaysMaxAnnotation extends IrqlFunctionAnnotation { - IrqlAlwaysMaxAnnotation() { - this.getIrqlMacroName() = ["__drv_maxFunctionIRQL", "_IRQL_always_function_max_"] - } - } - - /** An "\_IRQL\_always\_function\_min\_" annotation. */ - class IrqlAlwaysMinAnnotation extends IrqlFunctionAnnotation { - IrqlAlwaysMinAnnotation() { - this.getIrqlMacroName() = ["__drv_minFunctionIRQL", "_IRQL_always_function_min_"] - } - } - - /** - * A SAL annotation indicating that the parameter in - * question is used to store or restore the IRQL. - */ - class IrqlParameterAnnotation extends SALAnnotation { - string irqlAnnotationName; - - IrqlParameterAnnotation() { - this.getMacroName() = - ["__drv_restoresIRQL", "_IRQL_restores_", "__drv_savesIRQL", "_IRQL_saves_"] and - irqlAnnotationName = this.getMacroName() and - exists(MacroInvocation mi | mi.getParentInvocation() = this) - } - - /** Get the text of the annotation. */ - string getIrqlMacroName() { result = irqlAnnotationName } - } - - /** - * A SAL annotation indicating that the parameter in - * question contains an IRQL value that the system will be set to. - */ - class IrqlRestoreAnnotation extends IrqlParameterAnnotation { - IrqlRestoreAnnotation() { this.getMacroName() = ["__drv_restoresIRQL", "_IRQL_restores_"] } - } - - /** - * A SAL annotation indicating that can be used in two ways: - * - If applied to a function, the function returns the previous IRQL or otherwise saves the IRQL. - * - If applied to a parameter, the function saves the IRQL to the parameter. - */ - class IrqlSaveAnnotation extends IrqlFunctionAnnotation { - IrqlSaveAnnotation() { this.getIrqlMacroName() = ["__drv_savesIRQL", "_IRQL_saves_"] } - } - - /** A parameter that is annotated with "\_IRQL\_restores\_". */ - class IrqlRestoreParameter extends Parameter { - IrqlRestoreParameter() { exists(IrqlRestoreAnnotation ira | ira.getDeclaration() = this) } - } - - /** A parameter that is annotated with "\_IRQL\_saves\_". */ - class IrqlSaveParameter extends Parameter { - IrqlSaveParameter() { exists(IrqlSaveAnnotation isa | isa.getDeclaration() = this) } - } - - /** A typedef that has IRQL annotations applied to it. */ - class IrqlAnnotatedTypedef extends TypedefType { - IrqlFunctionAnnotation irqlAnnotation; - - IrqlAnnotatedTypedef() { irqlAnnotation.getTypedefDeclarations() = this } - - IrqlFunctionAnnotation getIrqlAnnotation() { result = irqlAnnotation } - } - - /** - * A function that is annotated in such a way that - * either its entry or exit IRQL is restricted, either by having a min/max value, - * a required value, or by raising the IRQL to a known value. - */ - - class IrqlRestrictsFunction extends Function { - IrqlFunctionAnnotation irqlAnnotation; - - - IrqlRestrictsFunction() { - exists(FunctionDeclarationEntry fde | - fde = this.getADeclarationEntry() and - irqlAnnotation.getDeclarationEntry() = fde - ) - or - exists(FunctionDeclarationEntry fde | - fde.getFunction() = this and - fde.getTypedefType().(IrqlAnnotatedTypedef).getIrqlAnnotation() = irqlAnnotation - ) - or - exists(ImplicitRoleTypeFunction irtf | - irtf = this and - irtf.getExpectedRoleTypeType().(IrqlAnnotatedTypedef).getIrqlAnnotation() = irqlAnnotation - ) - } - - - IrqlFunctionAnnotation getFuncIrqlAnnotation() { result = irqlAnnotation } - } - - /** A function that changes the IRQL. */ - abstract class IrqlChangesFunction extends Function { } - - /** A function that is explicitly annotated to enter and exit at the same IRQL. */ - class IrqlRequiresSameAnnotatedFunction extends Function { - IrqlSameAnnotation irqlAnnotation; - - IrqlRequiresSameAnnotatedFunction() { - exists(FunctionDeclarationEntry fde | - fde = this.getADeclarationEntry() and - irqlAnnotation.getDeclarationEntry() = fde - ) - } - } - - /** A function that is annotated to run at a specific IRQL. */ - class IrqlRequiresAnnotatedFunction extends IrqlRestrictsFunction { - IrqlRequiresAnnotatedFunction() { irqlAnnotation instanceof IrqlRequiresAnnotation } - - int getIrqlLevel() { result = irqlAnnotation.(IrqlRequiresAnnotation).getIrqlLevel() } - } - - /** A function that is annotated to enter at or below a given IRQL. */ - class IrqlMaxAnnotatedFunction extends IrqlRestrictsFunction { - IrqlMaxAnnotatedFunction() { irqlAnnotation instanceof IrqlMaxAnnotation } - - int getIrqlLevel() { result = irqlAnnotation.(IrqlMaxAnnotation).getIrqlLevel() } - } - - /** A function that is annotated to enter at or above a given IRQL. */ - class IrqlMinAnnotatedFunction extends IrqlRestrictsFunction { - IrqlMinAnnotatedFunction() { irqlAnnotation instanceof IrqlMinAnnotation } - - int getIrqlLevel() { result = irqlAnnotation.(IrqlMinAnnotation).getIrqlLevel() } - } - - /** A function that is annotated to raise the IRQL to a given value. */ - class IrqlRaisesAnnotatedFunction extends IrqlRestrictsFunction, IrqlChangesFunction { - IrqlRaisesAnnotatedFunction() { irqlAnnotation instanceof IrqlRaisesAnnotation } - - int getIrqlLevel() { result = irqlAnnotation.(IrqlRaisesAnnotation).getIrqlLevel() } - } - - /** A function that is never allowed to run with the IRQL above a given value. */ - class IrqlAlwaysMaxFunction extends IrqlRestrictsFunction { - IrqlAlwaysMaxFunction() { irqlAnnotation instanceof IrqlAlwaysMaxAnnotation } - - int getIrqlLevel() { result = irqlAnnotation.(IrqlAlwaysMaxAnnotation).getIrqlLevel() } - } - - /** A function that is never allowed to run with the IRQL above a given value. */ - class IrqlAlwaysMinFunction extends IrqlRestrictsFunction { - IrqlAlwaysMinFunction() { irqlAnnotation instanceof IrqlAlwaysMinAnnotation } - - int getIrqlLevel() { result = irqlAnnotation.(IrqlAlwaysMinAnnotation).getIrqlLevel() } - } - - /** A function annotated to save the IRQL at the specified location upon entry. */ - class IrqlSavesGlobalAnnotatedFunction extends IrqlChangesFunction { - IrqlSavesGlobalAnnotation irqlAnnotation; - string irqlKind; - int irqlParamIndex; - - IrqlSavesGlobalAnnotatedFunction() { - exists(FunctionDeclarationEntry fde | - fde = this.getADeclarationEntry() and - irqlAnnotation.getDeclarationEntry() = fde - ) and - irqlKind = irqlAnnotation.getExpandedArgument(0) and - this.getParameter(irqlParamIndex).getName().matches(irqlAnnotation.getExpandedArgument(1)) - } - - string getIrqlKind() { result = irqlKind } - - int getIrqlParameterSlot() { result = irqlParamIndex } - } - - /** A function annotated to restore the IRQL from the specified location upon exit. */ - class IrqlRestoresGlobalAnnotatedFunction extends IrqlChangesFunction { - IrqlRestoresGlobalAnnotation irqlAnnotation; - string irqlKind; - int irqlParamIndex; - - IrqlRestoresGlobalAnnotatedFunction() { - exists(FunctionDeclarationEntry fde | - fde = this.getADeclarationEntry() and - irqlAnnotation.getDeclarationEntry() = fde - ) and - irqlKind = irqlAnnotation.getExpandedArgument(0) and - this.getParameter(irqlParamIndex).getName().matches(irqlAnnotation.getExpandedArgument(1)) - } - - string getIrqlKind() { result = irqlKind } - - int getIrqlParameterSlot() { result = irqlParamIndex } - } - - /** - * An abstract class for functions that use the \_IRQL\_saves\_ annotation, - * either on the function definition or on a specific parameter. - */ - abstract class IrqlSavesFunction extends Function { } - - /** A function that has a parameter annotated \_IRQL\_saves\_. */ - class IrqlSavesToParameterFunction extends IrqlSavesFunction { - IrqlSaveParameter saveParameter; - int irqlParamIndex; - - IrqlSavesToParameterFunction() { this.getParameter(irqlParamIndex) = saveParameter } - - int getIrqlParameterSlot() { result = irqlParamIndex } - } - - /** A function that saves the IRQL as a return value. */ - class IrqlSavesViaReturnFunction extends IrqlSavesFunction { - IrqlSaveAnnotation irqlAnnotation; - - IrqlSavesViaReturnFunction() { - exists(FunctionDeclarationEntry fde | - fde = this.getADeclarationEntry() and - irqlAnnotation.getDeclarationEntry() = fde - ) - } - } - - /** A function that has a parameter annotated \_IRQL\_restores\_. */ - class IrqlRestoreAnnotatedFunction extends Function { - IrqlRestoreParameter restoreParameter; - int irqlParamIndex; - - IrqlRestoreAnnotatedFunction() { this.getParameter(irqlParamIndex) = restoreParameter } - - int getIrqlParameterSlot() { result = irqlParamIndex } - } - - /** A call to a function that has a parameter annotated \_IRQL\_restores\_. */ - class IrqlRestoreCall extends FunctionCall { - IrqlRestoreCall() { this.getTarget() instanceof IrqlRestoreAnnotatedFunction } - - /** - * A heuristic evaluation of the IRQL that the system is changing to. This is defined as - * "the IRQL before the corresponding save global call." - */ - int getIrqlLevel() { - result = any(getPotentialExitIrqlAtCfn(this.getMostRecentRaise().getAPredecessor())) - } - - int getIrqlLevelExplicit() { - result = any(getExplicitExitIrqlAtCfn(this.getMostRecentRaise().getAPredecessor())) - } - - /** Returns the matching call to a function that saved the IRQL. */ - IrqlSaveCall getMostRecentRaise() { - result = - any(IrqlSaveCall sgic | - this.getAPredecessor*() = sgic and - matchingSaveCall(sgic) and - not exists(SavesGlobalIrqlCall sgic2 | - sgic2 != sgic and sgic2.getAPredecessor*() = sgic and matchingSaveCall(sgic2) - ) - ) - } - - /** - * Holds if a given call to an \_IRQL\_saves\_global\_ annotated function is using the same IRQL location as this. - */ - private predicate matchingSaveCall(IrqlSaveCall sgic) { - // Attempting to match all expr children leads to an explosion in runtime, so for now just compare - // the expr itself and the first child of each argument. This covers the common &variable case. - exists(int i, int j | - i = this.getTarget().(IrqlRestoreAnnotatedFunction).getIrqlParameterSlot() and - j = sgic.getTarget().(IrqlSavesToParameterFunction).getIrqlParameterSlot() and - exprsMatchText(this.getArgument(i), sgic.getArgument(j)) - ) - or - exists(int i | - i = this.getTarget().(IrqlRestoreAnnotatedFunction).getIrqlParameterSlot() and - sgic.getTarget() instanceof IrqlSavesViaReturnFunction and - exprsMatchText(this.getArgument(i), sgic.getSavedValue()) - ) and - this.getControlFlowScope() = sgic.getControlFlowScope() - } - } - - /** A call to a function that has is annotated \_IRQL\_saves\_. */ - class IrqlSaveCall extends FunctionCall { - IrqlSaveCall() { this.getTarget() instanceof IrqlSavesFunction } - - Expr getSavedValue() { - result = - any(Expr e | - exists(AssignExpr ae | - ae.getLValue() = e and - ae.getRValue() = this and - this.getTarget() instanceof IrqlSavesViaReturnFunction - ) - ) - } - } - - /** A call to a KeRaiseIRQL API that directly raises the IRQL. */ - class KeRaiseIrqlCall extends FunctionCall { - KeRaiseIrqlCall() { - this.getTarget().getName() = - ["KeRaiseIrql", "KfRaiseIrql", "KeRaiseIrqlToDPCLevel", "KfRaiseIrqlToDPCLevel"] - } - - int getIrqlLevel() { - if this.getTarget().getName() = ["KeRaiseIrqlToDPCLevel", "KfRaiseIrqlToDPCLevel"] - then result = 2 - else result = this.getArgument(0).(Literal).getValue().toInt() - } - } - - /** A direct call to a function that lowers the IRQL. */ - class KeLowerIrqlCall extends FunctionCall { - KeLowerIrqlCall() { this.getTarget().getName() = ["KeLowerIrql", "KfLowerIrql"] } - - /** - * A heuristic evaluation of the IRQL that the system is lowering to. This is defined as - * "the IRQL before the most recent KeRaiseIrql call". - */ - int getIrqlLevel() { - result = - any(getPotentialExitIrqlAtCfn(this.getMostRecentRaiseInterprocedural().getAPredecessor())) - } - - int getIrqlLevelExplicit() { - result = - any(getExplicitExitIrqlAtCfn(this.getMostRecentRaiseInterprocedural().getAPredecessor())) - } - - /** - * Get the most recent KeRaiseIrql call before this call. - * - * This performs a local (intraprocedural) analysis only. It is unused in the library today, - * but can be inserted in place of the interprocedural analysis by modifying the getIrqlLevel() - * function above. - */ - KeRaiseIrqlCall getMostRecentRaise() { - result = - any(KeRaiseIrqlCall sgic | - this.getAPredecessor*() = sgic and - not exists(KeRaiseIrqlCall kric2 | kric2 != sgic and kric2.getAPredecessor*() = sgic) - ) - } - - - /** - * Get the corresponding KeRaiseIrql call that preceded this KeLowerIrql call. - * - * This performs an interprocedural analysis using CodeQL's DataFlow classes. - */ - KeRaiseIrqlCall getMostRecentRaiseInterprocedural() { - result = - any(KeRaiseIrqlCall kric | - IrqlRaiseLowerFlow::flow(DataFlow::exprNode(kric), DataFlow::exprNode(this.getAnArgument())) - ) - } - } - - /** A call to a function that restores the IRQL from a specified state. */ - class SavesGlobalIrqlCall extends FunctionCall { - SavesGlobalIrqlCall() { this.getTarget() instanceof IrqlSavesGlobalAnnotatedFunction } - } - - /** A call to a function that restores the IRQL from a specified state. */ - class RestoresGlobalIrqlCall extends FunctionCall { - RestoresGlobalIrqlCall() { this.getTarget() instanceof IrqlRestoresGlobalAnnotatedFunction } - - /** - * A heuristic evaluation of the IRQL that the system is changing to. This is defined as - * "the IRQL before the corresponding save global call." - */ - int getIrqlLevel() { - result = any(getPotentialExitIrqlAtCfn(this.getMostRecentRaise().getAPredecessor())) - } - - int getIrqlLevelExplicit() { - result = any(getExplicitExitIrqlAtCfn(this.getMostRecentRaise().getAPredecessor())) - } - - /** - * Returns the matching call to a function that saved the IRQL to a global state. - * - * This is a strictly intraprocedural analysis. - */ - SavesGlobalIrqlCall getMostRecentRaise() { - result = - any(SavesGlobalIrqlCall sgic | - this.getAPredecessor*() = sgic and - matchingSaveCall(sgic) and - not exists(SavesGlobalIrqlCall sgic2 | - sgic2 != sgic and sgic2.getAPredecessor*() = sgic and matchingSaveCall(sgic2) - ) - ) - } - - /** - * Holds if a given call to an _IRQL_saves_global_ annotated function is using the same IRQL location as this. - */ - private predicate matchingSaveCall(SavesGlobalIrqlCall sgic) { - // Attempting to match all expr children leads to an explosion in runtime, so for now just compare - // the expr itself and the first child of each argument. This covers the common &variable case. - exists(int i, int j | - i = this.getTarget().(IrqlRestoresGlobalAnnotatedFunction).getIrqlParameterSlot() and - j = sgic.getTarget().(IrqlSavesGlobalAnnotatedFunction).getIrqlParameterSlot() and - exprsMatchText(this.getArgument(i), sgic.getArgument(j)) - ) and - this.getTarget().(IrqlRestoresGlobalAnnotatedFunction).getIrqlKind() = - sgic.getTarget().(IrqlSavesGlobalAnnotatedFunction).getIrqlKind() - } - } - - /** - * A utility function to determine if two exprs are (textually) the same. - * Because checking all children of the expression causes an explosion in evaluation time, we just - * check the first child. - * - * This function is obviously _not_ a guarantee that two expressions refer to the same thing. - * Use this locally and with caution. - * - * TODO: Compare with global value numbering (both accuracy and performance) - */ - pragma[inline] - private predicate exprsMatchText(Expr e1, Expr e2) { - e1.toString().matches(e2.toString()) and - exists(Expr child | - child = e1.getAChild() and - e1.getChild(0).toString().matches(e2.getChild(0).toString()) - ) - or - not exists(Expr child | child = e1.getAChild() or child = e2.getAChild()) - } - - /** - * Attempt to provide the IRQL **once this control flow node exits**, based on annotations and direct calls to raising/lowering functions. - * This predicate functions as follows: - * - If calling a "Raise IRQL" function, then it returns the value of the argument passed in (the target IRQL). - * - If calling a "Lower IRQL" function, then it returns the value of the argument passed in (the target IRQL). - * - If calling a function annotated to restore the IRQL from a previously saved spot, then the result is the IRQL before that save call. - * - If calling a function annotated to raise the IRQL, then it returns the annotated value (the target IRQL). - * - If calling a function annotated to maintain the same IRQL, then the result is the IRQL at the previous CFN. - * - If this node is calling a function with no annotations, the result is the IRQL that function exits at. - * - If there is a prior CFN in the CFG, the result is the result for that prior CFN. - * - If there is no prior CFN, then the result is whatever the IRQL was at a statement prior to a function call to this function (a lazy interprocedural analysis.) - * - If there are no prior CFNs and no calls to this function, then the IRQL is determined by annotations applied to this function. - * - Failing all this, we set the IRQL to 0. - * - * Not implemented: _IRQL_limited_to_ - */ - - int getPotentialExitIrqlAtCfn(ControlFlowNode cfn) { - if cfn instanceof KeRaiseIrqlCall - then result = cfn.(KeRaiseIrqlCall).getIrqlLevel() - else - if cfn instanceof KeLowerIrqlCall - then result = cfn.(KeLowerIrqlCall).getIrqlLevel() - else - if cfn instanceof RestoresGlobalIrqlCall - then result = cfn.(RestoresGlobalIrqlCall).getIrqlLevel() - else - if cfn instanceof IrqlRestoreCall - then result = cfn.(IrqlRestoreCall).getIrqlLevel() - else - if - cfn instanceof FunctionCall and - cfn.(FunctionCall).getTarget() instanceof IrqlRaisesAnnotatedFunction - then result = cfn.(FunctionCall).getTarget().(IrqlRaisesAnnotatedFunction).getIrqlLevel() - else - if - cfn instanceof FunctionCall and - cfn.(FunctionCall).getTarget() instanceof IrqlRequiresSameAnnotatedFunction - then result = any(getPotentialExitIrqlAtCfn(cfn.getAPredecessor())) - else - if cfn instanceof FunctionCall - then - result = - any(getPotentialExitIrqlAtCfn(getExitPointsOfFunction(cfn.(FunctionCall) - .getTarget())) - ) - else - if exists(ControlFlowNode cfn2 | cfn2 = cfn.getAPredecessor()) - then result = any(getPotentialExitIrqlAtCfn(cfn.getAPredecessor())) - else - if - exists(FunctionCall fc, ControlFlowNode cfn2 | - fc.getTarget() = cfn.getControlFlowScope() and - cfn2.getASuccessor() = fc - ) - then - // TODO: Check that this node is actually a function entry point and not just - // an isolated part of the CFN. Sometimes we get nodes that are "in" a function's - // CFN, but have no predecessors, but are not function entry. (Why?) - result = - any(getPotentialExitIrqlAtCfn(any(ControlFlowNode cfn2 | - cfn2.getASuccessor().(FunctionCall).getTarget() = - cfn.getControlFlowScope() - )) - ) - else - if - cfn.getControlFlowScope() instanceof IrqlRestrictsFunction and - getAllowableIrqlLevel(cfn.getControlFlowScope()) != -1 - then result = getAllowableIrqlLevel(cfn.getControlFlowScope()) - else result = 0 - } - - - /* - * Similar to above, but only exit points where the Irql is explicit - */ - - - int getExplicitExitIrqlAtCfn(ControlFlowNode cfn) { - if cfn instanceof KeRaiseIrqlCall - then result = cfn.(KeRaiseIrqlCall).getIrqlLevel() - else - if cfn instanceof KeLowerIrqlCall - then result = cfn.(KeLowerIrqlCall).getIrqlLevelExplicit() - else - if cfn instanceof RestoresGlobalIrqlCall - then result = cfn.(RestoresGlobalIrqlCall).getIrqlLevelExplicit() - else - if cfn instanceof IrqlRestoreCall - then result = cfn.(IrqlRestoreCall).getIrqlLevelExplicit() - else - if - cfn instanceof FunctionCall and - cfn.(FunctionCall).getTarget() instanceof IrqlRaisesAnnotatedFunction - then result = cfn.(FunctionCall).getTarget().(IrqlRaisesAnnotatedFunction).getIrqlLevel() - else - if - cfn instanceof FunctionCall and - cfn.(FunctionCall).getTarget() instanceof IrqlRequiresSameAnnotatedFunction - then result = any(getExplicitExitIrqlAtCfn(cfn.getAPredecessor())) - else ( - if exists(ControlFlowNode cfn2 | cfn2 = cfn.getAPredecessor()) - then result = any(getExplicitExitIrqlAtCfn(cfn.getAPredecessor())) - else - result = - any(getExplicitExitIrqlAtCfn(any(ControlFlowNode cfn2 | - cfn2.getASuccessor().(FunctionCall).getTarget() = - cfn.getControlFlowScope() - )) - ) - ) - } - - import semmle.code.cpp.controlflow.Dominance - - /** Utility function to get exit points of a function. */ - private ControlFlowNode getExitPointsOfFunction(Function f) { - result = - any(ControlFlowNode cfn | - cfn.getControlFlowScope() = f and - functionExit(cfn) - ) - } - - /** - * Attempt to find the range of valid IRQL values when **entering** a given IRQL-annotated function. - * This is used as a heuristic when no other IRQL information is available (i.e. we are at the top - * of a call stack.) - * - * Note: we implicitly apply DISPATCH_LEVEL as the max when a max is not specified but a minimum is, - * and the global max if the minimum is > DISPATCH_LEVEL. - */ - - int getAllowableIrqlLevel(Function func) { - exists(IrqlValue lowerBound, IrqlValue upperBound | - hasLowerBound(func, lowerBound) and hasUpperBound(func, upperBound) - ) and - result = - [any(IrqlValue lowerBound | hasLowerBound(func, lowerBound)) .. any(IrqlValue upperBound | - hasUpperBound(func, upperBound) - )] - or - exists(IrqlValue upperBound | hasUpperBound(func, upperBound)) and - not exists(IrqlValue lowerBound | hasLowerBound(func, lowerBound)) and - result = [0 .. any(IrqlValue upperBound | hasUpperBound(func, upperBound))] - or - not exists(IrqlValue upperBound | hasUpperBound(func, upperBound)) and - exists(IrqlValue lowerBound | hasLowerBound(func, lowerBound) and lowerBound > 2) and - result = [any(IrqlValue lowerBound | hasLowerBound(func, lowerBound)) .. getGlobalMaxIrqlLevel()] - or - not exists(IrqlValue upperBound | hasUpperBound(func, upperBound)) and - exists(IrqlValue lowerBound | hasLowerBound(func, lowerBound) and lowerBound <= 2) and - result = [any(IrqlValue lowerBound | hasLowerBound(func, lowerBound)) .. 2] - } - - /** Attempts to find an upper bound on the expected entry IRQL for a function. */ - private predicate hasUpperBound(Function func, IrqlValue upperBound) { - // The instanceof checks may seem redundant, but in fact they let us - // implement a "priority" if there are multiple, possibly conflicting annotations. - ( - func.(IrqlMaxAnnotatedFunction).getIrqlLevel() = upperBound - or - not func instanceof IrqlMaxAnnotatedFunction and - func.(IrqlAlwaysMaxFunction).getIrqlLevel() = upperBound - or - ( - not func instanceof IrqlMaxAnnotatedFunction and - not func instanceof IrqlAlwaysMaxFunction - ) and - func.(IrqlRequiresAnnotatedFunction).getIrqlLevel() = upperBound - or - ( - not func instanceof IrqlMaxAnnotatedFunction and - not func instanceof IrqlAlwaysMaxFunction and - not func instanceof IrqlRequiresAnnotatedFunction - ) and - func instanceof PagedFunctionDeclaration and - upperBound = 1 - ) - } - - /** Attempts to find a lower bound on the expected entry IRQL for a function. */ - private predicate hasLowerBound(Function func, IrqlValue lowerBound) { - // The instanceof checks may seem redundant, but in fact they let us - // implement a "priority" if there are multiple, possibly conflicting annotations. - ( - func.(IrqlMinAnnotatedFunction).getIrqlLevel() = lowerBound - or - not func instanceof IrqlMinAnnotatedFunction and - func.(IrqlAlwaysMinFunction).getIrqlLevel() = lowerBound - or - ( - not func instanceof IrqlMinAnnotatedFunction and - not func instanceof IrqlAlwaysMinFunction - ) and - func.(IrqlRequiresAnnotatedFunction).getIrqlLevel() = lowerBound - or - ( - not func instanceof IrqlMinAnnotatedFunction and - not func instanceof IrqlAlwaysMinFunction and - not func instanceof IrqlRequiresAnnotatedFunction - ) and - func instanceof PagedFunctionDeclaration and - lowerBound = 0 - ) - } +// Copyright (c) Microsoft Corporation. +// Licensed under the MIT license. +/** + * Provides classes related to calculating and estimating the IRQL in a Windows device driver. + * + * For best results, this library expects to be used in tandem with IRQL annotations. A limited + * amount of functionality is still present even when no annotations are present, primarily around + * measuring direct calls to KeRaiseIrql and KeLowerIrql. + * + * Much of this library's analysis is intraprocedural or limited interprocedural, using a simple + * analysis based on call sites to a given function. Full interprocedural analysis that relies on the + * implicit behaviors of the WDM driver model, etc. is not yet supported. + */ + + import cpp + import drivers.libraries.SAL + import drivers.wdm.libraries.WdmDrivers + import drivers.libraries.IrqlDataFlow + import drivers.libraries.Page + import drivers.libraries.RoleTypes + + + + + /** + * A macro in wdm.h that represents an IRQL level, + * such as PASSIVE_LEVEL, DISPATCH_LEVEL, etc. + */ + + class IrqlMacro extends Macro { + int irqlLevelAsInt; + + + IrqlMacro() { + this.getName().matches("%_LEVEL") and + this.getFile().getBaseName() = "wdm.h" and + this.getBody().toInt() = irqlLevelAsInt and + irqlLevelAsInt >= 0 and + irqlLevelAsInt <= 31 + } + + /** Returns the integer value of this IRQL level. */ + + int getIrqlLevel() { result = irqlLevelAsInt } + } + + /** + * Returns the highest IRQL in wdm.h across this database. + * May cause incorrect results if database contains both 32-bit + * and 64-bit builds. + */ + + int getGlobalMaxIrqlLevel() { + result = + any(int i | + exists(IrqlMacro im | + i = im.getIrqlLevel() and + not exists(IrqlMacro im2 | im2 != im and im2.getIrqlLevel() > im.getIrqlLevel()) + ) + ) + } + + /** + * Represents a real (not -1) Irql level, between 0 and the max for the architecture this + * database was built to target. + */ + class IrqlValue extends int { + IrqlValue() { this = [0 .. getGlobalMaxIrqlLevel()] } + } + + /** An \_IRQL\_saves\_global\_(parameter, kind) annotation. */ + + class IrqlSavesGlobalAnnotation extends SALAnnotation { + MacroInvocation irqlMacroInvocation; + + + IrqlSavesGlobalAnnotation() { + // Needs to include other function and parameter annotations too + this.getMacroName() = ["__drv_savesIRQLGlobal", "_IRQL_saves_global_"] and + irqlMacroInvocation.getParentInvocation() = this + } + } + + /** An \_IRQL\_restores\_global\_(parameter, kind) annotation. */ + + class IrqlRestoresGlobalAnnotation extends SALAnnotation { + MacroInvocation irqlMacroInvocation; + + + IrqlRestoresGlobalAnnotation() { + // Needs to include other function and parameter annotations too + this.getMacroName() = ["__drv_restoresIRQLGlobal", "_IRQL_restores_global_"] and + irqlMacroInvocation.getParentInvocation() = this + } + } + + /** + * Standard IRQL annotations which apply to entire functions and manipulate or constrain the IRQL. + */ + + class IrqlFunctionAnnotation extends SALAnnotation { + string irqlLevel; + string irqlAnnotationName; + string innerAnnotationName; + string fullInnerAnnotationString; + + + IrqlFunctionAnnotation() { + ( + this.getMacroName() = + [ + "__drv_requiresIRQL", "_IRQL_requires_", "_drv_minIRQL", "_IRQL_requires_min_", + "_drv_maxIRQL", "_IRQL_requires_max_", "__drv_raisesIRQL", "_IRQL_raises_", + "__drv_maxFunctionIRQL", "_IRQL_always_function_max_", "__drv_minFunctionIRQL", + "_IRQL_always_function_min_" + ] and + irqlLevel = this.getUnexpandedArgument(0) and + innerAnnotationName = this.getMacroName() and + fullInnerAnnotationString = this.getMacroName() + "(" + irqlLevel + ")" + or + // Special case: _IRQL_saves_ annotations can apply to a whole function, + // but do not have an associated IRQL value. + this.getMacroName() = ["__drv_savesIRQL", "_IRQL_saves_"] and + irqlLevel = "NA_IRQL_SAVES" and + innerAnnotationName = this.getMacroName() and + fullInnerAnnotationString = this.getMacroName() + "(" + irqlLevel + ")" + or + // // Conditional IRQL annotations within a _When_ annotation + this.getMacroName() = ["_When_"] and + fullInnerAnnotationString = this.getUnexpandedArgument(1).toString() and + ( + fullInnerAnnotationString.matches("__drv_requiresIRQL%") and + innerAnnotationName = "__drv_requiresIRQL" + or + fullInnerAnnotationString.matches("_IRQL_requires_%") and + innerAnnotationName = "_IRQL_requires_" + or + fullInnerAnnotationString.matches("_drv_minIRQL%") and + innerAnnotationName = "_drv_minIRQL" + or + fullInnerAnnotationString.matches("_drv_maxIRQL%") and + innerAnnotationName = "_drv_maxIRQL" + or + fullInnerAnnotationString.matches("_IRQL_requires_max_%") and + innerAnnotationName = "_IRQL_requires_max_" + or + fullInnerAnnotationString.matches("_IRQL_raises_%") and + innerAnnotationName = "_IRQL_raises_" + or + fullInnerAnnotationString.matches("__drv_maxFunctionIRQL%") and + innerAnnotationName = "__drv_maxFunctionIRQL" + or + fullInnerAnnotationString.matches("_IRQL_always_function_max_%") and + innerAnnotationName = "_IRQL_always_function_max_" + or + fullInnerAnnotationString.matches("__drv_minFunctionIRQL%") and + innerAnnotationName = "__drv_minFunctionIRQL" + or + fullInnerAnnotationString.matches("_IRQL_always_function_min_%") and + innerAnnotationName = "_IRQL_always_function_min_" + ) and + irqlLevel = + fullInnerAnnotationString + .substring(fullInnerAnnotationString.indexOf(innerAnnotationName + "(") + 1 + + innerAnnotationName.length(), + fullInnerAnnotationString + .indexOf(")", 0, + fullInnerAnnotationString.indexOf(innerAnnotationName + "(") + 1 + + innerAnnotationName.length())) + ) and + irqlAnnotationName = this.getMacroName() + } + + /** Returns the text of this annotation (i.e. \_IRQL\_requires\_, etc.) */ + + string getIrqlMacroName() { + if this.getMacroName() = ["_When_"] + then result = innerAnnotationName + else result = irqlAnnotationName + } + + + string getIrqlLevelString() { result = irqlLevel } + + /** + * Evaluate the IRQL specified in this annotation, if possible. + * + * This will return -1 if the IRQL specified is anything other than a standard + * IRQL level (i.e. PASSIVE_LEVEL). This includes statements like "DPC_LEVEL - 1". + */ + + int getIrqlLevel() { + // Special case for DPC_LEVEL, which is not defined normally + if this.getIrqlLevelString() = "DPC_LEVEL" + then result = 2 + else + if exists(IrqlMacro im | im.getHead().matches(this.getIrqlLevelString())) + then + result = + any(int i | + exists(IrqlMacro im | + im.getIrqlLevel() = i and + im.getHead().matches(this.getIrqlLevelString()) + ) + ) + else + if exists(int i | i = this.getIrqlLevelString().toInt()) + then result = this.getIrqlLevelString().toInt() + else result = -1 + } + } + + /** Represents an "\_IRQL\_requires\_same\_" annotation. */ + class IrqlSameAnnotation extends SALAnnotation { + string irqlAnnotationName; + + IrqlSameAnnotation() { + this.getMacroName() = ["__drv_sameIRQL", "_IRQL_requires_same_"] and + irqlAnnotationName = this.getMacroName() + } + + string getIrqlMacroName() { result = irqlAnnotationName } + } + + /** An "\_IRQL\_requires\_max\_" annotation. */ + class IrqlMaxAnnotation extends IrqlFunctionAnnotation { + IrqlMaxAnnotation() { this.getIrqlMacroName() = ["_drv_maxIRQL", "_IRQL_requires_max_"] } + } + + /** An "\_IRQL\_raises\_" annotation. */ + class IrqlRaisesAnnotation extends IrqlFunctionAnnotation { + IrqlRaisesAnnotation() { this.getIrqlMacroName() = ["__drv_raisesIRQL", "_IRQL_raises_"] } + } + + /** An "\_IRQL\_requires\_min\_" annotation. */ + class IrqlMinAnnotation extends IrqlFunctionAnnotation { + IrqlMinAnnotation() { this.getIrqlMacroName() = ["_drv_minIRQL", "_IRQL_requires_min_"] } + } + + /** An "\_IRQL\_requires\_" annotation. */ + class IrqlRequiresAnnotation extends IrqlFunctionAnnotation { + IrqlRequiresAnnotation() { this.getIrqlMacroName() = ["__drv_requiresIRQL", "_IRQL_requires_"] } + } + + /** An "\_IRQL\_always\_function\_max\_" annotation. */ + class IrqlAlwaysMaxAnnotation extends IrqlFunctionAnnotation { + IrqlAlwaysMaxAnnotation() { + this.getIrqlMacroName() = ["__drv_maxFunctionIRQL", "_IRQL_always_function_max_"] + } + } + + /** An "\_IRQL\_always\_function\_min\_" annotation. */ + class IrqlAlwaysMinAnnotation extends IrqlFunctionAnnotation { + IrqlAlwaysMinAnnotation() { + this.getIrqlMacroName() = ["__drv_minFunctionIRQL", "_IRQL_always_function_min_"] + } + } + + /** + * A SAL annotation indicating that the parameter in + * question is used to store or restore the IRQL. + */ + class IrqlParameterAnnotation extends SALAnnotation { + string irqlAnnotationName; + + IrqlParameterAnnotation() { + this.getMacroName() = + ["__drv_restoresIRQL", "_IRQL_restores_", "__drv_savesIRQL", "_IRQL_saves_"] and + irqlAnnotationName = this.getMacroName() and + exists(MacroInvocation mi | mi.getParentInvocation() = this) + } + + /** Get the text of the annotation. */ + string getIrqlMacroName() { result = irqlAnnotationName } + } + + /** + * A SAL annotation indicating that the parameter in + * question contains an IRQL value that the system will be set to. + */ + class IrqlRestoreAnnotation extends IrqlParameterAnnotation { + IrqlRestoreAnnotation() { this.getMacroName() = ["__drv_restoresIRQL", "_IRQL_restores_"] } + } + + /** + * A SAL annotation indicating that can be used in two ways: + * - If applied to a function, the function returns the previous IRQL or otherwise saves the IRQL. + * - If applied to a parameter, the function saves the IRQL to the parameter. + */ + class IrqlSaveAnnotation extends IrqlFunctionAnnotation { + IrqlSaveAnnotation() { this.getIrqlMacroName() = ["__drv_savesIRQL", "_IRQL_saves_"] } + } + + /** A parameter that is annotated with "\_IRQL\_restores\_". */ + class IrqlRestoreParameter extends Parameter { + IrqlRestoreParameter() { exists(IrqlRestoreAnnotation ira | ira.getDeclaration() = this) } + } + + /** A parameter that is annotated with "\_IRQL\_saves\_". */ + class IrqlSaveParameter extends Parameter { + IrqlSaveParameter() { exists(IrqlSaveAnnotation isa | isa.getDeclaration() = this) } + } + + /** A typedef that has IRQL annotations applied to it. */ + class IrqlAnnotatedTypedef extends TypedefType { + IrqlFunctionAnnotation irqlAnnotation; + + IrqlAnnotatedTypedef() { irqlAnnotation.getTypedefDeclarations() = this } + + IrqlFunctionAnnotation getIrqlAnnotation() { result = irqlAnnotation } + } + + /** + * A function that is annotated in such a way that + * either its entry or exit IRQL is restricted, either by having a min/max value, + * a required value, or by raising the IRQL to a known value. + */ + + class IrqlRestrictsFunction extends Function { + IrqlFunctionAnnotation irqlAnnotation; + + + IrqlRestrictsFunction() { + exists(FunctionDeclarationEntry fde | + fde = this.getADeclarationEntry() and + irqlAnnotation.getDeclarationEntry() = fde + ) + or + exists(FunctionDeclarationEntry fde | + fde.getFunction() = this and + fde.getTypedefType().(IrqlAnnotatedTypedef).getIrqlAnnotation() = irqlAnnotation + ) + or + exists(ImplicitRoleTypeFunction irtf | + irtf = this and + irtf.getExpectedRoleTypeType().(IrqlAnnotatedTypedef).getIrqlAnnotation() = irqlAnnotation + ) + } + + + IrqlFunctionAnnotation getFuncIrqlAnnotation() { result = irqlAnnotation } + } + + /** A function that changes the IRQL. */ + abstract class IrqlChangesFunction extends Function { } + + /** A function that is explicitly annotated to enter and exit at the same IRQL. */ + class IrqlRequiresSameAnnotatedFunction extends Function { + IrqlSameAnnotation irqlAnnotation; + + IrqlRequiresSameAnnotatedFunction() { + exists(FunctionDeclarationEntry fde | + fde = this.getADeclarationEntry() and + irqlAnnotation.getDeclarationEntry() = fde + ) + } + } + + /** A function that is annotated to run at a specific IRQL. */ + class IrqlRequiresAnnotatedFunction extends IrqlRestrictsFunction { + IrqlRequiresAnnotatedFunction() { irqlAnnotation instanceof IrqlRequiresAnnotation } + + int getIrqlLevel() { result = irqlAnnotation.(IrqlRequiresAnnotation).getIrqlLevel() } + } + + /** A function that is annotated to enter at or below a given IRQL. */ + class IrqlMaxAnnotatedFunction extends IrqlRestrictsFunction { + IrqlMaxAnnotatedFunction() { irqlAnnotation instanceof IrqlMaxAnnotation } + + int getIrqlLevel() { result = irqlAnnotation.(IrqlMaxAnnotation).getIrqlLevel() } + } + + /** A function that is annotated to enter at or above a given IRQL. */ + class IrqlMinAnnotatedFunction extends IrqlRestrictsFunction { + IrqlMinAnnotatedFunction() { irqlAnnotation instanceof IrqlMinAnnotation } + + int getIrqlLevel() { result = irqlAnnotation.(IrqlMinAnnotation).getIrqlLevel() } + } + + /** A function that is annotated to raise the IRQL to a given value. */ + class IrqlRaisesAnnotatedFunction extends IrqlRestrictsFunction, IrqlChangesFunction { + IrqlRaisesAnnotatedFunction() { irqlAnnotation instanceof IrqlRaisesAnnotation } + + int getIrqlLevel() { result = irqlAnnotation.(IrqlRaisesAnnotation).getIrqlLevel() } + } + + /** A function that is never allowed to run with the IRQL above a given value. */ + class IrqlAlwaysMaxFunction extends IrqlRestrictsFunction { + IrqlAlwaysMaxFunction() { irqlAnnotation instanceof IrqlAlwaysMaxAnnotation } + + int getIrqlLevel() { result = irqlAnnotation.(IrqlAlwaysMaxAnnotation).getIrqlLevel() } + } + + /** A function that is never allowed to run with the IRQL above a given value. */ + class IrqlAlwaysMinFunction extends IrqlRestrictsFunction { + IrqlAlwaysMinFunction() { irqlAnnotation instanceof IrqlAlwaysMinAnnotation } + + int getIrqlLevel() { result = irqlAnnotation.(IrqlAlwaysMinAnnotation).getIrqlLevel() } + } + + /** A function annotated to save the IRQL at the specified location upon entry. */ + class IrqlSavesGlobalAnnotatedFunction extends IrqlChangesFunction { + IrqlSavesGlobalAnnotation irqlAnnotation; + string irqlKind; + int irqlParamIndex; + + IrqlSavesGlobalAnnotatedFunction() { + exists(FunctionDeclarationEntry fde | + fde = this.getADeclarationEntry() and + irqlAnnotation.getDeclarationEntry() = fde + ) and + irqlKind = irqlAnnotation.getExpandedArgument(0) and + this.getParameter(irqlParamIndex).getName().matches(irqlAnnotation.getExpandedArgument(1)) + } + + string getIrqlKind() { result = irqlKind } + + int getIrqlParameterSlot() { result = irqlParamIndex } + } + + /** A function annotated to restore the IRQL from the specified location upon exit. */ + class IrqlRestoresGlobalAnnotatedFunction extends IrqlChangesFunction { + IrqlRestoresGlobalAnnotation irqlAnnotation; + string irqlKind; + int irqlParamIndex; + + IrqlRestoresGlobalAnnotatedFunction() { + exists(FunctionDeclarationEntry fde | + fde = this.getADeclarationEntry() and + irqlAnnotation.getDeclarationEntry() = fde + ) and + irqlKind = irqlAnnotation.getExpandedArgument(0) and + this.getParameter(irqlParamIndex).getName().matches(irqlAnnotation.getExpandedArgument(1)) + } + + string getIrqlKind() { result = irqlKind } + + int getIrqlParameterSlot() { result = irqlParamIndex } + } + + /** + * An abstract class for functions that use the \_IRQL\_saves\_ annotation, + * either on the function definition or on a specific parameter. + */ + abstract class IrqlSavesFunction extends Function { } + + /** A function that has a parameter annotated \_IRQL\_saves\_. */ + class IrqlSavesToParameterFunction extends IrqlSavesFunction { + IrqlSaveParameter saveParameter; + int irqlParamIndex; + + IrqlSavesToParameterFunction() { this.getParameter(irqlParamIndex) = saveParameter } + + int getIrqlParameterSlot() { result = irqlParamIndex } + } + + /** A function that saves the IRQL as a return value. */ + class IrqlSavesViaReturnFunction extends IrqlSavesFunction { + IrqlSaveAnnotation irqlAnnotation; + + IrqlSavesViaReturnFunction() { + exists(FunctionDeclarationEntry fde | + fde = this.getADeclarationEntry() and + irqlAnnotation.getDeclarationEntry() = fde + ) + } + } + + /** A function that has a parameter annotated \_IRQL\_restores\_. */ + class IrqlRestoreAnnotatedFunction extends Function { + IrqlRestoreParameter restoreParameter; + int irqlParamIndex; + + IrqlRestoreAnnotatedFunction() { this.getParameter(irqlParamIndex) = restoreParameter } + + int getIrqlParameterSlot() { result = irqlParamIndex } + } + + /** A call to a function that has a parameter annotated \_IRQL\_restores\_. */ + class IrqlRestoreCall extends FunctionCall { + IrqlRestoreCall() { this.getTarget() instanceof IrqlRestoreAnnotatedFunction } + + /** + * A heuristic evaluation of the IRQL that the system is changing to. This is defined as + * "the IRQL before the corresponding save global call." + */ + int getIrqlLevel() { + result = any(getPotentialExitIrqlAtCfn(this.getMostRecentRaise().getAPredecessor())) + } + + int getIrqlLevelExplicit() { + result = any(getExplicitExitIrqlAtCfn(this.getMostRecentRaise().getAPredecessor())) + } + + /** Returns the matching call to a function that saved the IRQL. */ + IrqlSaveCall getMostRecentRaise() { + result = + any(IrqlSaveCall sgic | + this.getAPredecessor*() = sgic and + matchingSaveCall(sgic) and + not exists(SavesGlobalIrqlCall sgic2 | + sgic2 != sgic and sgic2.getAPredecessor*() = sgic and matchingSaveCall(sgic2) + ) + ) + } + + /** + * Holds if a given call to an \_IRQL\_saves\_global\_ annotated function is using the same IRQL location as this. + */ + private predicate matchingSaveCall(IrqlSaveCall sgic) { + // Attempting to match all expr children leads to an explosion in runtime, so for now just compare + // the expr itself and the first child of each argument. This covers the common &variable case. + exists(int i, int j | + i = this.getTarget().(IrqlRestoreAnnotatedFunction).getIrqlParameterSlot() and + j = sgic.getTarget().(IrqlSavesToParameterFunction).getIrqlParameterSlot() and + exprsMatchText(this.getArgument(i), sgic.getArgument(j)) + ) + or + exists(int i | + i = this.getTarget().(IrqlRestoreAnnotatedFunction).getIrqlParameterSlot() and + sgic.getTarget() instanceof IrqlSavesViaReturnFunction and + exprsMatchText(this.getArgument(i), sgic.getSavedValue()) + ) and + this.getControlFlowScope() = sgic.getControlFlowScope() + } + } + + /** A call to a function that has is annotated \_IRQL\_saves\_. */ + class IrqlSaveCall extends FunctionCall { + IrqlSaveCall() { this.getTarget() instanceof IrqlSavesFunction } + + Expr getSavedValue() { + result = + any(Expr e | + exists(AssignExpr ae | + ae.getLValue() = e and + ae.getRValue() = this and + this.getTarget() instanceof IrqlSavesViaReturnFunction + ) + ) + } + } + + /** A call to a KeRaiseIRQL API that directly raises the IRQL. */ + class KeRaiseIrqlCall extends FunctionCall { + KeRaiseIrqlCall() { + this.getTarget().getName() = + ["KeRaiseIrql", "KfRaiseIrql", "KeRaiseIrqlToDPCLevel", "KfRaiseIrqlToDPCLevel"] + } + + int getIrqlLevel() { + if this.getTarget().getName() = ["KeRaiseIrqlToDPCLevel", "KfRaiseIrqlToDPCLevel"] + then result = 2 + else result = this.getArgument(0).(Literal).getValue().toInt() + } + } + + /** A direct call to a function that lowers the IRQL. */ + class KeLowerIrqlCall extends FunctionCall { + KeLowerIrqlCall() { this.getTarget().getName() = ["KeLowerIrql", "KfLowerIrql"] } + + /** + * A heuristic evaluation of the IRQL that the system is lowering to. This is defined as + * "the IRQL before the most recent KeRaiseIrql call". + */ + int getIrqlLevel() { + result = + any(getPotentialExitIrqlAtCfn(this.getMostRecentRaiseInterprocedural().getAPredecessor())) + } + + int getIrqlLevelExplicit() { + result = + any(getExplicitExitIrqlAtCfn(this.getMostRecentRaiseInterprocedural().getAPredecessor())) + } + + /** + * Get the most recent KeRaiseIrql call before this call. + * + * This performs a local (intraprocedural) analysis only. It is unused in the library today, + * but can be inserted in place of the interprocedural analysis by modifying the getIrqlLevel() + * function above. + */ + KeRaiseIrqlCall getMostRecentRaise() { + result = + any(KeRaiseIrqlCall sgic | + this.getAPredecessor*() = sgic and + not exists(KeRaiseIrqlCall kric2 | kric2 != sgic and kric2.getAPredecessor*() = sgic) + ) + } + + + /** + * Get the corresponding KeRaiseIrql call that preceded this KeLowerIrql call. + * + * This performs an interprocedural analysis using CodeQL's DataFlow classes. + */ + KeRaiseIrqlCall getMostRecentRaiseInterprocedural() { + result = + any(KeRaiseIrqlCall kric | + IrqlRaiseLowerFlow::flow(DataFlow::exprNode(kric), DataFlow::exprNode(this.getAnArgument())) + ) + } + } + + /** A call to a function that restores the IRQL from a specified state. */ + class SavesGlobalIrqlCall extends FunctionCall { + SavesGlobalIrqlCall() { this.getTarget() instanceof IrqlSavesGlobalAnnotatedFunction } + } + + /** A call to a function that restores the IRQL from a specified state. */ + class RestoresGlobalIrqlCall extends FunctionCall { + RestoresGlobalIrqlCall() { this.getTarget() instanceof IrqlRestoresGlobalAnnotatedFunction } + + /** + * A heuristic evaluation of the IRQL that the system is changing to. This is defined as + * "the IRQL before the corresponding save global call." + */ + int getIrqlLevel() { + result = any(getPotentialExitIrqlAtCfn(this.getMostRecentRaise().getAPredecessor())) + } + + int getIrqlLevelExplicit() { + result = any(getExplicitExitIrqlAtCfn(this.getMostRecentRaise().getAPredecessor())) + } + + /** + * Returns the matching call to a function that saved the IRQL to a global state. + * + * This is a strictly intraprocedural analysis. + */ + SavesGlobalIrqlCall getMostRecentRaise() { + result = + any(SavesGlobalIrqlCall sgic | + this.getAPredecessor*() = sgic and + matchingSaveCall(sgic) and + not exists(SavesGlobalIrqlCall sgic2 | + sgic2 != sgic and sgic2.getAPredecessor*() = sgic and matchingSaveCall(sgic2) + ) + ) + } + + /** + * Holds if a given call to an _IRQL_saves_global_ annotated function is using the same IRQL location as this. + */ + private predicate matchingSaveCall(SavesGlobalIrqlCall sgic) { + // Attempting to match all expr children leads to an explosion in runtime, so for now just compare + // the expr itself and the first child of each argument. This covers the common &variable case. + exists(int i, int j | + i = this.getTarget().(IrqlRestoresGlobalAnnotatedFunction).getIrqlParameterSlot() and + j = sgic.getTarget().(IrqlSavesGlobalAnnotatedFunction).getIrqlParameterSlot() and + exprsMatchText(this.getArgument(i), sgic.getArgument(j)) + ) and + this.getTarget().(IrqlRestoresGlobalAnnotatedFunction).getIrqlKind() = + sgic.getTarget().(IrqlSavesGlobalAnnotatedFunction).getIrqlKind() + } + } + + /** + * A utility function to determine if two exprs are (textually) the same. + * Because checking all children of the expression causes an explosion in evaluation time, we just + * check the first child. + * + * This function is obviously _not_ a guarantee that two expressions refer to the same thing. + * Use this locally and with caution. + * + * TODO: Compare with global value numbering (both accuracy and performance) + */ + pragma[inline] + private predicate exprsMatchText(Expr e1, Expr e2) { + e1.toString().matches(e2.toString()) and + exists(Expr child | + child = e1.getAChild() and + e1.getChild(0).toString().matches(e2.getChild(0).toString()) + ) + or + not exists(Expr child | child = e1.getAChild() or child = e2.getAChild()) + } + + /** + * Attempt to provide the IRQL **once this control flow node exits**, based on annotations and direct calls to raising/lowering functions. + * This predicate functions as follows: + * - If calling a "Raise IRQL" function, then it returns the value of the argument passed in (the target IRQL). + * - If calling a "Lower IRQL" function, then it returns the value of the argument passed in (the target IRQL). + * - If calling a function annotated to restore the IRQL from a previously saved spot, then the result is the IRQL before that save call. + * - If calling a function annotated to raise the IRQL, then it returns the annotated value (the target IRQL). + * - If calling a function annotated to maintain the same IRQL, then the result is the IRQL at the previous CFN. + * - If this node is calling a function with no annotations, the result is the IRQL that function exits at. + * - If there is a prior CFN in the CFG, the result is the result for that prior CFN. + * - If there is no prior CFN, then the result is whatever the IRQL was at a statement prior to a function call to this function (a lazy interprocedural analysis.) + * - If there are no prior CFNs and no calls to this function, then the IRQL is determined by annotations applied to this function. + * - Failing all this, we set the IRQL to 0. + * + * Not implemented: _IRQL_limited_to_ + */ + + int getPotentialExitIrqlAtCfn(ControlFlowNode cfn) { + if cfn instanceof KeRaiseIrqlCall + then result = cfn.(KeRaiseIrqlCall).getIrqlLevel() + else + if cfn instanceof KeLowerIrqlCall + then result = cfn.(KeLowerIrqlCall).getIrqlLevel() + else + if cfn instanceof RestoresGlobalIrqlCall + then result = cfn.(RestoresGlobalIrqlCall).getIrqlLevel() + else + if cfn instanceof IrqlRestoreCall + then result = cfn.(IrqlRestoreCall).getIrqlLevel() + else + if + cfn instanceof FunctionCall and + cfn.(FunctionCall).getTarget() instanceof IrqlRaisesAnnotatedFunction + then result = cfn.(FunctionCall).getTarget().(IrqlRaisesAnnotatedFunction).getIrqlLevel() + else + if + cfn instanceof FunctionCall and + cfn.(FunctionCall).getTarget() instanceof IrqlRequiresSameAnnotatedFunction + then result = any(getPotentialExitIrqlAtCfn(cfn.getAPredecessor())) + else + if cfn instanceof FunctionCall + then + result = + any(getPotentialExitIrqlAtCfn(getExitPointsOfFunction(cfn.(FunctionCall) + .getTarget())) + ) + else + if exists(ControlFlowNode cfn2 | cfn2 = cfn.getAPredecessor()) + then result = any(getPotentialExitIrqlAtCfn(cfn.getAPredecessor())) + else + if + exists(FunctionCall fc, ControlFlowNode cfn2 | + fc.getTarget() = cfn.getControlFlowScope() and + cfn2.getASuccessor() = fc + ) + then + // TODO: Check that this node is actually a function entry point and not just + // an isolated part of the CFN. Sometimes we get nodes that are "in" a function's + // CFN, but have no predecessors, but are not function entry. (Why?) + result = + any(getPotentialExitIrqlAtCfn(any(ControlFlowNode cfn2 | + cfn2.getASuccessor().(FunctionCall).getTarget() = + cfn.getControlFlowScope() + )) + ) + else + if + cfn.getControlFlowScope() instanceof IrqlRestrictsFunction and + getAllowableIrqlLevel(cfn.getControlFlowScope()) != -1 + then result = getAllowableIrqlLevel(cfn.getControlFlowScope()) + else result = 0 + } + + + /* + * Similar to above, but only exit points where the Irql is explicit + */ + + + int getExplicitExitIrqlAtCfn(ControlFlowNode cfn) { + if cfn instanceof KeRaiseIrqlCall + then result = cfn.(KeRaiseIrqlCall).getIrqlLevel() + else + if cfn instanceof KeLowerIrqlCall + then result = cfn.(KeLowerIrqlCall).getIrqlLevelExplicit() + else + if cfn instanceof RestoresGlobalIrqlCall + then result = cfn.(RestoresGlobalIrqlCall).getIrqlLevelExplicit() + else + if cfn instanceof IrqlRestoreCall + then result = cfn.(IrqlRestoreCall).getIrqlLevelExplicit() + else + if + cfn instanceof FunctionCall and + cfn.(FunctionCall).getTarget() instanceof IrqlRaisesAnnotatedFunction + then result = cfn.(FunctionCall).getTarget().(IrqlRaisesAnnotatedFunction).getIrqlLevel() + else + if + cfn instanceof FunctionCall and + cfn.(FunctionCall).getTarget() instanceof IrqlRequiresSameAnnotatedFunction + then result = any(getExplicitExitIrqlAtCfn(cfn.getAPredecessor())) + else ( + if exists(ControlFlowNode cfn2 | cfn2 = cfn.getAPredecessor()) + then result = any(getExplicitExitIrqlAtCfn(cfn.getAPredecessor())) + else + result = + any(getExplicitExitIrqlAtCfn(any(ControlFlowNode cfn2 | + cfn2.getASuccessor().(FunctionCall).getTarget() = + cfn.getControlFlowScope() + )) + ) + ) + } + + import semmle.code.cpp.controlflow.Dominance + + /** Utility function to get exit points of a function. */ + private ControlFlowNode getExitPointsOfFunction(Function f) { + result = + any(ControlFlowNode cfn | + cfn.getControlFlowScope() = f and + functionExit(cfn) + ) + } + + /** + * Attempt to find the range of valid IRQL values when **entering** a given IRQL-annotated function. + * This is used as a heuristic when no other IRQL information is available (i.e. we are at the top + * of a call stack.) + * + * Note: we implicitly apply DISPATCH_LEVEL as the max when a max is not specified but a minimum is, + * and the global max if the minimum is > DISPATCH_LEVEL. + */ + + int getAllowableIrqlLevel(Function func) { + exists(IrqlValue lowerBound, IrqlValue upperBound | + hasLowerBound(func, lowerBound) and hasUpperBound(func, upperBound) + ) and + result = + [any(IrqlValue lowerBound | hasLowerBound(func, lowerBound)) .. any(IrqlValue upperBound | + hasUpperBound(func, upperBound) + )] + or + exists(IrqlValue upperBound | hasUpperBound(func, upperBound)) and + not exists(IrqlValue lowerBound | hasLowerBound(func, lowerBound)) and + result = [0 .. any(IrqlValue upperBound | hasUpperBound(func, upperBound))] + or + not exists(IrqlValue upperBound | hasUpperBound(func, upperBound)) and + exists(IrqlValue lowerBound | hasLowerBound(func, lowerBound) and lowerBound > 2) and + result = [any(IrqlValue lowerBound | hasLowerBound(func, lowerBound)) .. getGlobalMaxIrqlLevel()] + or + not exists(IrqlValue upperBound | hasUpperBound(func, upperBound)) and + exists(IrqlValue lowerBound | hasLowerBound(func, lowerBound) and lowerBound <= 2) and + result = [any(IrqlValue lowerBound | hasLowerBound(func, lowerBound)) .. 2] + } + + /** Attempts to find an upper bound on the expected entry IRQL for a function. */ + private predicate hasUpperBound(Function func, IrqlValue upperBound) { + // The instanceof checks may seem redundant, but in fact they let us + // implement a "priority" if there are multiple, possibly conflicting annotations. + ( + func.(IrqlMaxAnnotatedFunction).getIrqlLevel() = upperBound + or + not func instanceof IrqlMaxAnnotatedFunction and + func.(IrqlAlwaysMaxFunction).getIrqlLevel() = upperBound + or + ( + not func instanceof IrqlMaxAnnotatedFunction and + not func instanceof IrqlAlwaysMaxFunction + ) and + func.(IrqlRequiresAnnotatedFunction).getIrqlLevel() = upperBound + or + ( + not func instanceof IrqlMaxAnnotatedFunction and + not func instanceof IrqlAlwaysMaxFunction and + not func instanceof IrqlRequiresAnnotatedFunction + ) and + func instanceof PagedFunctionDeclaration and + upperBound = 1 + ) + } + + /** Attempts to find a lower bound on the expected entry IRQL for a function. */ + private predicate hasLowerBound(Function func, IrqlValue lowerBound) { + // The instanceof checks may seem redundant, but in fact they let us + // implement a "priority" if there are multiple, possibly conflicting annotations. + ( + func.(IrqlMinAnnotatedFunction).getIrqlLevel() = lowerBound + or + not func instanceof IrqlMinAnnotatedFunction and + func.(IrqlAlwaysMinFunction).getIrqlLevel() = lowerBound + or + ( + not func instanceof IrqlMinAnnotatedFunction and + not func instanceof IrqlAlwaysMinFunction + ) and + func.(IrqlRequiresAnnotatedFunction).getIrqlLevel() = lowerBound + or + ( + not func instanceof IrqlMinAnnotatedFunction and + not func instanceof IrqlAlwaysMinFunction and + not func instanceof IrqlRequiresAnnotatedFunction + ) and + func instanceof PagedFunctionDeclaration and + lowerBound = 0 + ) + } \ No newline at end of file diff --git a/src/drivers/libraries/IrqlDataFlow.qll b/src/qlpack/src/drivers/libraries/IrqlDataFlow.qll similarity index 100% rename from src/drivers/libraries/IrqlDataFlow.qll rename to src/qlpack/src/drivers/libraries/IrqlDataFlow.qll diff --git a/src/drivers/libraries/IrqlDebug.qll b/src/qlpack/src/drivers/libraries/IrqlDebug.qll similarity index 100% rename from src/drivers/libraries/IrqlDebug.qll rename to src/qlpack/src/drivers/libraries/IrqlDebug.qll diff --git a/src/drivers/libraries/Page.qll b/src/qlpack/src/drivers/libraries/Page.qll similarity index 96% rename from src/drivers/libraries/Page.qll rename to src/qlpack/src/drivers/libraries/Page.qll index 5584e2d4..fa9b79bb 100644 --- a/src/drivers/libraries/Page.qll +++ b/src/qlpack/src/drivers/libraries/Page.qll @@ -1,106 +1,106 @@ -// Copyright (c) Microsoft Corporation. -// Licensed under the MIT license. -import cpp - -//Represents functions where a function has either PAGED_CODE or PAGED_CODE_LOCKED macro invocations - -class PagedFunc extends Function { - - PagedFunc() { - exists(MacroInvocation mi | - mi.getEnclosingFunction() = this and - mi.getMacroName() = ["PAGED_CODE", "PAGED_CODE_LOCKED"] - ) - } -} - -//Represents code_seg("PAGE") pragma -class CodeSegPragma extends PreprocessorPragma { - CodeSegPragma() { this.getHead().matches("code\\_seg%(%\"PAGE\")") } -} - -//Represents a code_seg() pragma -class DefaultCodeSegPragma extends PreprocessorPragma { - DefaultCodeSegPragma() { - this.getHead().matches("code\\_seg()") - or - this.getHead().matches("code\\_seg(\"INIT\")") - } -} - -//Represents alloc_text pragma -class AllocSegPragma extends PreprocessorPragma { - AllocSegPragma() { - this.getHead().matches("alloc\\_text%(%PAGE%") or - this.getHead().matches("NDIS\\_PAGEABLE\\_FUNCTION%") or - this.getHead().matches("NDIS\\_PAGABLE\\_FUNCTION%") - } -} - -//Evaluates to true if a PagedFunc was placed in a PAGE section using alloc_text pragma -predicate isAllocUsedToLocatePagedFunc(Function pf) { - exists(AllocSegPragma asp | - asp.getHead().matches("%" + pf.getName() + [" )", ")"]) and - asp.getFile() = pf.getFile() - ) -} - -//Evaluates to true if there is Macro Invocation above PagedFunc which expands to code_seg("PAGE") -predicate isPagedSegSetWithMacroAbove(Function f) { - exists(MacroInvocation ma | - ma.getMacro().getBody().matches("%code\\_seg(\"PAGE\")%") and - ma.getLocation().getStartLine() <= f.getLocation().getStartLine() and - f.getAnAttribute().getName() = "code_seg" and - ma.getFile() = f.getFile() - ) -} - -//Represents functions for whom code_seg() is set - -class FunctionWithPageReset extends Function { - DefaultCodeSegPragma dcs; - - - FunctionWithPageReset() { - exists(CodeSegPragma csp, DefaultCodeSegPragma dcsp | - this.getLocation().getStartLine() > csp.getLocation().getStartLine() and - dcsp.getFile() = csp.getFile() and - this.getFile() = csp.getFile() and - dcsp.getLocation().getStartLine() < this.getLocation().getStartLine() and - dcs = dcsp - ) - } - - - DefaultCodeSegPragma getCodeSeg() { result = dcs } -} - -//Represents functions for whom code_seg("PAGE") is set - -class FunctionWithPageSet extends Function { - - FunctionWithPageSet() { - exists(CodeSegPragma csp | - this.getLocation().getStartLine() > csp.getLocation().getStartLine() and - this.getFile() = csp.getFile() and - not exists(FunctionWithPageReset rf | - rf.getFile() = csp.getFile() and - rf = this and - rf.getCodeSeg().getLocation().getStartLine() > csp.getLocation().getStartLine() - ) - ) - } -} - -//Represents a paged section - -class PagedFunctionDeclaration extends Function { - - PagedFunctionDeclaration() { - isPagedSegSetWithMacroAbove(this) - or - this instanceof FunctionWithPageSet - or - isAllocUsedToLocatePagedFunc(this) - } -} +// Copyright (c) Microsoft Corporation. +// Licensed under the MIT license. +import cpp + +//Represents functions where a function has either PAGED_CODE or PAGED_CODE_LOCKED macro invocations + +class PagedFunc extends Function { + + PagedFunc() { + exists(MacroInvocation mi | + mi.getEnclosingFunction() = this and + mi.getMacroName() = ["PAGED_CODE", "PAGED_CODE_LOCKED"] + ) + } +} + +//Represents code_seg("PAGE") pragma +class CodeSegPragma extends PreprocessorPragma { + CodeSegPragma() { this.getHead().matches("code\\_seg%(%\"PAGE\")") } +} + +//Represents a code_seg() pragma +class DefaultCodeSegPragma extends PreprocessorPragma { + DefaultCodeSegPragma() { + this.getHead().matches("code\\_seg()") + or + this.getHead().matches("code\\_seg(\"INIT\")") + } +} + +//Represents alloc_text pragma +class AllocSegPragma extends PreprocessorPragma { + AllocSegPragma() { + this.getHead().matches("alloc\\_text%(%PAGE%") or + this.getHead().matches("NDIS\\_PAGEABLE\\_FUNCTION%") or + this.getHead().matches("NDIS\\_PAGABLE\\_FUNCTION%") + } +} + +//Evaluates to true if a PagedFunc was placed in a PAGE section using alloc_text pragma +predicate isAllocUsedToLocatePagedFunc(Function pf) { + exists(AllocSegPragma asp | + asp.getHead().matches("%" + pf.getName() + [" )", ")"]) and + asp.getFile() = pf.getFile() + ) +} + +//Evaluates to true if there is Macro Invocation above PagedFunc which expands to code_seg("PAGE") +predicate isPagedSegSetWithMacroAbove(Function f) { + exists(MacroInvocation ma | + ma.getMacro().getBody().matches("%code\\_seg(\"PAGE\")%") and + ma.getLocation().getStartLine() <= f.getLocation().getStartLine() and + f.getAnAttribute().getName() = "code_seg" and + ma.getFile() = f.getFile() + ) +} + +//Represents functions for whom code_seg() is set + +class FunctionWithPageReset extends Function { + DefaultCodeSegPragma dcs; + + + FunctionWithPageReset() { + exists(CodeSegPragma csp, DefaultCodeSegPragma dcsp | + this.getLocation().getStartLine() > csp.getLocation().getStartLine() and + dcsp.getFile() = csp.getFile() and + this.getFile() = csp.getFile() and + dcsp.getLocation().getStartLine() < this.getLocation().getStartLine() and + dcs = dcsp + ) + } + + + DefaultCodeSegPragma getCodeSeg() { result = dcs } +} + +//Represents functions for whom code_seg("PAGE") is set + +class FunctionWithPageSet extends Function { + + FunctionWithPageSet() { + exists(CodeSegPragma csp | + this.getLocation().getStartLine() > csp.getLocation().getStartLine() and + this.getFile() = csp.getFile() and + not exists(FunctionWithPageReset rf | + rf.getFile() = csp.getFile() and + rf = this and + rf.getCodeSeg().getLocation().getStartLine() > csp.getLocation().getStartLine() + ) + ) + } +} + +//Represents a paged section + +class PagedFunctionDeclaration extends Function { + + PagedFunctionDeclaration() { + isPagedSegSetWithMacroAbove(this) + or + this instanceof FunctionWithPageSet + or + isAllocUsedToLocatePagedFunc(this) + } +} diff --git a/src/drivers/libraries/RoleTypes.qll b/src/qlpack/src/drivers/libraries/RoleTypes.qll similarity index 96% rename from src/drivers/libraries/RoleTypes.qll rename to src/qlpack/src/drivers/libraries/RoleTypes.qll index 4f8fb9ed..0c879841 100644 --- a/src/drivers/libraries/RoleTypes.qll +++ b/src/qlpack/src/drivers/libraries/RoleTypes.qll @@ -1,351 +1,351 @@ -import cpp -import drivers.libraries.SAL -// import drivers.libraries.Irql // TODO: add this back in -import drivers.wdm.libraries.WdmDrivers -import drivers.kmdf.libraries.KmdfDrivers -import drivers.ndis.libraries.NdisDrivers -import drivers.storport.libraries.StorportDrivers - -/** - * Special case to check for RoleType equality for role types in wdfroletypes.h - */ -bindingset[rtt1, rtt2] -predicate isEqualRoleTypes(string rtt1, string rtt2) { - rtt1.matches("EVT_WDF_%_CONTEXT_DESTROY%") and - rtt2.matches("EVT_WDF_%_CONTEXT_DESTROY%") - or - rtt1.matches("EVT_WDF_%_CONTEXT_CLEANUP%") and - rtt2.matches("EVT_WDF_%_CONTEXT_CLEANUP%") - or - rtt1 = rtt2 -} - -/** - * Generic role type for WDM,KMDF, and others - */ -class RoleTypeType extends TypedefType { - RoleTypeType() { - this instanceof WdmRoleTypeType or - this instanceof KmdfRoleTypeType or - this instanceof NdisRoleTypeType or - this instanceof StorportRoleTypeType - } -} - -/** - * Role Type annotations which apply to entire functions - */ -class RoleTypeFunctionAnnotation extends SALAnnotation { - string roleTypeString; - string roleTypeName; - - RoleTypeFunctionAnnotation() { - ( - this.getMacroName().matches(["_Function_class_"]) and - roleTypeString = this.getUnexpandedArgument(0) - ) and - roleTypeName = this.getMacroName() - } - - /** - * Returns the raw text of the role type value used in this annotation. - */ - string getRoleTypeString() { result = roleTypeString } - - /** - * Returns the text of this annotation - */ - string getRoleTypeMacroName() { result = roleTypeName } -} - -/** - * A typedef that has Role Type annotations applied to it. - */ -class RoleTypeAnnotatedTypedef extends TypedefType { - RoleTypeFunctionAnnotation roleTypeAnnotation; - - RoleTypeAnnotatedTypedef() { roleTypeAnnotation.getTypedefDeclarations() = this } - - RoleTypeFunctionAnnotation getRoleTypeAnnotation() { result = roleTypeAnnotation } -} - -/** - * A function that is annotated to specify role type - */ -class RoleTypeAnnotatedFunction extends Function { - RoleTypeFunctionAnnotation roleTypeAnnotation; - - RoleTypeAnnotatedFunction() { - ( - this.hasCLinkage() and - exists( - FunctionDeclarationEntry fde // actual function declarations - | - fde = this.getADeclarationEntry() and - roleTypeAnnotation.getDeclarationEntry() = fde - ) - or - exists( - FunctionDeclarationEntry fde // typedefs - | - fde.getFunction() = this and - fde.getTypedefType().(RoleTypeAnnotatedTypedef).getRoleTypeAnnotation() = roleTypeAnnotation - ) - ) - } - - string getFuncRoleTypeAnnotation() { result = roleTypeAnnotation.getRoleTypeMacroName() } - - RoleTypeFunctionAnnotation getRoleTypeAnnotation() { result = roleTypeAnnotation } -} - -/** - * A function that is annotated or declared to specify role type - */ -class RoleTypeFunction extends Function { - RoleTypeType roleType; - - //int irqlLevel; // TODO: add this back in - RoleTypeFunction() { - this.hasCLinkage() and - ( - exists(FunctionDeclarationEntry fde | - ( - fde.getFunction() = this and - fde.getTypedefType() = roleType - ) - ) - or - this instanceof RoleTypeAnnotatedFunction and - roleType.getName() = - this.(RoleTypeAnnotatedFunction).getRoleTypeAnnotation().getRoleTypeString() - ) - // TODO: add this back in - // and - // if this instanceof IrqlRestrictsFunction - // then irqlLevel = getAllowableIrqlLevel(this) - // else irqlLevel = -1 - } - - // TODO: add this back in - // int getExpectedIrqlLevelString() { result = irqlLevel } - string getRoleTypeString() { result = roleType.getName() } - - RoleTypeType getRoleTypeType() { result = roleType } -} - -/** - */ -class DriverObjectFunctionAccess extends FunctionAccess { - RoleTypeType rttExpected; - - DriverObjectFunctionAccess() { - exists(VariableAccess driverObjectAccess, AssignExpr driverObjectAssign | - driverObjectAccess.getTarget().getType().getName().matches("PDRIVER_OBJECT") and - this = driverObjectAssign.getRValue() and - rttExpected = driverObjectAssign.getLValue().getUnderlyingType().(PointerType).getBaseType() - ) - } - - RoleTypeType getExpectedRoleTypeType() { result = rttExpected } -} - -/** - * Declared functions that are used as if they have a role type, wether or not they do - */ -class ImplicitRoleTypeFunction extends Function { - RoleTypeType rttExpected; - FunctionAccess funcUse; - - ImplicitRoleTypeFunction() { - ( - exists(FunctionCall fc, int n | fc.getArgument(n) instanceof FunctionAccess | - this = fc.getArgument(n).(FunctionAccess).getTarget() and - rttExpected = fc.getTarget().getParameter(n).getUnderlyingType().(PointerType).getBaseType() and - funcUse = fc.getArgument(n) - ) - or - exists(DriverObjectFunctionAccess funcAssign | - funcAssign.getTarget() = this and - rttExpected = funcAssign.getExpectedRoleTypeType() and - funcUse = funcAssign - ) - ) and - this.hasCLinkage() - } - - string getExpectedRoleTypeString() { result = rttExpected.getName() } - - RoleTypeType getExpectedRoleTypeType() { result = rttExpected } - - string getActualRoleTypeString() { - if not this instanceof RoleTypeFunction - then result = "" - else result = this.(RoleTypeFunction).getRoleTypeType().toString() - } - - // TODO: add this back in - // int getExpectedIrqlLevel() { - // if rttExpected instanceof IrqlAnnotatedTypedef - // then result = getAlloweableIrqlLevel(rttExpected) - // else result = -1 - // } - // int getFoundIrqlLevel() { - // if this instanceof IrqlRestrictsFunction - // then result = getAllowableIrqlLevel(this) - // else result = -1 - // } - FunctionAccess getFunctionUse() { result = funcUse } -} - -/** Predicates */ -predicate roleTypeAssignment(AssignExpr ae) { - exists(FunctionAccess fa | - ae.getRValue() = fa and - fa.getTarget() instanceof WdmDispatchRoutine - ) - or - ae.getRValue() instanceof AssignExpr and - roleTypeAssignment(ae.getRValue().(AssignExpr)) -} - -class ImplicitWdmRoutine extends Function { - ImplicitWdmRoutine(){ - this instanceof ImplicitRoleTypeFunction - } -} -/** A WDM DriverEntry callback routine. */ -class ImplicitWdmDriverEntry extends ImplicitWdmRoutine { - ImplicitWdmDriverEntry() { this.(ImplicitRoleTypeFunction).getExpectedRoleTypeString().matches("DRIVER_INITIALIZE") } - - string getExpectedMaxIrqlLevelString() { result = "PASSIVE_LEVEL" } - - string getExpectedMinIrqlLevelString() { result = "PASSIVE_LEVEL" } -} - -/** A WDM DrierStartIo callback routine */ -class ImplicitWdmDriverStartIo extends ImplicitWdmRoutine { - ImplicitWdmDriverStartIo() { this.(ImplicitRoleTypeFunction).getExpectedRoleTypeString().matches("DRIVER_STARTIO") } - - string getExpectedMaxIrqlLevelString() { result = "DISPATCH_LEVEL" } - - string getExpectedMinIrqlLevelString() { result = "DRIVER_STARTIO" } -} - -/** - * A WDM DriverUnload callback routine. - */ -class ImplicitWdmDriverUnload extends ImplicitWdmRoutine { - ImplicitWdmDriverUnload() { this.(ImplicitRoleTypeFunction).getExpectedRoleTypeString().matches("DRIVER_UNLOAD") } - - string getExpectedMaxIrqlLevelString() { result = "PASSIVE_LEVEL" } - - string getExpectedMinIrqlLevelString() { result = "PASSIVE_LEVEL" } -} - -// NOTE duplicate for backward compatibility with other query. Remove when other query is updated. -/** A WDM AddDevice callback routine. */ -class ImplicitWdmAddDevice extends ImplicitWdmRoutine { - ImplicitWdmAddDevice() { this.(ImplicitRoleTypeFunction).getExpectedRoleTypeString().matches("DRIVER_ADD_DEVICE") } -} - -/** - * A WDM DriverAddDevice callback routine. - */ -class ImplicitWdmDriverAddDevice extends ImplicitWdmRoutine { - ImplicitWdmDriverAddDevice() { this.(ImplicitRoleTypeFunction).getExpectedRoleTypeString().matches("DRIVER_ADD_DEVICE") } - - string getExpectedMaxIrqlLevelString() { result = "PASSIVE_LEVEL" } - - string getExpectedMinIrqlLevelString() { result = "PASSIVE_LEVEL" } -} - -/** - * A WDM DriverDispatch callback routine. - */ -class ImplicitWdmDriverDispatch extends ImplicitWdmRoutine { - ImplicitWdmDriverDispatch() { this.(ImplicitRoleTypeFunction).getExpectedRoleTypeString().matches("DRIVER_DISPATCH") } - - string getExpectedMaxIrqlLevelString() { result = "PASSIVE_LEVEL" } - - string getExpectedMinIrqlLevelString() { result = "PASSIVE_LEVEL" } -} - -/** - * A WDM IO completion routine. - */ -class ImplicitWdmDriverCompletionRoutine extends ImplicitWdmRoutine { - ImplicitWdmDriverCompletionRoutine() { this.(ImplicitRoleTypeFunction).getExpectedRoleTypeString().matches("IO_COMPLETION_ROUTINE") } - - string getExpectedMaxIrqlLevelString() { result = "DISPATCH_LEVEL" } - - string getExpectedMinIrqlLevelString() { result = "PASSIVE_LEVEL" } -} - -/** - * A WDM DriverCancel callback routine. - */ -class ImplicitWdmDriverCancel extends ImplicitWdmRoutine { - ImplicitWdmDriverCancel() { this.(ImplicitRoleTypeFunction).getExpectedRoleTypeString().matches("DRIVER_CANCEL") } - - string getExpectedMaxIrqlLevelString() { result = "DISPATCH_LEVEL" } - string getExpectedMinIrqlLevelString() { result = "DISPATCH_LEVEL" } - -} - -/** - * A WDM DriverDpcRoutine callback routine. - */ -class ImplicitWdmDriverDpcRoutine extends ImplicitWdmRoutine { - ImplicitWdmDriverDpcRoutine() { - this.(ImplicitRoleTypeFunction).getExpectedRoleTypeString().matches("IO_DPC_ROUTINE") - } - - string getExpectedMaxIrqlLevelString() { result = "DISPATCH_LEVEL" } - - string getExpectedMinIrqlLevelString() { result = "DISPATCH_LEVEL" } -} - -/** - * A WDM DriverDeferredRoutine callback routine. - */ -class ImplicitWdmDriverDeferredRoutine extends ImplicitWdmRoutine { - ImplicitWdmDriverDeferredRoutine() { this.(ImplicitRoleTypeFunction).getExpectedRoleTypeString().matches("KDEFERRED_ROUTINE") } - - string getExpectedMaxIrqlLevelString() { result = "DISPATCH_LEVEL" } - - string getExpectedMinIrqlLevelString() { result = "DISPATCH_LEVEL" } -} - -/** - * A WDM DriverServiceRoutine callback routine. - */ -class ImplicitWdmDriverServiceRoutine extends ImplicitWdmRoutine { - ImplicitWdmDriverServiceRoutine() { this.(ImplicitRoleTypeFunction).getExpectedRoleTypeString().matches("KSERVICE_ROUTINE") } - - string getExpectedMaxIrqlLevelString() { result = "DIRQL" } - - string getExpectedMinIrqlLevelString() { result = "DIRQL" } -} - -/** - * A WDM DriverPowerComplete callback routine. - */ -class ImplicitWdmDriverPowerComplete extends ImplicitWdmRoutine { - ImplicitWdmDriverPowerComplete() { this.(ImplicitRoleTypeFunction).getExpectedRoleTypeString().matches("REQUEST_POWER_COMPLETE") } - - string getExpectedMaxIrqlLevelString() { result = "DISPATCH_LEVEL" } - - string getExpectedMinIrqlLevelString() { result = "PASSIVE_LEVEL" } -} - -/** - * A WDM DriverWorkerThreadRoutine callback routine. - */ -class ImplicitWdmDriverWorkerThreadRoutine extends ImplicitWdmRoutine { - ImplicitWdmDriverWorkerThreadRoutine() { this.(ImplicitRoleTypeFunction).getExpectedRoleTypeString().matches("WORKER_THREAD_ROUTINE") } - - string getExpectedMaxIrqlLevelString() { result = "PASSIVE_LEVEL" } - - string getExpectedMinIrqlLevelString() { result = "PASSIVE_LEVEL" } +import cpp +import drivers.libraries.SAL +// import drivers.libraries.Irql // TODO: add this back in +import drivers.wdm.libraries.WdmDrivers +import drivers.kmdf.libraries.KmdfDrivers +import drivers.ndis.libraries.NdisDrivers +import drivers.storport.libraries.StorportDrivers + +/** + * Special case to check for RoleType equality for role types in wdfroletypes.h + */ +bindingset[rtt1, rtt2] +predicate isEqualRoleTypes(string rtt1, string rtt2) { + rtt1.matches("EVT_WDF_%_CONTEXT_DESTROY%") and + rtt2.matches("EVT_WDF_%_CONTEXT_DESTROY%") + or + rtt1.matches("EVT_WDF_%_CONTEXT_CLEANUP%") and + rtt2.matches("EVT_WDF_%_CONTEXT_CLEANUP%") + or + rtt1 = rtt2 +} + +/** + * Generic role type for WDM,KMDF, and others + */ +class RoleTypeType extends TypedefType { + RoleTypeType() { + this instanceof WdmRoleTypeType or + this instanceof KmdfRoleTypeType or + this instanceof NdisRoleTypeType or + this instanceof StorportRoleTypeType + } +} + +/** + * Role Type annotations which apply to entire functions + */ +class RoleTypeFunctionAnnotation extends SALAnnotation { + string roleTypeString; + string roleTypeName; + + RoleTypeFunctionAnnotation() { + ( + this.getMacroName().matches(["_Function_class_"]) and + roleTypeString = this.getUnexpandedArgument(0) + ) and + roleTypeName = this.getMacroName() + } + + /** + * Returns the raw text of the role type value used in this annotation. + */ + string getRoleTypeString() { result = roleTypeString } + + /** + * Returns the text of this annotation + */ + string getRoleTypeMacroName() { result = roleTypeName } +} + +/** + * A typedef that has Role Type annotations applied to it. + */ +class RoleTypeAnnotatedTypedef extends TypedefType { + RoleTypeFunctionAnnotation roleTypeAnnotation; + + RoleTypeAnnotatedTypedef() { roleTypeAnnotation.getTypedefDeclarations() = this } + + RoleTypeFunctionAnnotation getRoleTypeAnnotation() { result = roleTypeAnnotation } +} + +/** + * A function that is annotated to specify role type + */ +class RoleTypeAnnotatedFunction extends Function { + RoleTypeFunctionAnnotation roleTypeAnnotation; + + RoleTypeAnnotatedFunction() { + ( + this.hasCLinkage() and + exists( + FunctionDeclarationEntry fde // actual function declarations + | + fde = this.getADeclarationEntry() and + roleTypeAnnotation.getDeclarationEntry() = fde + ) + or + exists( + FunctionDeclarationEntry fde // typedefs + | + fde.getFunction() = this and + fde.getTypedefType().(RoleTypeAnnotatedTypedef).getRoleTypeAnnotation() = roleTypeAnnotation + ) + ) + } + + string getFuncRoleTypeAnnotation() { result = roleTypeAnnotation.getRoleTypeMacroName() } + + RoleTypeFunctionAnnotation getRoleTypeAnnotation() { result = roleTypeAnnotation } +} + +/** + * A function that is annotated or declared to specify role type + */ +class RoleTypeFunction extends Function { + RoleTypeType roleType; + + //int irqlLevel; // TODO: add this back in + RoleTypeFunction() { + this.hasCLinkage() and + ( + exists(FunctionDeclarationEntry fde | + ( + fde.getFunction() = this and + fde.getTypedefType() = roleType + ) + ) + or + this instanceof RoleTypeAnnotatedFunction and + roleType.getName() = + this.(RoleTypeAnnotatedFunction).getRoleTypeAnnotation().getRoleTypeString() + ) + // TODO: add this back in + // and + // if this instanceof IrqlRestrictsFunction + // then irqlLevel = getAllowableIrqlLevel(this) + // else irqlLevel = -1 + } + + // TODO: add this back in + // int getExpectedIrqlLevelString() { result = irqlLevel } + string getRoleTypeString() { result = roleType.getName() } + + RoleTypeType getRoleTypeType() { result = roleType } +} + +/** + */ +class DriverObjectFunctionAccess extends FunctionAccess { + RoleTypeType rttExpected; + + DriverObjectFunctionAccess() { + exists(VariableAccess driverObjectAccess, AssignExpr driverObjectAssign | + driverObjectAccess.getTarget().getType().getName().matches("PDRIVER_OBJECT") and + this = driverObjectAssign.getRValue() and + rttExpected = driverObjectAssign.getLValue().getUnderlyingType().(PointerType).getBaseType() + ) + } + + RoleTypeType getExpectedRoleTypeType() { result = rttExpected } +} + +/** + * Declared functions that are used as if they have a role type, wether or not they do + */ +class ImplicitRoleTypeFunction extends Function { + RoleTypeType rttExpected; + FunctionAccess funcUse; + + ImplicitRoleTypeFunction() { + ( + exists(FunctionCall fc, int n | fc.getArgument(n) instanceof FunctionAccess | + this = fc.getArgument(n).(FunctionAccess).getTarget() and + rttExpected = fc.getTarget().getParameter(n).getUnderlyingType().(PointerType).getBaseType() and + funcUse = fc.getArgument(n) + ) + or + exists(DriverObjectFunctionAccess funcAssign | + funcAssign.getTarget() = this and + rttExpected = funcAssign.getExpectedRoleTypeType() and + funcUse = funcAssign + ) + ) and + this.hasCLinkage() + } + + string getExpectedRoleTypeString() { result = rttExpected.getName() } + + RoleTypeType getExpectedRoleTypeType() { result = rttExpected } + + string getActualRoleTypeString() { + if not this instanceof RoleTypeFunction + then result = "" + else result = this.(RoleTypeFunction).getRoleTypeType().toString() + } + + // TODO: add this back in + // int getExpectedIrqlLevel() { + // if rttExpected instanceof IrqlAnnotatedTypedef + // then result = getAlloweableIrqlLevel(rttExpected) + // else result = -1 + // } + // int getFoundIrqlLevel() { + // if this instanceof IrqlRestrictsFunction + // then result = getAllowableIrqlLevel(this) + // else result = -1 + // } + FunctionAccess getFunctionUse() { result = funcUse } +} + +/** Predicates */ +predicate roleTypeAssignment(AssignExpr ae) { + exists(FunctionAccess fa | + ae.getRValue() = fa and + fa.getTarget() instanceof WdmDispatchRoutine + ) + or + ae.getRValue() instanceof AssignExpr and + roleTypeAssignment(ae.getRValue().(AssignExpr)) +} + +class ImplicitWdmRoutine extends Function { + ImplicitWdmRoutine(){ + this instanceof ImplicitRoleTypeFunction + } +} +/** A WDM DriverEntry callback routine. */ +class ImplicitWdmDriverEntry extends ImplicitWdmRoutine { + ImplicitWdmDriverEntry() { this.(ImplicitRoleTypeFunction).getExpectedRoleTypeString().matches("DRIVER_INITIALIZE") } + + string getExpectedMaxIrqlLevelString() { result = "PASSIVE_LEVEL" } + + string getExpectedMinIrqlLevelString() { result = "PASSIVE_LEVEL" } +} + +/** A WDM DrierStartIo callback routine */ +class ImplicitWdmDriverStartIo extends ImplicitWdmRoutine { + ImplicitWdmDriverStartIo() { this.(ImplicitRoleTypeFunction).getExpectedRoleTypeString().matches("DRIVER_STARTIO") } + + string getExpectedMaxIrqlLevelString() { result = "DISPATCH_LEVEL" } + + string getExpectedMinIrqlLevelString() { result = "DRIVER_STARTIO" } +} + +/** + * A WDM DriverUnload callback routine. + */ +class ImplicitWdmDriverUnload extends ImplicitWdmRoutine { + ImplicitWdmDriverUnload() { this.(ImplicitRoleTypeFunction).getExpectedRoleTypeString().matches("DRIVER_UNLOAD") } + + string getExpectedMaxIrqlLevelString() { result = "PASSIVE_LEVEL" } + + string getExpectedMinIrqlLevelString() { result = "PASSIVE_LEVEL" } +} + +// NOTE duplicate for backward compatibility with other query. Remove when other query is updated. +/** A WDM AddDevice callback routine. */ +class ImplicitWdmAddDevice extends ImplicitWdmRoutine { + ImplicitWdmAddDevice() { this.(ImplicitRoleTypeFunction).getExpectedRoleTypeString().matches("DRIVER_ADD_DEVICE") } +} + +/** + * A WDM DriverAddDevice callback routine. + */ +class ImplicitWdmDriverAddDevice extends ImplicitWdmRoutine { + ImplicitWdmDriverAddDevice() { this.(ImplicitRoleTypeFunction).getExpectedRoleTypeString().matches("DRIVER_ADD_DEVICE") } + + string getExpectedMaxIrqlLevelString() { result = "PASSIVE_LEVEL" } + + string getExpectedMinIrqlLevelString() { result = "PASSIVE_LEVEL" } +} + +/** + * A WDM DriverDispatch callback routine. + */ +class ImplicitWdmDriverDispatch extends ImplicitWdmRoutine { + ImplicitWdmDriverDispatch() { this.(ImplicitRoleTypeFunction).getExpectedRoleTypeString().matches("DRIVER_DISPATCH") } + + string getExpectedMaxIrqlLevelString() { result = "PASSIVE_LEVEL" } + + string getExpectedMinIrqlLevelString() { result = "PASSIVE_LEVEL" } +} + +/** + * A WDM IO completion routine. + */ +class ImplicitWdmDriverCompletionRoutine extends ImplicitWdmRoutine { + ImplicitWdmDriverCompletionRoutine() { this.(ImplicitRoleTypeFunction).getExpectedRoleTypeString().matches("IO_COMPLETION_ROUTINE") } + + string getExpectedMaxIrqlLevelString() { result = "DISPATCH_LEVEL" } + + string getExpectedMinIrqlLevelString() { result = "PASSIVE_LEVEL" } +} + +/** + * A WDM DriverCancel callback routine. + */ +class ImplicitWdmDriverCancel extends ImplicitWdmRoutine { + ImplicitWdmDriverCancel() { this.(ImplicitRoleTypeFunction).getExpectedRoleTypeString().matches("DRIVER_CANCEL") } + + string getExpectedMaxIrqlLevelString() { result = "DISPATCH_LEVEL" } + string getExpectedMinIrqlLevelString() { result = "DISPATCH_LEVEL" } + +} + +/** + * A WDM DriverDpcRoutine callback routine. + */ +class ImplicitWdmDriverDpcRoutine extends ImplicitWdmRoutine { + ImplicitWdmDriverDpcRoutine() { + this.(ImplicitRoleTypeFunction).getExpectedRoleTypeString().matches("IO_DPC_ROUTINE") + } + + string getExpectedMaxIrqlLevelString() { result = "DISPATCH_LEVEL" } + + string getExpectedMinIrqlLevelString() { result = "DISPATCH_LEVEL" } +} + +/** + * A WDM DriverDeferredRoutine callback routine. + */ +class ImplicitWdmDriverDeferredRoutine extends ImplicitWdmRoutine { + ImplicitWdmDriverDeferredRoutine() { this.(ImplicitRoleTypeFunction).getExpectedRoleTypeString().matches("KDEFERRED_ROUTINE") } + + string getExpectedMaxIrqlLevelString() { result = "DISPATCH_LEVEL" } + + string getExpectedMinIrqlLevelString() { result = "DISPATCH_LEVEL" } +} + +/** + * A WDM DriverServiceRoutine callback routine. + */ +class ImplicitWdmDriverServiceRoutine extends ImplicitWdmRoutine { + ImplicitWdmDriverServiceRoutine() { this.(ImplicitRoleTypeFunction).getExpectedRoleTypeString().matches("KSERVICE_ROUTINE") } + + string getExpectedMaxIrqlLevelString() { result = "DIRQL" } + + string getExpectedMinIrqlLevelString() { result = "DIRQL" } +} + +/** + * A WDM DriverPowerComplete callback routine. + */ +class ImplicitWdmDriverPowerComplete extends ImplicitWdmRoutine { + ImplicitWdmDriverPowerComplete() { this.(ImplicitRoleTypeFunction).getExpectedRoleTypeString().matches("REQUEST_POWER_COMPLETE") } + + string getExpectedMaxIrqlLevelString() { result = "DISPATCH_LEVEL" } + + string getExpectedMinIrqlLevelString() { result = "PASSIVE_LEVEL" } +} + +/** + * A WDM DriverWorkerThreadRoutine callback routine. + */ +class ImplicitWdmDriverWorkerThreadRoutine extends ImplicitWdmRoutine { + ImplicitWdmDriverWorkerThreadRoutine() { this.(ImplicitRoleTypeFunction).getExpectedRoleTypeString().matches("WORKER_THREAD_ROUTINE") } + + string getExpectedMaxIrqlLevelString() { result = "PASSIVE_LEVEL" } + + string getExpectedMinIrqlLevelString() { result = "PASSIVE_LEVEL" } } \ No newline at end of file diff --git a/src/drivers/libraries/SAL.qll b/src/qlpack/src/drivers/libraries/SAL.qll similarity index 100% rename from src/drivers/libraries/SAL.qll rename to src/qlpack/src/drivers/libraries/SAL.qll diff --git a/src/drivers/libraries/Suppression.qll b/src/qlpack/src/drivers/libraries/Suppression.qll similarity index 100% rename from src/drivers/libraries/Suppression.qll rename to src/qlpack/src/drivers/libraries/Suppression.qll diff --git a/src/drivers/libraries/wfp.qll b/src/qlpack/src/drivers/libraries/wfp.qll similarity index 100% rename from src/drivers/libraries/wfp.qll rename to src/qlpack/src/drivers/libraries/wfp.qll diff --git a/src/drivers/ndis/libraries/NdisDrivers.qll b/src/qlpack/src/drivers/ndis/libraries/NdisDrivers.qll similarity index 97% rename from src/drivers/ndis/libraries/NdisDrivers.qll rename to src/qlpack/src/drivers/ndis/libraries/NdisDrivers.qll index 8220edb8..544ae9e2 100644 --- a/src/drivers/ndis/libraries/NdisDrivers.qll +++ b/src/qlpack/src/drivers/ndis/libraries/NdisDrivers.qll @@ -1,845 +1,845 @@ -/** - * This QL library defines classes and predicates for analyzing NDIS drivers. - * It provides definitions for NDIS dispatch routines, callback routines, and role types. - * The library also includes a typedef for the standard NDIS callback routines. - */ - -// Copyright (c) Microsoft Corporation. -// Licensed under the MIT license. -import cpp -import drivers.libraries.SAL - -/** - * NDIS dispatch routine class. - * We hold a routine to be a dispatch routine if there is - * an assignment in DriverEntry that assigns the function to - * the dispatch table. - */ -class NdisDispatchRoutine extends NdisCallbackRoutine { - /** - * The OID type covered by this dispatch routine. - */ - Literal dispatchType; - /** The DriverEntry function this dispatch routine was assigned in. */ - NdisDriverEntry driverEntry; - - /** - * Dispatch routines are defined by assignments of the form - * MiniportDriverObject->DriverDispatch->MiniportXxxHandler = XxxHandler; - * This characteristic predicate thus looks for assignments of this form - * where the right-side value is a function with the NDIS_DISPATCH typedef. - */ - NdisDispatchRoutine() { - callbackType.getName().matches("NDIS_DISPATCH") and - exists( - NdisCallbackRoutineAssignment cra, PointerFieldAccess dispatchTable, - PointerFieldAccess fieldAccess, VariableAccess driverObjectAccess - | - cra.getLValue() = fieldAccess and - fieldAccess.getQualifier() = dispatchTable and - dispatchTable.getQualifier() = driverObjectAccess and - driverObjectAccess.getTarget().getType().getName().matches("PNDIS_MINIPORT_BLOCK") and - cra.getTarget() = this and - cra.getEnclosingFunction() = driverEntry - ) - } - - /** Gets the OID type this dispatch routine handles, as a number. */ - - Literal getDispatchType() { result = dispatchType } - - /** Gets the DriverEntry this dispatch routine was assigned in. */ - - NdisDriverEntry getDriverEntry() { result = driverEntry } -} - -/** An assignment where the right-hand side is a NDIS callback routine. */ -class NdisCallbackRoutineAssignment extends AssignExpr { - /* - * A common paradigm in dispatch routine setup is to chain assignments to cover multiple IRPs. - * As such, it's necessary to recursively walk the assignment to handle cases such as - * DriverObject->MajorFunction[IRP_MJ_CREATE] = - * DriverObject->MajorFunction[IRP_MJ_OPEN] = - * MyMultiFunctionIrpHandler; - * However, characterstic predicates cannot be recurisve, so the logic is placed in a separate - * predicate below, isNdisCallbackRoutineAssignment. - */ - - NdisCallbackRoutineAssignment() { isNdisCallbackRoutineAssignment(this) } - - /** Gets the callback routine that this dispatch routine assignment is targeting. */ - - NdisCallbackRoutine getTarget() { - if - exists(FunctionAccess fa | - this.getRValue() = fa and - fa.getTarget() instanceof NdisCallbackRoutine - ) - then result = this.getRValue().(FunctionAccess).getTarget() - else result = getTarget_aux(this.getRValue()) - } - - /** Auxilliary function to getTarget(). */ - private NdisCallbackRoutine getTarget_aux(AssignExpr ae) { - if - exists(FunctionAccess fa | - ae.getRValue() = fa and - fa.getTarget() instanceof NdisCallbackRoutine - ) - then result = ae.getRValue().(FunctionAccess).getTarget() - else result = getTarget_aux(ae.getRValue()) - } -} - -/** Determines if a given assignment, recursively, has a NDIS callback routine as the right-hand side. */ -private predicate isNdisCallbackRoutineAssignment(AssignExpr ae) { - exists(FunctionAccess fa | - ae.getRValue() = fa and - fa.getTarget() instanceof NdisCallbackRoutine - ) - or - ae.getRValue() instanceof AssignExpr and - isNdisCallbackRoutineAssignment(ae.getRValue().(AssignExpr)) -} - -/** A typedef for Role Types */ -class NdisRoleTypeType extends TypedefType { - NdisRoleTypeType() { - ( - this.getName().matches("MINIPORT_PROCESS_SG_LIST") or - this.getName().matches("NDIS_TIMER_FUNCTION") or - this.getName().matches("NDIS_IO_WORKITEM") or - this.getName().matches("MINIPORT_ADD_DEVICE") or - this.getName().matches("MINIPORT_CANCEL_DIRECT_OID_REQUEST") or - this.getName().matches("MINIPORT_DIRECT_OID_REQUEST") or - this.getName().matches("MINIPORT_FILTER_RESOURCE_REQUIREMENTS") or - this.getName().matches("MINIPORT_START_DEVICE") or - this.getName().matches("MINIPORT_SYNCHRONIZE_MESSAGE_INTERRUPT") or - this.getName().matches("NDIS_IO_WORKITEM_FUNCTION") or - this.getName().matches("FILTER_ATTACH") or - this.getName().matches("FILTER_CANCEL_DIRECT_OID_REQUEST") or - this.getName().matches("FILTER_CANCEL_SEND_NET_BUFFER_LISTS") or - this.getName().matches("FILTER_CANCEL_OID_REQUEST") or - this.getName().matches("FILTER_DETACH") or - this.getName().matches("FILTER_DEVICE_PNP_EVENT_NOTIFY") or - this.getName().matches("FILTER_DIRECT_OID_REQUEST") or - this.getName().matches("FILTER_DIRECT_OID_REQUEST_COMPLETE") or - this.getName().matches("DRIVER_UNLOAD") or - this.getName().matches("FILTER_NET_PNP_EVENT") or - this.getName().matches("FILTER_OID_REQUEST") or - this.getName().matches("FILTER_OID_REQUEST_COMPLETE") or - this.getName().matches("FILTER_PAUSE") or - this.getName().matches("FILTER_RECEIVE_NET_BUFFER_LISTS") or - this.getName().matches("FILTER_RESTART") or - this.getName().matches("FILTER_RETURN_NET_BUFFER_LISTS") or - this.getName().matches("FILTER_SEND_NET_BUFFER_LISTS") or - this.getName().matches("FILTER_SEND_NET_BUFFER_LISTS_COMPLETE") or - this.getName().matches("FILTER_SET_MODULE_OPTIONS") or - this.getName().matches("FILTER_SET_OPTIONS") or - this.getName().matches("FILTER_STATUS") or - this.getName().matches("MINIPORT_CO_ACTIVATE_VC") or - this.getName().matches("MINIPORT_CO_CREATE_VC") or - this.getName().matches("MINIPORT_CO_DEACTIVATE_VC") or - this.getName().matches("MINIPORT_CO_DELETE_VC") or - this.getName().matches("MINIPORT_CO_OID_REQUEST") or - this.getName().matches("MINIPORT_CO_SEND_NET_BUFFER_LISTS") or - this.getName().matches("PROTOCOL_BIND_ADAPTER_EX") or - this.getName().matches("PROTOCOL_CLOSE_ADAPTER_COMPLETE_EX") or - this.getName().matches("PROTOCOL_DIRECT_OID_REQUEST_COMPLETE") or - this.getName().matches("PROTOCOL_NET_PNP_EVENT") or - this.getName().matches("PROTOCOL_OID_REQUEST_COMPLETE") or - this.getName().matches("PROTOCOL_OPEN_ADAPTER_COMPLETE_EX") or - this.getName().matches("PROTOCOL_RECEIVE_NET_BUFFER_LISTS") or - this.getName().matches("PROTOCOL_SEND_NET_BUFFER_LISTS_COMPLETE") or - this.getName().matches("PROTOCOL_SET_OPTIONS") or - this.getName().matches("PROTOCOL_STATUS_EX") or - this.getName().matches("PROTOCOL_UNBIND_ADAPTER_EX") or - this.getName().matches("PROTOCOL_UNINSTALL") or - this.getName().matches("PROTOCOL_CL_ADD_PARTY_COMPLETE") or - this.getName().matches("PROTOCOL_CL_CALL_CONNECTED") or - this.getName().matches("PROTOCOL_CL_CLOSE_AF_COMPLETE") or - this.getName().matches("PROTOCOL_CL_CLOSE_CALL_COMPLETE") or - this.getName().matches("PROTOCOL_CL_DEREGISTER_SAP_COMPLETE") or - this.getName().matches("PROTOCOL_CL_DROP_PARTY_COMPLETE") or - this.getName().matches("PROTOCOL_CL_INCOMING_CALL") or - this.getName().matches("PROTOCOL_CL_INCOMING_CALL_QOS_CHANGE") or - this.getName().matches("PROTOCOL_CL_INCOMING_CLOSE_CALL") or - this.getName().matches("PROTOCOL_CL_INCOMING_DROP_PARTY") or - this.getName().matches("PROTOCOL_CL_MAKE_CALL_COMPLETE") or - this.getName().matches("PROTOCOL_CL_MODIFY_CALL_QOS_COMPLETE") or - this.getName().matches("PROTOCOL_CL_NOTIFY_CLOSE_AF") or - this.getName().matches("PROTOCOL_CL_OPEN_AF_COMPLETE") or - this.getName().matches("PROTOCOL_CL_OPEN_AF_COMPLETE_EX") or - this.getName().matches("PROTOCOL_CL_REGISTER_SAP_COMPLETE") or - this.getName().matches("PROTOCOL_CM_ACTIVATE_VC_COMPLETE") or - this.getName().matches("PROTOCOL_CM_ADD_PARTY") or - this.getName().matches("PROTOCOL_CM_CLOSE_AF") or - this.getName().matches("PROTOCOL_CM_CLOSE_CALL") or - this.getName().matches("PROTOCOL_CM_DEACTIVATE_VC_COMPLETE") or - this.getName().matches("PROTOCOL_CM_DEREGISTER_SAP") or - this.getName().matches("PROTOCOL_CM_DROP_PARTY") or - this.getName().matches("PROTOCOL_CM_INCOMING_CALL_COMPLETE") or - this.getName().matches("PROTOCOL_CM_MAKE_CALL") or - this.getName().matches("PROTOCOL_CM_MODIFY_QOS_CALL") or - this.getName().matches("PROTOCOL_CM_NOTIFY_CLOSE_AF_COMPLETE") or - this.getName().matches("PROTOCOL_CM_OPEN_AF") or - this.getName().matches("PROTOCOL_CM_REG_SAP") or - this.getName().matches("PROTCOL_CO_AF_REGISTER_NOTIFY") or - this.getName().matches("PROTOCOL_CO_CREATE_VC") or - this.getName().matches("PROTOCOL_CO_DELETE_VC") or - this.getName().matches("PROTOCOL_CO_OID_REQUEST") or - this.getName().matches("PROTOCOL_CO_OID_REQUEST_COMPLETE") or - this.getName().matches("PROTOCOL_CO_RECEIVE_NET_BUFFER_LISTS") or - this.getName().matches("PROTOCOL_CO_SEND_NET_BUFFER_LISTS_COMPLETE") or - this.getName().matches("PROTOCOL_CO_STATUS_EX") - ) - } -} - -/** A typedef for the standard NDIS callback routines. Aka Role Types */ -class NdisCallbackRoutineTypedef extends NdisRoleTypeType { - NdisCallbackRoutineTypedef() { this.getFile().getBaseName().matches("ndis.h") } -} - -/** - * Represents a function implementing a NDIS callback routine. - * Defines a function to be a callback routine iff it has a typedef - * in its definition which matches the NDIS callback typedefs, and it - * is in a NDIS driver (includes wdm.h.) - */ -class NdisCallbackRoutine extends Function { - /** The callback routine type, i.e. DRIVER_UNLOAD. */ - NdisCallbackRoutineTypedef callbackType; - - NdisCallbackRoutine() { - exists(FunctionDeclarationEntry fde | - fde.getFunction() = this and - fde.getTypedefType() = callbackType - ) - } -} - - -/** A NDIS DriverEntry callback routine. */ -class NdisDriverEntry extends NdisCallbackRoutine { - NdisDriverEntry() { callbackType.getName().matches("DRIVER_INITIALIZE") } -} - -/** A NDIS MiniportAllocateSharedMemoryComplete callback routine. */ -class NdisMiniportAllocateSharedMemoryComplete extends NdisCallbackRoutine { - NdisMiniportAllocateSharedMemoryComplete() { - callbackType.getName().matches("MINIPORT_ALLOCATE_SHARED_MEM_COMPLETE") - } -} - -/** A NDIS MiniportHalt callback routine. */ -class NdisMiniportHalt extends NdisCallbackRoutine { - NdisMiniportHalt() { callbackType.getName().matches("MINIPORT_HALT") } -} - -/** A NDIS MiniportSetOptions callback routine. */ -class NdisMiniportSetOptions extends NdisCallbackRoutine { - NdisMiniportSetOptions() { callbackType.getName().matches("MINIPORT_SET_OPTIONS") } -} - -/** A NDIS MiniportInitialize callback routine. */ -class NdisMiniportInitialize extends NdisCallbackRoutine { - NdisMiniportInitialize() { callbackType.getName().matches("MINIPORT_INITIALIZE") } -} - -/** A NDIS MiniportPause callback routine. */ -class NdisMiniportPause extends NdisCallbackRoutine { - NdisMiniportPause() { callbackType.getName().matches("MINIPORT_PAUSE") } -} - -/** A NDIS MiniportRestart callback routine. */ -class NdisMiniportRestart extends NdisCallbackRoutine { - NdisMiniportRestart() { callbackType.getName().matches("MINIPORT_RESTART") } -} - -/** A NDIS MiniportOidRequest callback routine. */ -class NdisMiniportOidRequest extends NdisCallbackRoutine { - NdisMiniportOidRequest() { callbackType.getName().matches("MINIPORT_OID_REQUEST") } -} - -/** A NDIS MiniportInterruptDpc callback routine. */ -class NdisMiniportInterruptDpc extends NdisCallbackRoutine { - NdisMiniportInterruptDpc() { callbackType.getName().matches("MINIPORT_INTERRUPT_DPC") } -} - -/** A NDIS MiniportIsr callback routine. */ -class NdisMiniportIsr extends NdisCallbackRoutine { - NdisMiniportIsr() { callbackType.getName().matches("MINIPORT_ISR") } -} - -/** A NDIS MiniportReset callback routine. */ -class NdisMiniportReset extends NdisCallbackRoutine { - NdisMiniportReset() { callbackType.getName().matches("MINIPORT_RESET") } -} - -/** A NDIS MiniportReturnNetBufferLists callback routine. */ -class NdisMiniportReturnNetBufferLists extends NdisCallbackRoutine { - NdisMiniportReturnNetBufferLists() { - callbackType.getName().matches("MINIPORT_RETURN_NET_BUFFER_LISTS") - } -} - -/** A NDIS MiniportCancelOidRequest callback routine. */ -class NdisMiniportCancelOidRequest extends NdisCallbackRoutine { - NdisMiniportCancelOidRequest() { callbackType.getName().matches("MINIPORT_CANCEL_OID_REQUEST") } -} - -/** A NDIS MiniportShutdown callback routine. */ -class NdisMiniportShutdown extends NdisCallbackRoutine { - NdisMiniportShutdown() { callbackType.getName().matches("MINIPORT_SHUTDOWN") } -} - -/** A NDIS MiniportSendNetBufferLists callback routine. */ -class NdisMiniportSendNetBufferLists extends NdisCallbackRoutine { - NdisMiniportSendNetBufferLists() { - callbackType.getName().matches("MINIPORT_SEND_NET_BUFFER_LISTS") - } -} - -/** A NDIS MiniportCancelSend callback routine. */ -class NdisMiniportCancelSend extends NdisCallbackRoutine { - NdisMiniportCancelSend() { callbackType.getName().matches("MINIPORT_CANCEL_SEND") } -} - -/** A NDIS MiniportDevicePnpEventNotify callback routine. */ -class NdisMiniportDevicePnpEventNotify extends NdisCallbackRoutine { - NdisMiniportDevicePnpEventNotify() { - callbackType.getName().matches("MINIPORT_DEVICE_PNP_EVENT_NOTIFY") - } -} - -/** A NDIS MiniportUnload callback routine. */ -class NdisMiniportUnload extends NdisCallbackRoutine { - NdisMiniportUnload() { callbackType.getName().matches("MINIPORT_UNLOAD") } -} - -/** A NDIS MiniportCheckForHang callback routine. */ -class NdisMiniportCheckForHang extends NdisCallbackRoutine { - NdisMiniportCheckForHang() { callbackType.getName().matches("MINIPORT_CHECK_FOR_HANG") } -} - -/** A NDIS MiniportEnableInterrupt callback routine. */ -class NdisMiniportEnableInterrupt extends NdisCallbackRoutine { - NdisMiniportEnableInterrupt() { callbackType.getName().matches("MINIPORT_ENABLE_INTERRUPT") } -} - -/** A NDIS MiniportDisableInterrupt callback routine. */ -class NdisMiniportDisableInterrupt extends NdisCallbackRoutine { - NdisMiniportDisableInterrupt() { callbackType.getName().matches("MINIPORT_DISABLE_INTERRUPT") } -} - -/** A NDIS MiniportSynchronizeInterrupt callback routine. */ -class NdisMiniportSynchronizeInterrupt extends NdisCallbackRoutine { - NdisMiniportSynchronizeInterrupt() { - callbackType.getName().matches("MINIPORT_SYNCHRONIZE_INTERRUPT") - } -} - -/** A NDIS MiniportProcessSgList callback routine. */ -class NdisMiniportProcessSgList extends NdisCallbackRoutine { - NdisMiniportProcessSgList() { callbackType.getName().matches("MINIPORT_PROCESS_SG_LIST") } -} - -/** A NDIS timer callback routine. */ -class NdisTimerFunction extends NdisCallbackRoutine { - NdisTimerFunction() { callbackType.getName().matches("NDIS_TIMER_FUNCTION") } -} - -/** A NDIS I/O work item callback routine. */ -class NdisIoWorkitem extends NdisCallbackRoutine { - NdisIoWorkitem() { callbackType.getName().matches("NDIS_IO_WORKITEM") } -} - -/** A NDIS MiniportAddDevice callback routine. */ -class NdisMiniportAddDevice extends NdisCallbackRoutine { - NdisMiniportAddDevice() { callbackType.getName().matches("MINIPORT_ADD_DEVICE") } -} - -/** A NDIS MiniportCancelDirectOidRequest callback routine. */ -class NdisMiniportCancelDirectOidRequest extends NdisCallbackRoutine { - NdisMiniportCancelDirectOidRequest() { - callbackType.getName().matches("MINIPORT_CANCEL_DIRECT_OID_REQUEST") - } -} - -/** A NDIS MiniportDirectOidRequest callback routine. */ -class NdisMiniportDirectOidRequest extends NdisCallbackRoutine { - NdisMiniportDirectOidRequest() { callbackType.getName().matches("MINIPORT_DIRECT_OID_REQUEST") } -} - -/** A NDIS MiniportFilterResourceRequirements callback routine. */ -class NdisMiniportFilterResourceRequirements extends NdisCallbackRoutine { - NdisMiniportFilterResourceRequirements() { - callbackType.getName().matches("MINIPORT_FILTER_RESOURCE_REQUIREMENTS") - } -} - -/** A NDIS MiniportStartDevice callback routine. */ -class NdisMiniportStartDevice extends NdisCallbackRoutine { - NdisMiniportStartDevice() { callbackType.getName().matches("MINIPORT_START_DEVICE") } -} - -/** A NDIS MiniportSynchronizeMessageInterrupt callback routine. */ -class NdisMiniportSynchronizeMessageInterrupt extends NdisCallbackRoutine { - NdisMiniportSynchronizeMessageInterrupt() { - callbackType.getName().matches("MINIPORT_SYNCHRONIZE_MESSAGE_INTERRUPT") - } -} - -/** A NDIS IoWorkItemFunction callback routine. */ -class NdisIoWorkItemFunction extends NdisCallbackRoutine { - NdisIoWorkItemFunction() { callbackType.getName().matches("NDIS_IO_WORKITEM_FUNCTION") } -} - -/** A NDIS filter attach callback routine. */ -class NdisFilterAttach extends NdisCallbackRoutine { - NdisFilterAttach() { callbackType.getName().matches("FILTER_ATTACH") } -} - -/** A NDIS filter cancel direct OID request callback routine. */ -class NdisFilterCancelDirectOidRequest extends NdisCallbackRoutine { - NdisFilterCancelDirectOidRequest() { - callbackType.getName().matches("FILTER_CANCEL_DIRECT_OID_REQUEST") - } -} - -/** A NDIS filter cancel send net buffer lists callback routine. */ -class NdisFilterCancelSendNetBufferLists extends NdisCallbackRoutine { - NdisFilterCancelSendNetBufferLists() { - callbackType.getName().matches("FILTER_CANCEL_SEND_NET_BUFFER_LISTS") - } -} - -/** A NDIS filter cancel OID request callback routine. */ -class NdisFilterCancelOidRequest extends NdisCallbackRoutine { - NdisFilterCancelOidRequest() { callbackType.getName().matches("FILTER_CANCEL_OID_REQUEST") } -} - -/** A NDIS filter detach callback routine. */ -class NdisFilterDetach extends NdisCallbackRoutine { - NdisFilterDetach() { callbackType.getName().matches("FILTER_DETACH") } -} - -/** A NDIS filter device PNP event notify callback routine. */ -class NdisFilterDevicePnpEventNotify extends NdisCallbackRoutine { - NdisFilterDevicePnpEventNotify() { - callbackType.getName().matches("FILTER_DEVICE_PNP_EVENT_NOTIFY") - } -} - -/** A NDIS filter direct OID request callback routine. */ -class NdisFilterDirectOidRequest extends NdisCallbackRoutine { - NdisFilterDirectOidRequest() { callbackType.getName().matches("FILTER_DIRECT_OID_REQUEST") } -} - -/** A NDIS filter direct OID request complete callback routine. */ -class NdisFilterDirectOidRequestComplete extends NdisCallbackRoutine { - NdisFilterDirectOidRequestComplete() { - callbackType.getName().matches("FILTER_DIRECT_OID_REQUEST_COMPLETE") - } -} - -/** A NDIS driver unload callback routine. */ -class NdisDriverUnload extends NdisCallbackRoutine { - NdisDriverUnload() { callbackType.getName().matches("DRIVER_UNLOAD") } -} - -/** A NDIS filter net PNP event callback routine. */ -class NdisFilterNetPnpEvent extends NdisCallbackRoutine { - NdisFilterNetPnpEvent() { callbackType.getName().matches("FILTER_NET_PNP_EVENT") } -} - -/** A NDIS filter OID request callback routine. */ -class NdisFilterOidRequest extends NdisCallbackRoutine { - NdisFilterOidRequest() { callbackType.getName().matches("FILTER_OID_REQUEST") } -} - -/** A NDIS filter OID request complete callback routine. */ -class NdisFilterOidRequestComplete extends NdisCallbackRoutine { - NdisFilterOidRequestComplete() { callbackType.getName().matches("FILTER_OID_REQUEST_COMPLETE") } -} - -/** A NDIS filter pause callback routine. */ -class NdisFilterPause extends NdisCallbackRoutine { - NdisFilterPause() { callbackType.getName().matches("FILTER_PAUSE") } -} - -/** A NDIS filter receive net buffer lists callback routine. */ -class NdisFilterReceiveNetBufferLists extends NdisCallbackRoutine { - NdisFilterReceiveNetBufferLists() { - callbackType.getName().matches("FILTER_RECEIVE_NET_BUFFER_LISTS") - } -} - -/** A NDIS filter restart callback routine. */ -class NdisFilterRestart extends NdisCallbackRoutine { - NdisFilterRestart() { callbackType.getName().matches("FILTER_RESTART") } -} - -/** A NDIS filter return net buffer lists callback routine. */ -class NdisFilterReturnNetBufferLists extends NdisCallbackRoutine { - NdisFilterReturnNetBufferLists() { - callbackType.getName().matches("FILTER_RETURN_NET_BUFFER_LISTS") - } -} - -/** A NDIS filter send net buffer lists callback routine. */ -class NdisFilterSendNetBufferLists extends NdisCallbackRoutine { - NdisFilterSendNetBufferLists() { callbackType.getName().matches("FILTER_SEND_NET_BUFFER_LISTS") } -} - -/** A NDIS filter send net buffer lists complete callback routine. */ -class NdisFilterSendNetBufferListsComplete extends NdisCallbackRoutine { - NdisFilterSendNetBufferListsComplete() { - callbackType.getName().matches("FILTER_SEND_NET_BUFFER_LISTS_COMPLETE") - } -} - -/** A NDIS filter set module options callback routine. */ -class NdisFilterSetModuleOptions extends NdisCallbackRoutine { - NdisFilterSetModuleOptions() { callbackType.getName().matches("FILTER_SET_MODULE_OPTIONS") } -} - -/** A NDIS filter set options callback routine. */ -class NdisFilterSetOptions extends NdisCallbackRoutine { - NdisFilterSetOptions() { callbackType.getName().matches("FILTER_SET_OPTIONS") } -} - -/** A NDIS filter status callback routine. */ -class NdisFilterStatus extends NdisCallbackRoutine { - NdisFilterStatus() { callbackType.getName().matches("FILTER_STATUS") } -} - -/** A NDIS miniport CO activate VC callback routine. */ -class NdisMiniportCoActivateVc extends NdisCallbackRoutine { - NdisMiniportCoActivateVc() { callbackType.getName().matches("MINIPORT_CO_ACTIVATE_VC") } -} - -/** A NDIS miniport CO create VC callback routine. */ -class NdisMiniportCoCreateVc extends NdisCallbackRoutine { - NdisMiniportCoCreateVc() { callbackType.getName().matches("MINIPORT_CO_CREATE_VC") } -} - -/** A NDIS miniport CO deactivate VC callback routine. */ -class NdisMiniportCoDeactivateVc extends NdisCallbackRoutine { - NdisMiniportCoDeactivateVc() { callbackType.getName().matches("MINIPORT_CO_DEACTIVATE_VC") } -} - -/** A NDIS miniport CO delete VC callback routine. */ -class NdisMiniportCoDeleteVc extends NdisCallbackRoutine { - NdisMiniportCoDeleteVc() { callbackType.getName().matches("MINIPORT_CO_DELETE_VC") } -} - -/** A NDIS miniport CO OID request callback routine. */ -class NdisMiniportCoOidRequest extends NdisCallbackRoutine { - NdisMiniportCoOidRequest() { callbackType.getName().matches("MINIPORT_CO_OID_REQUEST") } -} - -/** A NDIS miniport CO send net buffer lists callback routine. */ -class NdisMiniportCoSendNetBufferLists extends NdisCallbackRoutine { - NdisMiniportCoSendNetBufferLists() { - callbackType.getName().matches("MINIPORT_CO_SEND_NET_BUFFER_LISTS") - } -} - -/** A NDIS protocol bind adapter ex callback routine. */ -class NdisProtocolBindAdapterEx extends NdisCallbackRoutine { - NdisProtocolBindAdapterEx() { callbackType.getName().matches("PROTOCOL_BIND_ADAPTER_EX") } -} - -/** A NDIS protocol close adapter complete ex callback routine. */ -class NdisProtocolCloseAdapterCompleteEx extends NdisCallbackRoutine { - NdisProtocolCloseAdapterCompleteEx() { - callbackType.getName().matches("PROTOCOL_CLOSE_ADAPTER_COMPLETE_EX") - } -} - -/** A NDIS protocol direct OID request complete callback routine. */ -class NdisProtocolDirectOidRequestComplete extends NdisCallbackRoutine { - NdisProtocolDirectOidRequestComplete() { - callbackType.getName().matches("PROTOCOL_DIRECT_OID_REQUEST_COMPLETE") - } -} - -/** A NDIS protocol net PNP event callback routine. */ -class NdisProtocolNetPnpEvent extends NdisCallbackRoutine { - NdisProtocolNetPnpEvent() { callbackType.getName().matches("PROTOCOL_NET_PNP_EVENT") } -} - -/** A NDIS protocol OID request complete callback routine. */ -class NdisProtocolOidRequestComplete extends NdisCallbackRoutine { - NdisProtocolOidRequestComplete() { - callbackType.getName().matches("PROTOCOL_OID_REQUEST_COMPLETE") - } -} - -/** A NDIS protocol open adapter complete ex callback routine. */ -class NdisProtocolOpenAdapterCompleteEx extends NdisCallbackRoutine { - NdisProtocolOpenAdapterCompleteEx() { - callbackType.getName().matches("PROTOCOL_OPEN_ADAPTER_COMPLETE_EX") - } -} - -/** A NDIS protocol receive net buffer lists callback routine. */ -class NdisProtocolReceiveNetBufferLists extends NdisCallbackRoutine { - NdisProtocolReceiveNetBufferLists() { - callbackType.getName().matches("PROTOCOL_RECEIVE_NET_BUFFER_LISTS") - } -} - -/** A NDIS protocol send net buffer lists complete callback routine. */ -class NdisProtocolSendNetBufferListsComplete extends NdisCallbackRoutine { - NdisProtocolSendNetBufferListsComplete() { - callbackType.getName().matches("PROTOCOL_SEND_NET_BUFFER_LISTS_COMPLETE") - } -} - -/** A NDIS protocol set options callback routine. */ -class NdisProtocolSetOptions extends NdisCallbackRoutine { - NdisProtocolSetOptions() { callbackType.getName().matches("PROTOCOL_SET_OPTIONS") } -} - -/** A NDIS protocol status ex callback routine. */ -class NdisProtocolStatusEx extends NdisCallbackRoutine { - NdisProtocolStatusEx() { callbackType.getName().matches("PROTOCOL_STATUS_EX") } -} - -/** A NDIS protocol unbind adapter ex callback routine. */ -class NdisProtocolUnbindAdapterEx extends NdisCallbackRoutine { - NdisProtocolUnbindAdapterEx() { callbackType.getName().matches("PROTOCOL_UNBIND_ADAPTER_EX") } -} - -/** A NDIS protocol uninstall callback routine. */ -class NdisProtocolUninstall extends NdisCallbackRoutine { - NdisProtocolUninstall() { callbackType.getName().matches("PROTOCOL_UNINSTALL") } -} - -/** A NDIS protocol call manager add party complete callback routine. */ -class NdisProtocolClAddPartyComplete extends NdisCallbackRoutine { - NdisProtocolClAddPartyComplete() { - callbackType.getName().matches("PROTOCOL_CL_ADD_PARTY_COMPLETE") - } -} - -/** A NDIS protocol call manager call connected callback routine. */ -class NdisProtocolClCallConnected extends NdisCallbackRoutine { - NdisProtocolClCallConnected() { callbackType.getName().matches("PROTOCOL_CL_CALL_CONNECTED") } -} - -/** A NDIS protocol call manager close AF complete callback routine. */ -class NdisProtocolClCloseAfComplete extends NdisCallbackRoutine { - NdisProtocolClCloseAfComplete() { - callbackType.getName().matches("PROTOCOL_CL_CLOSE_AF_COMPLETE") - } -} - -/** A NDIS protocol call manager close call complete callback routine. */ -class NdisProtocolClCloseCallComplete extends NdisCallbackRoutine { - NdisProtocolClCloseCallComplete() { - callbackType.getName().matches("PROTOCOL_CL_CLOSE_CALL_COMPLETE") - } -} - -/** A NDIS protocol call manager deregister SAP complete callback routine. */ -class NdisProtocolClDeregisterSapComplete extends NdisCallbackRoutine { - NdisProtocolClDeregisterSapComplete() { - callbackType.getName().matches("PROTOCOL_CL_DEREGISTER_SAP_COMPLETE") - } -} - -/** A NDIS protocol call manager drop party complete callback routine. */ -class NdisProtocolClDropPartyComplete extends NdisCallbackRoutine { - NdisProtocolClDropPartyComplete() { - callbackType.getName().matches("PROTOCOL_CL_DROP_PARTY_COMPLETE") - } -} - -/** A NDIS protocol call manager incoming call callback routine. */ -class NdisProtocolClIncomingCall extends NdisCallbackRoutine { - NdisProtocolClIncomingCall() { callbackType.getName().matches("PROTOCOL_CL_INCOMING_CALL") } -} - -/** A NDIS protocol call manager incoming call QoS change callback routine. */ -class NdisProtocolClIncomingCallQosChange extends NdisCallbackRoutine { - NdisProtocolClIncomingCallQosChange() { - callbackType.getName().matches("PROTOCOL_CL_INCOMING_CALL_QOS_CHANGE") - } -} - -/** A NDIS protocol call manager incoming close call callback routine. */ -class NdisProtocolClIncomingCloseCall extends NdisCallbackRoutine { - NdisProtocolClIncomingCloseCall() { - callbackType.getName().matches("PROTOCOL_CL_INCOMING_CLOSE_CALL") - } -} - -/** A NDIS protocol call manager incoming drop party callback routine. */ -class NdisProtocolClIncomingDropParty extends NdisCallbackRoutine { - NdisProtocolClIncomingDropParty() { - callbackType.getName().matches("PROTOCOL_CL_INCOMING_DROP_PARTY") - } -} - -/** A NDIS protocol call manager make call complete callback routine. */ -class NdisProtocolClMakeCallComplete extends NdisCallbackRoutine { - NdisProtocolClMakeCallComplete() { - callbackType.getName().matches("PROTOCOL_CL_MAKE_CALL_COMPLETE") - } -} - -/** A NDIS protocol call manager modify call QoS complete callback routine. */ -class NdisProtocolClModifyCallQosComplete extends NdisCallbackRoutine { - NdisProtocolClModifyCallQosComplete() { - callbackType.getName().matches("PROTOCOL_CL_MODIFY_CALL_QOS_COMPLETE") - } -} - -/** A NDIS protocol call manager notify close AF callback routine. */ -class NdisProtocolClNotifyCloseAf extends NdisCallbackRoutine { - NdisProtocolClNotifyCloseAf() { callbackType.getName().matches("PROTOCOL_CL_NOTIFY_CLOSE_AF") } -} - -/** A NDIS protocol call manager open AF complete callback routine. */ -class NdisProtocolClOpenAfComplete extends NdisCallbackRoutine { - NdisProtocolClOpenAfComplete() { callbackType.getName().matches("PROTOCOL_CL_OPEN_AF_COMPLETE") } -} - -/** A NDIS protocol call manager open AF complete ex callback routine. */ -class NdisProtocolClOpenAfCompleteEx extends NdisCallbackRoutine { - NdisProtocolClOpenAfCompleteEx() { - callbackType.getName().matches("PROTOCOL_CL_OPEN_AF_COMPLETE_EX") - } -} - -/** A NDIS protocol call manager register SAP complete callback routine. */ -class NdisProtocolClRegisterSapComplete extends NdisCallbackRoutine { - NdisProtocolClRegisterSapComplete() { - callbackType.getName().matches("PROTOCOL_CL_REGISTER_SAP_COMPLETE") - } -} - -/** A NDIS protocol connection manager activate VC complete callback routine. */ -class NdisProtocolCmActivateVcComplete extends NdisCallbackRoutine { - NdisProtocolCmActivateVcComplete() { - callbackType.getName().matches("PROTOCOL_CM_ACTIVATE_VC_COMPLETE") - } -} - -/** A NDIS protocol connection manager add party callback routine. */ -class NdisProtocolCmAddParty extends NdisCallbackRoutine { - NdisProtocolCmAddParty() { callbackType.getName().matches("PROTOCOL_CM_ADD_PARTY") } -} - -/** A NDIS protocol connection manager close AF callback routine. */ -class NdisProtocolCmCloseAf extends NdisCallbackRoutine { - NdisProtocolCmCloseAf() { callbackType.getName().matches("PROTOCOL_CM_CLOSE_AF") } -} - -/** A NDIS protocol connection manager close call callback routine. */ -class NdisProtocolCmCloseCall extends NdisCallbackRoutine { - NdisProtocolCmCloseCall() { callbackType.getName().matches("PROTOCOL_CM_CLOSE_CALL") } -} - -/** A NDIS protocol connection manager deactivate VC complete callback routine. */ -class NdisProtocolCmDeactivateVcComplete extends NdisCallbackRoutine { - NdisProtocolCmDeactivateVcComplete() { - callbackType.getName().matches("PROTOCOL_CM_DEACTIVATE_VC_COMPLETE") - } -} - -/** A NDIS protocol connection manager deregister SAP callback routine. */ -class NdisProtocolCmDeregisterSap extends NdisCallbackRoutine { - NdisProtocolCmDeregisterSap() { callbackType.getName().matches("PROTOCOL_CM_DEREGISTER_SAP") } -} - -/** A NDIS protocol connection manager drop party callback routine. */ -class NdisProtocolCmDropParty extends NdisCallbackRoutine { - NdisProtocolCmDropParty() { callbackType.getName().matches("PROTOCOL_CM_DROP_PARTY") } -} - -/** A NDIS protocol connection manager incoming call complete callback routine. */ -class NdisProtocolCmIncomingCallComplete extends NdisCallbackRoutine { - NdisProtocolCmIncomingCallComplete() { - callbackType.getName().matches("PROTOCOL_CM_INCOMING_CALL_COMPLETE") - } -} - -/** A NDIS protocol connection manager make call callback routine. */ -class NdisProtocolCmMakeCall extends NdisCallbackRoutine { - NdisProtocolCmMakeCall() { callbackType.getName().matches("PROTOCOL_CM_MAKE_CALL") } -} - -/** A NDIS protocol connection manager modify QoS call callback routine. */ -class NdisProtocolCmModifyQosCall extends NdisCallbackRoutine { - NdisProtocolCmModifyQosCall() { callbackType.getName().matches("PROTOCOL_CM_MODIFY_QOS_CALL") } -} - -/** A NDIS protocol connection manager notify close AF complete callback routine. */ -class NdisProtocolCmNotifyCloseAfComplete extends NdisCallbackRoutine { - NdisProtocolCmNotifyCloseAfComplete() { - callbackType.getName().matches("PROTOCOL_CM_NOTIFY_CLOSE_AF_COMPLETE") - } -} - -/** A NDIS protocol connection manager open AF callback routine. */ -class NdisProtocolCmOpenAf extends NdisCallbackRoutine { - NdisProtocolCmOpenAf() { callbackType.getName().matches("PROTOCOL_CM_OPEN_AF") } -} - -/** A NDIS protocol connection manager register SAP callback routine. */ -class NdisProtocolCmRegSap extends NdisCallbackRoutine { - NdisProtocolCmRegSap() { callbackType.getName().matches("PROTOCOL_CM_REG_SAP") } -} - -/** A NDIS protocol CO AF register notify callback routine. */ -class NdisProtocolCoAfRegisterNotify extends NdisCallbackRoutine { - NdisProtocolCoAfRegisterNotify() { - callbackType.getName().matches("PROTCOL_CO_AF_REGISTER_NOTIFY") - } -} - -/** A NDIS protocol CO create VC callback routine. */ -class NdisProtocolCoCreateVc extends NdisCallbackRoutine { - NdisProtocolCoCreateVc() { callbackType.getName().matches("PROTOCOL_CO_CREATE_VC") } -} - -/** A NDIS protocol CO delete VC callback routine. */ -class NdisProtocolCoDeleteVc extends NdisCallbackRoutine { - NdisProtocolCoDeleteVc() { callbackType.getName().matches("PROTOCOL_CO_DELETE_VC") } -} - -/** A NDIS protocol CO OID request callback routine. */ -class NdisProtocolCoOidRequest extends NdisCallbackRoutine { - NdisProtocolCoOidRequest() { callbackType.getName().matches("PROTOCOL_CO_OID_REQUEST") } -} - -/** A NDIS protocol CO OID request complete callback routine. */ -class NdisProtocolCoOidRequestComplete extends NdisCallbackRoutine { - NdisProtocolCoOidRequestComplete() { - callbackType.getName().matches("PROTOCOL_CO_OID_REQUEST_COMPLETE") - } -} - -/** A NDIS protocol CO receive net buffer lists callback routine. */ -class NdisProtocolCoReceiveNetBufferLists extends NdisCallbackRoutine { - NdisProtocolCoReceiveNetBufferLists() { - callbackType.getName().matches("PROTOCOL_CO_RECEIVE_NET_BUFFER_LISTS") - } -} - -/** A NDIS protocol CO send net buffer lists complete callback routine. */ -class NdisProtocolCoSendNetBufferListsComplete extends NdisCallbackRoutine { - NdisProtocolCoSendNetBufferListsComplete() { - callbackType.getName().matches("PROTOCOL_CO_SEND_NET_BUFFER_LISTS_COMPLETE") - } -} - -/** A NDIS protocol CO status ex callback routine. */ -class NdisProtocolCoStatusEx extends NdisCallbackRoutine { - NdisProtocolCoStatusEx() { callbackType.getName().matches("PROTOCOL_CO_STATUS_EX") } -} +/** + * This QL library defines classes and predicates for analyzing NDIS drivers. + * It provides definitions for NDIS dispatch routines, callback routines, and role types. + * The library also includes a typedef for the standard NDIS callback routines. + */ + +// Copyright (c) Microsoft Corporation. +// Licensed under the MIT license. +import cpp +import drivers.libraries.SAL + +/** + * NDIS dispatch routine class. + * We hold a routine to be a dispatch routine if there is + * an assignment in DriverEntry that assigns the function to + * the dispatch table. + */ +class NdisDispatchRoutine extends NdisCallbackRoutine { + /** + * The OID type covered by this dispatch routine. + */ + Literal dispatchType; + /** The DriverEntry function this dispatch routine was assigned in. */ + NdisDriverEntry driverEntry; + + /** + * Dispatch routines are defined by assignments of the form + * MiniportDriverObject->DriverDispatch->MiniportXxxHandler = XxxHandler; + * This characteristic predicate thus looks for assignments of this form + * where the right-side value is a function with the NDIS_DISPATCH typedef. + */ + NdisDispatchRoutine() { + callbackType.getName().matches("NDIS_DISPATCH") and + exists( + NdisCallbackRoutineAssignment cra, PointerFieldAccess dispatchTable, + PointerFieldAccess fieldAccess, VariableAccess driverObjectAccess + | + cra.getLValue() = fieldAccess and + fieldAccess.getQualifier() = dispatchTable and + dispatchTable.getQualifier() = driverObjectAccess and + driverObjectAccess.getTarget().getType().getName().matches("PNDIS_MINIPORT_BLOCK") and + cra.getTarget() = this and + cra.getEnclosingFunction() = driverEntry + ) + } + + /** Gets the OID type this dispatch routine handles, as a number. */ + + Literal getDispatchType() { result = dispatchType } + + /** Gets the DriverEntry this dispatch routine was assigned in. */ + + NdisDriverEntry getDriverEntry() { result = driverEntry } +} + +/** An assignment where the right-hand side is a NDIS callback routine. */ +class NdisCallbackRoutineAssignment extends AssignExpr { + /* + * A common paradigm in dispatch routine setup is to chain assignments to cover multiple IRPs. + * As such, it's necessary to recursively walk the assignment to handle cases such as + * DriverObject->MajorFunction[IRP_MJ_CREATE] = + * DriverObject->MajorFunction[IRP_MJ_OPEN] = + * MyMultiFunctionIrpHandler; + * However, characterstic predicates cannot be recurisve, so the logic is placed in a separate + * predicate below, isNdisCallbackRoutineAssignment. + */ + + NdisCallbackRoutineAssignment() { isNdisCallbackRoutineAssignment(this) } + + /** Gets the callback routine that this dispatch routine assignment is targeting. */ + + NdisCallbackRoutine getTarget() { + if + exists(FunctionAccess fa | + this.getRValue() = fa and + fa.getTarget() instanceof NdisCallbackRoutine + ) + then result = this.getRValue().(FunctionAccess).getTarget() + else result = getTarget_aux(this.getRValue()) + } + + /** Auxilliary function to getTarget(). */ + private NdisCallbackRoutine getTarget_aux(AssignExpr ae) { + if + exists(FunctionAccess fa | + ae.getRValue() = fa and + fa.getTarget() instanceof NdisCallbackRoutine + ) + then result = ae.getRValue().(FunctionAccess).getTarget() + else result = getTarget_aux(ae.getRValue()) + } +} + +/** Determines if a given assignment, recursively, has a NDIS callback routine as the right-hand side. */ +private predicate isNdisCallbackRoutineAssignment(AssignExpr ae) { + exists(FunctionAccess fa | + ae.getRValue() = fa and + fa.getTarget() instanceof NdisCallbackRoutine + ) + or + ae.getRValue() instanceof AssignExpr and + isNdisCallbackRoutineAssignment(ae.getRValue().(AssignExpr)) +} + +/** A typedef for Role Types */ +class NdisRoleTypeType extends TypedefType { + NdisRoleTypeType() { + ( + this.getName().matches("MINIPORT_PROCESS_SG_LIST") or + this.getName().matches("NDIS_TIMER_FUNCTION") or + this.getName().matches("NDIS_IO_WORKITEM") or + this.getName().matches("MINIPORT_ADD_DEVICE") or + this.getName().matches("MINIPORT_CANCEL_DIRECT_OID_REQUEST") or + this.getName().matches("MINIPORT_DIRECT_OID_REQUEST") or + this.getName().matches("MINIPORT_FILTER_RESOURCE_REQUIREMENTS") or + this.getName().matches("MINIPORT_START_DEVICE") or + this.getName().matches("MINIPORT_SYNCHRONIZE_MESSAGE_INTERRUPT") or + this.getName().matches("NDIS_IO_WORKITEM_FUNCTION") or + this.getName().matches("FILTER_ATTACH") or + this.getName().matches("FILTER_CANCEL_DIRECT_OID_REQUEST") or + this.getName().matches("FILTER_CANCEL_SEND_NET_BUFFER_LISTS") or + this.getName().matches("FILTER_CANCEL_OID_REQUEST") or + this.getName().matches("FILTER_DETACH") or + this.getName().matches("FILTER_DEVICE_PNP_EVENT_NOTIFY") or + this.getName().matches("FILTER_DIRECT_OID_REQUEST") or + this.getName().matches("FILTER_DIRECT_OID_REQUEST_COMPLETE") or + this.getName().matches("DRIVER_UNLOAD") or + this.getName().matches("FILTER_NET_PNP_EVENT") or + this.getName().matches("FILTER_OID_REQUEST") or + this.getName().matches("FILTER_OID_REQUEST_COMPLETE") or + this.getName().matches("FILTER_PAUSE") or + this.getName().matches("FILTER_RECEIVE_NET_BUFFER_LISTS") or + this.getName().matches("FILTER_RESTART") or + this.getName().matches("FILTER_RETURN_NET_BUFFER_LISTS") or + this.getName().matches("FILTER_SEND_NET_BUFFER_LISTS") or + this.getName().matches("FILTER_SEND_NET_BUFFER_LISTS_COMPLETE") or + this.getName().matches("FILTER_SET_MODULE_OPTIONS") or + this.getName().matches("FILTER_SET_OPTIONS") or + this.getName().matches("FILTER_STATUS") or + this.getName().matches("MINIPORT_CO_ACTIVATE_VC") or + this.getName().matches("MINIPORT_CO_CREATE_VC") or + this.getName().matches("MINIPORT_CO_DEACTIVATE_VC") or + this.getName().matches("MINIPORT_CO_DELETE_VC") or + this.getName().matches("MINIPORT_CO_OID_REQUEST") or + this.getName().matches("MINIPORT_CO_SEND_NET_BUFFER_LISTS") or + this.getName().matches("PROTOCOL_BIND_ADAPTER_EX") or + this.getName().matches("PROTOCOL_CLOSE_ADAPTER_COMPLETE_EX") or + this.getName().matches("PROTOCOL_DIRECT_OID_REQUEST_COMPLETE") or + this.getName().matches("PROTOCOL_NET_PNP_EVENT") or + this.getName().matches("PROTOCOL_OID_REQUEST_COMPLETE") or + this.getName().matches("PROTOCOL_OPEN_ADAPTER_COMPLETE_EX") or + this.getName().matches("PROTOCOL_RECEIVE_NET_BUFFER_LISTS") or + this.getName().matches("PROTOCOL_SEND_NET_BUFFER_LISTS_COMPLETE") or + this.getName().matches("PROTOCOL_SET_OPTIONS") or + this.getName().matches("PROTOCOL_STATUS_EX") or + this.getName().matches("PROTOCOL_UNBIND_ADAPTER_EX") or + this.getName().matches("PROTOCOL_UNINSTALL") or + this.getName().matches("PROTOCOL_CL_ADD_PARTY_COMPLETE") or + this.getName().matches("PROTOCOL_CL_CALL_CONNECTED") or + this.getName().matches("PROTOCOL_CL_CLOSE_AF_COMPLETE") or + this.getName().matches("PROTOCOL_CL_CLOSE_CALL_COMPLETE") or + this.getName().matches("PROTOCOL_CL_DEREGISTER_SAP_COMPLETE") or + this.getName().matches("PROTOCOL_CL_DROP_PARTY_COMPLETE") or + this.getName().matches("PROTOCOL_CL_INCOMING_CALL") or + this.getName().matches("PROTOCOL_CL_INCOMING_CALL_QOS_CHANGE") or + this.getName().matches("PROTOCOL_CL_INCOMING_CLOSE_CALL") or + this.getName().matches("PROTOCOL_CL_INCOMING_DROP_PARTY") or + this.getName().matches("PROTOCOL_CL_MAKE_CALL_COMPLETE") or + this.getName().matches("PROTOCOL_CL_MODIFY_CALL_QOS_COMPLETE") or + this.getName().matches("PROTOCOL_CL_NOTIFY_CLOSE_AF") or + this.getName().matches("PROTOCOL_CL_OPEN_AF_COMPLETE") or + this.getName().matches("PROTOCOL_CL_OPEN_AF_COMPLETE_EX") or + this.getName().matches("PROTOCOL_CL_REGISTER_SAP_COMPLETE") or + this.getName().matches("PROTOCOL_CM_ACTIVATE_VC_COMPLETE") or + this.getName().matches("PROTOCOL_CM_ADD_PARTY") or + this.getName().matches("PROTOCOL_CM_CLOSE_AF") or + this.getName().matches("PROTOCOL_CM_CLOSE_CALL") or + this.getName().matches("PROTOCOL_CM_DEACTIVATE_VC_COMPLETE") or + this.getName().matches("PROTOCOL_CM_DEREGISTER_SAP") or + this.getName().matches("PROTOCOL_CM_DROP_PARTY") or + this.getName().matches("PROTOCOL_CM_INCOMING_CALL_COMPLETE") or + this.getName().matches("PROTOCOL_CM_MAKE_CALL") or + this.getName().matches("PROTOCOL_CM_MODIFY_QOS_CALL") or + this.getName().matches("PROTOCOL_CM_NOTIFY_CLOSE_AF_COMPLETE") or + this.getName().matches("PROTOCOL_CM_OPEN_AF") or + this.getName().matches("PROTOCOL_CM_REG_SAP") or + this.getName().matches("PROTCOL_CO_AF_REGISTER_NOTIFY") or + this.getName().matches("PROTOCOL_CO_CREATE_VC") or + this.getName().matches("PROTOCOL_CO_DELETE_VC") or + this.getName().matches("PROTOCOL_CO_OID_REQUEST") or + this.getName().matches("PROTOCOL_CO_OID_REQUEST_COMPLETE") or + this.getName().matches("PROTOCOL_CO_RECEIVE_NET_BUFFER_LISTS") or + this.getName().matches("PROTOCOL_CO_SEND_NET_BUFFER_LISTS_COMPLETE") or + this.getName().matches("PROTOCOL_CO_STATUS_EX") + ) + } +} + +/** A typedef for the standard NDIS callback routines. Aka Role Types */ +class NdisCallbackRoutineTypedef extends NdisRoleTypeType { + NdisCallbackRoutineTypedef() { this.getFile().getBaseName().matches("ndis.h") } +} + +/** + * Represents a function implementing a NDIS callback routine. + * Defines a function to be a callback routine iff it has a typedef + * in its definition which matches the NDIS callback typedefs, and it + * is in a NDIS driver (includes wdm.h.) + */ +class NdisCallbackRoutine extends Function { + /** The callback routine type, i.e. DRIVER_UNLOAD. */ + NdisCallbackRoutineTypedef callbackType; + + NdisCallbackRoutine() { + exists(FunctionDeclarationEntry fde | + fde.getFunction() = this and + fde.getTypedefType() = callbackType + ) + } +} + + +/** A NDIS DriverEntry callback routine. */ +class NdisDriverEntry extends NdisCallbackRoutine { + NdisDriverEntry() { callbackType.getName().matches("DRIVER_INITIALIZE") } +} + +/** A NDIS MiniportAllocateSharedMemoryComplete callback routine. */ +class NdisMiniportAllocateSharedMemoryComplete extends NdisCallbackRoutine { + NdisMiniportAllocateSharedMemoryComplete() { + callbackType.getName().matches("MINIPORT_ALLOCATE_SHARED_MEM_COMPLETE") + } +} + +/** A NDIS MiniportHalt callback routine. */ +class NdisMiniportHalt extends NdisCallbackRoutine { + NdisMiniportHalt() { callbackType.getName().matches("MINIPORT_HALT") } +} + +/** A NDIS MiniportSetOptions callback routine. */ +class NdisMiniportSetOptions extends NdisCallbackRoutine { + NdisMiniportSetOptions() { callbackType.getName().matches("MINIPORT_SET_OPTIONS") } +} + +/** A NDIS MiniportInitialize callback routine. */ +class NdisMiniportInitialize extends NdisCallbackRoutine { + NdisMiniportInitialize() { callbackType.getName().matches("MINIPORT_INITIALIZE") } +} + +/** A NDIS MiniportPause callback routine. */ +class NdisMiniportPause extends NdisCallbackRoutine { + NdisMiniportPause() { callbackType.getName().matches("MINIPORT_PAUSE") } +} + +/** A NDIS MiniportRestart callback routine. */ +class NdisMiniportRestart extends NdisCallbackRoutine { + NdisMiniportRestart() { callbackType.getName().matches("MINIPORT_RESTART") } +} + +/** A NDIS MiniportOidRequest callback routine. */ +class NdisMiniportOidRequest extends NdisCallbackRoutine { + NdisMiniportOidRequest() { callbackType.getName().matches("MINIPORT_OID_REQUEST") } +} + +/** A NDIS MiniportInterruptDpc callback routine. */ +class NdisMiniportInterruptDpc extends NdisCallbackRoutine { + NdisMiniportInterruptDpc() { callbackType.getName().matches("MINIPORT_INTERRUPT_DPC") } +} + +/** A NDIS MiniportIsr callback routine. */ +class NdisMiniportIsr extends NdisCallbackRoutine { + NdisMiniportIsr() { callbackType.getName().matches("MINIPORT_ISR") } +} + +/** A NDIS MiniportReset callback routine. */ +class NdisMiniportReset extends NdisCallbackRoutine { + NdisMiniportReset() { callbackType.getName().matches("MINIPORT_RESET") } +} + +/** A NDIS MiniportReturnNetBufferLists callback routine. */ +class NdisMiniportReturnNetBufferLists extends NdisCallbackRoutine { + NdisMiniportReturnNetBufferLists() { + callbackType.getName().matches("MINIPORT_RETURN_NET_BUFFER_LISTS") + } +} + +/** A NDIS MiniportCancelOidRequest callback routine. */ +class NdisMiniportCancelOidRequest extends NdisCallbackRoutine { + NdisMiniportCancelOidRequest() { callbackType.getName().matches("MINIPORT_CANCEL_OID_REQUEST") } +} + +/** A NDIS MiniportShutdown callback routine. */ +class NdisMiniportShutdown extends NdisCallbackRoutine { + NdisMiniportShutdown() { callbackType.getName().matches("MINIPORT_SHUTDOWN") } +} + +/** A NDIS MiniportSendNetBufferLists callback routine. */ +class NdisMiniportSendNetBufferLists extends NdisCallbackRoutine { + NdisMiniportSendNetBufferLists() { + callbackType.getName().matches("MINIPORT_SEND_NET_BUFFER_LISTS") + } +} + +/** A NDIS MiniportCancelSend callback routine. */ +class NdisMiniportCancelSend extends NdisCallbackRoutine { + NdisMiniportCancelSend() { callbackType.getName().matches("MINIPORT_CANCEL_SEND") } +} + +/** A NDIS MiniportDevicePnpEventNotify callback routine. */ +class NdisMiniportDevicePnpEventNotify extends NdisCallbackRoutine { + NdisMiniportDevicePnpEventNotify() { + callbackType.getName().matches("MINIPORT_DEVICE_PNP_EVENT_NOTIFY") + } +} + +/** A NDIS MiniportUnload callback routine. */ +class NdisMiniportUnload extends NdisCallbackRoutine { + NdisMiniportUnload() { callbackType.getName().matches("MINIPORT_UNLOAD") } +} + +/** A NDIS MiniportCheckForHang callback routine. */ +class NdisMiniportCheckForHang extends NdisCallbackRoutine { + NdisMiniportCheckForHang() { callbackType.getName().matches("MINIPORT_CHECK_FOR_HANG") } +} + +/** A NDIS MiniportEnableInterrupt callback routine. */ +class NdisMiniportEnableInterrupt extends NdisCallbackRoutine { + NdisMiniportEnableInterrupt() { callbackType.getName().matches("MINIPORT_ENABLE_INTERRUPT") } +} + +/** A NDIS MiniportDisableInterrupt callback routine. */ +class NdisMiniportDisableInterrupt extends NdisCallbackRoutine { + NdisMiniportDisableInterrupt() { callbackType.getName().matches("MINIPORT_DISABLE_INTERRUPT") } +} + +/** A NDIS MiniportSynchronizeInterrupt callback routine. */ +class NdisMiniportSynchronizeInterrupt extends NdisCallbackRoutine { + NdisMiniportSynchronizeInterrupt() { + callbackType.getName().matches("MINIPORT_SYNCHRONIZE_INTERRUPT") + } +} + +/** A NDIS MiniportProcessSgList callback routine. */ +class NdisMiniportProcessSgList extends NdisCallbackRoutine { + NdisMiniportProcessSgList() { callbackType.getName().matches("MINIPORT_PROCESS_SG_LIST") } +} + +/** A NDIS timer callback routine. */ +class NdisTimerFunction extends NdisCallbackRoutine { + NdisTimerFunction() { callbackType.getName().matches("NDIS_TIMER_FUNCTION") } +} + +/** A NDIS I/O work item callback routine. */ +class NdisIoWorkitem extends NdisCallbackRoutine { + NdisIoWorkitem() { callbackType.getName().matches("NDIS_IO_WORKITEM") } +} + +/** A NDIS MiniportAddDevice callback routine. */ +class NdisMiniportAddDevice extends NdisCallbackRoutine { + NdisMiniportAddDevice() { callbackType.getName().matches("MINIPORT_ADD_DEVICE") } +} + +/** A NDIS MiniportCancelDirectOidRequest callback routine. */ +class NdisMiniportCancelDirectOidRequest extends NdisCallbackRoutine { + NdisMiniportCancelDirectOidRequest() { + callbackType.getName().matches("MINIPORT_CANCEL_DIRECT_OID_REQUEST") + } +} + +/** A NDIS MiniportDirectOidRequest callback routine. */ +class NdisMiniportDirectOidRequest extends NdisCallbackRoutine { + NdisMiniportDirectOidRequest() { callbackType.getName().matches("MINIPORT_DIRECT_OID_REQUEST") } +} + +/** A NDIS MiniportFilterResourceRequirements callback routine. */ +class NdisMiniportFilterResourceRequirements extends NdisCallbackRoutine { + NdisMiniportFilterResourceRequirements() { + callbackType.getName().matches("MINIPORT_FILTER_RESOURCE_REQUIREMENTS") + } +} + +/** A NDIS MiniportStartDevice callback routine. */ +class NdisMiniportStartDevice extends NdisCallbackRoutine { + NdisMiniportStartDevice() { callbackType.getName().matches("MINIPORT_START_DEVICE") } +} + +/** A NDIS MiniportSynchronizeMessageInterrupt callback routine. */ +class NdisMiniportSynchronizeMessageInterrupt extends NdisCallbackRoutine { + NdisMiniportSynchronizeMessageInterrupt() { + callbackType.getName().matches("MINIPORT_SYNCHRONIZE_MESSAGE_INTERRUPT") + } +} + +/** A NDIS IoWorkItemFunction callback routine. */ +class NdisIoWorkItemFunction extends NdisCallbackRoutine { + NdisIoWorkItemFunction() { callbackType.getName().matches("NDIS_IO_WORKITEM_FUNCTION") } +} + +/** A NDIS filter attach callback routine. */ +class NdisFilterAttach extends NdisCallbackRoutine { + NdisFilterAttach() { callbackType.getName().matches("FILTER_ATTACH") } +} + +/** A NDIS filter cancel direct OID request callback routine. */ +class NdisFilterCancelDirectOidRequest extends NdisCallbackRoutine { + NdisFilterCancelDirectOidRequest() { + callbackType.getName().matches("FILTER_CANCEL_DIRECT_OID_REQUEST") + } +} + +/** A NDIS filter cancel send net buffer lists callback routine. */ +class NdisFilterCancelSendNetBufferLists extends NdisCallbackRoutine { + NdisFilterCancelSendNetBufferLists() { + callbackType.getName().matches("FILTER_CANCEL_SEND_NET_BUFFER_LISTS") + } +} + +/** A NDIS filter cancel OID request callback routine. */ +class NdisFilterCancelOidRequest extends NdisCallbackRoutine { + NdisFilterCancelOidRequest() { callbackType.getName().matches("FILTER_CANCEL_OID_REQUEST") } +} + +/** A NDIS filter detach callback routine. */ +class NdisFilterDetach extends NdisCallbackRoutine { + NdisFilterDetach() { callbackType.getName().matches("FILTER_DETACH") } +} + +/** A NDIS filter device PNP event notify callback routine. */ +class NdisFilterDevicePnpEventNotify extends NdisCallbackRoutine { + NdisFilterDevicePnpEventNotify() { + callbackType.getName().matches("FILTER_DEVICE_PNP_EVENT_NOTIFY") + } +} + +/** A NDIS filter direct OID request callback routine. */ +class NdisFilterDirectOidRequest extends NdisCallbackRoutine { + NdisFilterDirectOidRequest() { callbackType.getName().matches("FILTER_DIRECT_OID_REQUEST") } +} + +/** A NDIS filter direct OID request complete callback routine. */ +class NdisFilterDirectOidRequestComplete extends NdisCallbackRoutine { + NdisFilterDirectOidRequestComplete() { + callbackType.getName().matches("FILTER_DIRECT_OID_REQUEST_COMPLETE") + } +} + +/** A NDIS driver unload callback routine. */ +class NdisDriverUnload extends NdisCallbackRoutine { + NdisDriverUnload() { callbackType.getName().matches("DRIVER_UNLOAD") } +} + +/** A NDIS filter net PNP event callback routine. */ +class NdisFilterNetPnpEvent extends NdisCallbackRoutine { + NdisFilterNetPnpEvent() { callbackType.getName().matches("FILTER_NET_PNP_EVENT") } +} + +/** A NDIS filter OID request callback routine. */ +class NdisFilterOidRequest extends NdisCallbackRoutine { + NdisFilterOidRequest() { callbackType.getName().matches("FILTER_OID_REQUEST") } +} + +/** A NDIS filter OID request complete callback routine. */ +class NdisFilterOidRequestComplete extends NdisCallbackRoutine { + NdisFilterOidRequestComplete() { callbackType.getName().matches("FILTER_OID_REQUEST_COMPLETE") } +} + +/** A NDIS filter pause callback routine. */ +class NdisFilterPause extends NdisCallbackRoutine { + NdisFilterPause() { callbackType.getName().matches("FILTER_PAUSE") } +} + +/** A NDIS filter receive net buffer lists callback routine. */ +class NdisFilterReceiveNetBufferLists extends NdisCallbackRoutine { + NdisFilterReceiveNetBufferLists() { + callbackType.getName().matches("FILTER_RECEIVE_NET_BUFFER_LISTS") + } +} + +/** A NDIS filter restart callback routine. */ +class NdisFilterRestart extends NdisCallbackRoutine { + NdisFilterRestart() { callbackType.getName().matches("FILTER_RESTART") } +} + +/** A NDIS filter return net buffer lists callback routine. */ +class NdisFilterReturnNetBufferLists extends NdisCallbackRoutine { + NdisFilterReturnNetBufferLists() { + callbackType.getName().matches("FILTER_RETURN_NET_BUFFER_LISTS") + } +} + +/** A NDIS filter send net buffer lists callback routine. */ +class NdisFilterSendNetBufferLists extends NdisCallbackRoutine { + NdisFilterSendNetBufferLists() { callbackType.getName().matches("FILTER_SEND_NET_BUFFER_LISTS") } +} + +/** A NDIS filter send net buffer lists complete callback routine. */ +class NdisFilterSendNetBufferListsComplete extends NdisCallbackRoutine { + NdisFilterSendNetBufferListsComplete() { + callbackType.getName().matches("FILTER_SEND_NET_BUFFER_LISTS_COMPLETE") + } +} + +/** A NDIS filter set module options callback routine. */ +class NdisFilterSetModuleOptions extends NdisCallbackRoutine { + NdisFilterSetModuleOptions() { callbackType.getName().matches("FILTER_SET_MODULE_OPTIONS") } +} + +/** A NDIS filter set options callback routine. */ +class NdisFilterSetOptions extends NdisCallbackRoutine { + NdisFilterSetOptions() { callbackType.getName().matches("FILTER_SET_OPTIONS") } +} + +/** A NDIS filter status callback routine. */ +class NdisFilterStatus extends NdisCallbackRoutine { + NdisFilterStatus() { callbackType.getName().matches("FILTER_STATUS") } +} + +/** A NDIS miniport CO activate VC callback routine. */ +class NdisMiniportCoActivateVc extends NdisCallbackRoutine { + NdisMiniportCoActivateVc() { callbackType.getName().matches("MINIPORT_CO_ACTIVATE_VC") } +} + +/** A NDIS miniport CO create VC callback routine. */ +class NdisMiniportCoCreateVc extends NdisCallbackRoutine { + NdisMiniportCoCreateVc() { callbackType.getName().matches("MINIPORT_CO_CREATE_VC") } +} + +/** A NDIS miniport CO deactivate VC callback routine. */ +class NdisMiniportCoDeactivateVc extends NdisCallbackRoutine { + NdisMiniportCoDeactivateVc() { callbackType.getName().matches("MINIPORT_CO_DEACTIVATE_VC") } +} + +/** A NDIS miniport CO delete VC callback routine. */ +class NdisMiniportCoDeleteVc extends NdisCallbackRoutine { + NdisMiniportCoDeleteVc() { callbackType.getName().matches("MINIPORT_CO_DELETE_VC") } +} + +/** A NDIS miniport CO OID request callback routine. */ +class NdisMiniportCoOidRequest extends NdisCallbackRoutine { + NdisMiniportCoOidRequest() { callbackType.getName().matches("MINIPORT_CO_OID_REQUEST") } +} + +/** A NDIS miniport CO send net buffer lists callback routine. */ +class NdisMiniportCoSendNetBufferLists extends NdisCallbackRoutine { + NdisMiniportCoSendNetBufferLists() { + callbackType.getName().matches("MINIPORT_CO_SEND_NET_BUFFER_LISTS") + } +} + +/** A NDIS protocol bind adapter ex callback routine. */ +class NdisProtocolBindAdapterEx extends NdisCallbackRoutine { + NdisProtocolBindAdapterEx() { callbackType.getName().matches("PROTOCOL_BIND_ADAPTER_EX") } +} + +/** A NDIS protocol close adapter complete ex callback routine. */ +class NdisProtocolCloseAdapterCompleteEx extends NdisCallbackRoutine { + NdisProtocolCloseAdapterCompleteEx() { + callbackType.getName().matches("PROTOCOL_CLOSE_ADAPTER_COMPLETE_EX") + } +} + +/** A NDIS protocol direct OID request complete callback routine. */ +class NdisProtocolDirectOidRequestComplete extends NdisCallbackRoutine { + NdisProtocolDirectOidRequestComplete() { + callbackType.getName().matches("PROTOCOL_DIRECT_OID_REQUEST_COMPLETE") + } +} + +/** A NDIS protocol net PNP event callback routine. */ +class NdisProtocolNetPnpEvent extends NdisCallbackRoutine { + NdisProtocolNetPnpEvent() { callbackType.getName().matches("PROTOCOL_NET_PNP_EVENT") } +} + +/** A NDIS protocol OID request complete callback routine. */ +class NdisProtocolOidRequestComplete extends NdisCallbackRoutine { + NdisProtocolOidRequestComplete() { + callbackType.getName().matches("PROTOCOL_OID_REQUEST_COMPLETE") + } +} + +/** A NDIS protocol open adapter complete ex callback routine. */ +class NdisProtocolOpenAdapterCompleteEx extends NdisCallbackRoutine { + NdisProtocolOpenAdapterCompleteEx() { + callbackType.getName().matches("PROTOCOL_OPEN_ADAPTER_COMPLETE_EX") + } +} + +/** A NDIS protocol receive net buffer lists callback routine. */ +class NdisProtocolReceiveNetBufferLists extends NdisCallbackRoutine { + NdisProtocolReceiveNetBufferLists() { + callbackType.getName().matches("PROTOCOL_RECEIVE_NET_BUFFER_LISTS") + } +} + +/** A NDIS protocol send net buffer lists complete callback routine. */ +class NdisProtocolSendNetBufferListsComplete extends NdisCallbackRoutine { + NdisProtocolSendNetBufferListsComplete() { + callbackType.getName().matches("PROTOCOL_SEND_NET_BUFFER_LISTS_COMPLETE") + } +} + +/** A NDIS protocol set options callback routine. */ +class NdisProtocolSetOptions extends NdisCallbackRoutine { + NdisProtocolSetOptions() { callbackType.getName().matches("PROTOCOL_SET_OPTIONS") } +} + +/** A NDIS protocol status ex callback routine. */ +class NdisProtocolStatusEx extends NdisCallbackRoutine { + NdisProtocolStatusEx() { callbackType.getName().matches("PROTOCOL_STATUS_EX") } +} + +/** A NDIS protocol unbind adapter ex callback routine. */ +class NdisProtocolUnbindAdapterEx extends NdisCallbackRoutine { + NdisProtocolUnbindAdapterEx() { callbackType.getName().matches("PROTOCOL_UNBIND_ADAPTER_EX") } +} + +/** A NDIS protocol uninstall callback routine. */ +class NdisProtocolUninstall extends NdisCallbackRoutine { + NdisProtocolUninstall() { callbackType.getName().matches("PROTOCOL_UNINSTALL") } +} + +/** A NDIS protocol call manager add party complete callback routine. */ +class NdisProtocolClAddPartyComplete extends NdisCallbackRoutine { + NdisProtocolClAddPartyComplete() { + callbackType.getName().matches("PROTOCOL_CL_ADD_PARTY_COMPLETE") + } +} + +/** A NDIS protocol call manager call connected callback routine. */ +class NdisProtocolClCallConnected extends NdisCallbackRoutine { + NdisProtocolClCallConnected() { callbackType.getName().matches("PROTOCOL_CL_CALL_CONNECTED") } +} + +/** A NDIS protocol call manager close AF complete callback routine. */ +class NdisProtocolClCloseAfComplete extends NdisCallbackRoutine { + NdisProtocolClCloseAfComplete() { + callbackType.getName().matches("PROTOCOL_CL_CLOSE_AF_COMPLETE") + } +} + +/** A NDIS protocol call manager close call complete callback routine. */ +class NdisProtocolClCloseCallComplete extends NdisCallbackRoutine { + NdisProtocolClCloseCallComplete() { + callbackType.getName().matches("PROTOCOL_CL_CLOSE_CALL_COMPLETE") + } +} + +/** A NDIS protocol call manager deregister SAP complete callback routine. */ +class NdisProtocolClDeregisterSapComplete extends NdisCallbackRoutine { + NdisProtocolClDeregisterSapComplete() { + callbackType.getName().matches("PROTOCOL_CL_DEREGISTER_SAP_COMPLETE") + } +} + +/** A NDIS protocol call manager drop party complete callback routine. */ +class NdisProtocolClDropPartyComplete extends NdisCallbackRoutine { + NdisProtocolClDropPartyComplete() { + callbackType.getName().matches("PROTOCOL_CL_DROP_PARTY_COMPLETE") + } +} + +/** A NDIS protocol call manager incoming call callback routine. */ +class NdisProtocolClIncomingCall extends NdisCallbackRoutine { + NdisProtocolClIncomingCall() { callbackType.getName().matches("PROTOCOL_CL_INCOMING_CALL") } +} + +/** A NDIS protocol call manager incoming call QoS change callback routine. */ +class NdisProtocolClIncomingCallQosChange extends NdisCallbackRoutine { + NdisProtocolClIncomingCallQosChange() { + callbackType.getName().matches("PROTOCOL_CL_INCOMING_CALL_QOS_CHANGE") + } +} + +/** A NDIS protocol call manager incoming close call callback routine. */ +class NdisProtocolClIncomingCloseCall extends NdisCallbackRoutine { + NdisProtocolClIncomingCloseCall() { + callbackType.getName().matches("PROTOCOL_CL_INCOMING_CLOSE_CALL") + } +} + +/** A NDIS protocol call manager incoming drop party callback routine. */ +class NdisProtocolClIncomingDropParty extends NdisCallbackRoutine { + NdisProtocolClIncomingDropParty() { + callbackType.getName().matches("PROTOCOL_CL_INCOMING_DROP_PARTY") + } +} + +/** A NDIS protocol call manager make call complete callback routine. */ +class NdisProtocolClMakeCallComplete extends NdisCallbackRoutine { + NdisProtocolClMakeCallComplete() { + callbackType.getName().matches("PROTOCOL_CL_MAKE_CALL_COMPLETE") + } +} + +/** A NDIS protocol call manager modify call QoS complete callback routine. */ +class NdisProtocolClModifyCallQosComplete extends NdisCallbackRoutine { + NdisProtocolClModifyCallQosComplete() { + callbackType.getName().matches("PROTOCOL_CL_MODIFY_CALL_QOS_COMPLETE") + } +} + +/** A NDIS protocol call manager notify close AF callback routine. */ +class NdisProtocolClNotifyCloseAf extends NdisCallbackRoutine { + NdisProtocolClNotifyCloseAf() { callbackType.getName().matches("PROTOCOL_CL_NOTIFY_CLOSE_AF") } +} + +/** A NDIS protocol call manager open AF complete callback routine. */ +class NdisProtocolClOpenAfComplete extends NdisCallbackRoutine { + NdisProtocolClOpenAfComplete() { callbackType.getName().matches("PROTOCOL_CL_OPEN_AF_COMPLETE") } +} + +/** A NDIS protocol call manager open AF complete ex callback routine. */ +class NdisProtocolClOpenAfCompleteEx extends NdisCallbackRoutine { + NdisProtocolClOpenAfCompleteEx() { + callbackType.getName().matches("PROTOCOL_CL_OPEN_AF_COMPLETE_EX") + } +} + +/** A NDIS protocol call manager register SAP complete callback routine. */ +class NdisProtocolClRegisterSapComplete extends NdisCallbackRoutine { + NdisProtocolClRegisterSapComplete() { + callbackType.getName().matches("PROTOCOL_CL_REGISTER_SAP_COMPLETE") + } +} + +/** A NDIS protocol connection manager activate VC complete callback routine. */ +class NdisProtocolCmActivateVcComplete extends NdisCallbackRoutine { + NdisProtocolCmActivateVcComplete() { + callbackType.getName().matches("PROTOCOL_CM_ACTIVATE_VC_COMPLETE") + } +} + +/** A NDIS protocol connection manager add party callback routine. */ +class NdisProtocolCmAddParty extends NdisCallbackRoutine { + NdisProtocolCmAddParty() { callbackType.getName().matches("PROTOCOL_CM_ADD_PARTY") } +} + +/** A NDIS protocol connection manager close AF callback routine. */ +class NdisProtocolCmCloseAf extends NdisCallbackRoutine { + NdisProtocolCmCloseAf() { callbackType.getName().matches("PROTOCOL_CM_CLOSE_AF") } +} + +/** A NDIS protocol connection manager close call callback routine. */ +class NdisProtocolCmCloseCall extends NdisCallbackRoutine { + NdisProtocolCmCloseCall() { callbackType.getName().matches("PROTOCOL_CM_CLOSE_CALL") } +} + +/** A NDIS protocol connection manager deactivate VC complete callback routine. */ +class NdisProtocolCmDeactivateVcComplete extends NdisCallbackRoutine { + NdisProtocolCmDeactivateVcComplete() { + callbackType.getName().matches("PROTOCOL_CM_DEACTIVATE_VC_COMPLETE") + } +} + +/** A NDIS protocol connection manager deregister SAP callback routine. */ +class NdisProtocolCmDeregisterSap extends NdisCallbackRoutine { + NdisProtocolCmDeregisterSap() { callbackType.getName().matches("PROTOCOL_CM_DEREGISTER_SAP") } +} + +/** A NDIS protocol connection manager drop party callback routine. */ +class NdisProtocolCmDropParty extends NdisCallbackRoutine { + NdisProtocolCmDropParty() { callbackType.getName().matches("PROTOCOL_CM_DROP_PARTY") } +} + +/** A NDIS protocol connection manager incoming call complete callback routine. */ +class NdisProtocolCmIncomingCallComplete extends NdisCallbackRoutine { + NdisProtocolCmIncomingCallComplete() { + callbackType.getName().matches("PROTOCOL_CM_INCOMING_CALL_COMPLETE") + } +} + +/** A NDIS protocol connection manager make call callback routine. */ +class NdisProtocolCmMakeCall extends NdisCallbackRoutine { + NdisProtocolCmMakeCall() { callbackType.getName().matches("PROTOCOL_CM_MAKE_CALL") } +} + +/** A NDIS protocol connection manager modify QoS call callback routine. */ +class NdisProtocolCmModifyQosCall extends NdisCallbackRoutine { + NdisProtocolCmModifyQosCall() { callbackType.getName().matches("PROTOCOL_CM_MODIFY_QOS_CALL") } +} + +/** A NDIS protocol connection manager notify close AF complete callback routine. */ +class NdisProtocolCmNotifyCloseAfComplete extends NdisCallbackRoutine { + NdisProtocolCmNotifyCloseAfComplete() { + callbackType.getName().matches("PROTOCOL_CM_NOTIFY_CLOSE_AF_COMPLETE") + } +} + +/** A NDIS protocol connection manager open AF callback routine. */ +class NdisProtocolCmOpenAf extends NdisCallbackRoutine { + NdisProtocolCmOpenAf() { callbackType.getName().matches("PROTOCOL_CM_OPEN_AF") } +} + +/** A NDIS protocol connection manager register SAP callback routine. */ +class NdisProtocolCmRegSap extends NdisCallbackRoutine { + NdisProtocolCmRegSap() { callbackType.getName().matches("PROTOCOL_CM_REG_SAP") } +} + +/** A NDIS protocol CO AF register notify callback routine. */ +class NdisProtocolCoAfRegisterNotify extends NdisCallbackRoutine { + NdisProtocolCoAfRegisterNotify() { + callbackType.getName().matches("PROTCOL_CO_AF_REGISTER_NOTIFY") + } +} + +/** A NDIS protocol CO create VC callback routine. */ +class NdisProtocolCoCreateVc extends NdisCallbackRoutine { + NdisProtocolCoCreateVc() { callbackType.getName().matches("PROTOCOL_CO_CREATE_VC") } +} + +/** A NDIS protocol CO delete VC callback routine. */ +class NdisProtocolCoDeleteVc extends NdisCallbackRoutine { + NdisProtocolCoDeleteVc() { callbackType.getName().matches("PROTOCOL_CO_DELETE_VC") } +} + +/** A NDIS protocol CO OID request callback routine. */ +class NdisProtocolCoOidRequest extends NdisCallbackRoutine { + NdisProtocolCoOidRequest() { callbackType.getName().matches("PROTOCOL_CO_OID_REQUEST") } +} + +/** A NDIS protocol CO OID request complete callback routine. */ +class NdisProtocolCoOidRequestComplete extends NdisCallbackRoutine { + NdisProtocolCoOidRequestComplete() { + callbackType.getName().matches("PROTOCOL_CO_OID_REQUEST_COMPLETE") + } +} + +/** A NDIS protocol CO receive net buffer lists callback routine. */ +class NdisProtocolCoReceiveNetBufferLists extends NdisCallbackRoutine { + NdisProtocolCoReceiveNetBufferLists() { + callbackType.getName().matches("PROTOCOL_CO_RECEIVE_NET_BUFFER_LISTS") + } +} + +/** A NDIS protocol CO send net buffer lists complete callback routine. */ +class NdisProtocolCoSendNetBufferListsComplete extends NdisCallbackRoutine { + NdisProtocolCoSendNetBufferListsComplete() { + callbackType.getName().matches("PROTOCOL_CO_SEND_NET_BUFFER_LISTS_COMPLETE") + } +} + +/** A NDIS protocol CO status ex callback routine. */ +class NdisProtocolCoStatusEx extends NdisCallbackRoutine { + NdisProtocolCoStatusEx() { callbackType.getName().matches("PROTOCOL_CO_STATUS_EX") } +} diff --git a/src/drivers/storport/libraries/StorportDrivers.qll b/src/qlpack/src/drivers/storport/libraries/StorportDrivers.qll similarity index 97% rename from src/drivers/storport/libraries/StorportDrivers.qll rename to src/qlpack/src/drivers/storport/libraries/StorportDrivers.qll index 42e677b7..caa07589 100644 --- a/src/drivers/storport/libraries/StorportDrivers.qll +++ b/src/qlpack/src/drivers/storport/libraries/StorportDrivers.qll @@ -1,251 +1,251 @@ -/** - * This QL library defines classes and predicates for analyzing NDIS drivers. - * It provides definitions for NDIS dispatch routines, callback routines, and role types. - * The library also includes a typedef for the standard NDIS callback routines. - */ - -// Copyright (c) Microsoft Corporation. -// Licensed under the MIT license. -import cpp -import drivers.libraries.SAL - - -/** Determines if a given assignment, recursively, has a Storport callback routine as the right-hand side. */ - -private predicate isCallbackRoutineAssignment(AssignExpr ae) { - exists(FunctionAccess fa | - ae.getRValue() = fa and - fa.getTarget() instanceof StorportCallbackRoutine - ) - or - ae.getRValue() instanceof AssignExpr and - isCallbackRoutineAssignment(ae.getRValue().(AssignExpr)) -} - -/** A typedef for Role Types */ -class StorportRoleTypeType extends TypedefType { - StorportRoleTypeType() { - ( - this.getName().matches("sp_DRIVER_INITIALIZE") or - this.getName().matches("HW_INITIALIZE") or - this.getName().matches("HW_BUILDIO") or - this.getName().matches("HW_STARTIO") or - this.getName().matches("HW_INTERRUPT") or - this.getName().matches("HW_TIMER") or - this.getName().matches("HW_FIND_ADAPTER") or - this.getName().matches("HW_RESET_BUS") or - this.getName().matches("HW_ADAPTER_CONTROL") or - this.getName().matches("HW_PASSIVE_INITIALIZE_ROUTINE") or - this.getName().matches("HW_DPC_ROUTINE") or - this.getName().matches("HW_FREE_ADAPTER_RESOURCES") or - this.getName().matches("HW_PROCESS_SERVICE_REQUEST") or - this.getName().matches("HW_COMPLETE_SERVICE_IRP") or - this.getName().matches("HW_INITIALIZE_TRACING") or - this.getName().matches("HW_CLEANUP_TRACING") or - this.getName().matches("VIRTUAL_HW_FIND_ADAPTER") or - this.getName().matches("HW_MESSAGE_SIGNALED_INTERRUPT_ROUTINE") - ) - } -} - -/** A typedef for the standard Storport callback routines. Aka Role Types */ - -class StorportCallbackRoutineTypedef extends StorportRoleTypeType { - StorportCallbackRoutineTypedef() { this.getFile().getBaseName().matches("storport.h") } -} - -/** - * Represents a function implementing a Storport callback routine. - - * Defines a function to be a callback routine iff it has a typedef - * in its definition which matches the Storport callback typedefs, and it - - * is in a Storport driver (includes wdm.h.) - - */ -class StorportCallbackRoutine extends Function { - /** The callback routine type, i.e. DRIVER_UNLOAD. */ - StorportCallbackRoutineTypedef callbackType; - - StorportCallbackRoutine() { - exists(FunctionDeclarationEntry fde | - fde.getFunction() = this and - fde.getTypedefType() = callbackType - ) - } -} - -/** - * Similar to StorportCallbackRoutine, but specifically for Role Types - */ -abstract class StorportRoleTypeFunction extends Function { - StorportCallbackRoutineTypedef roleType; - - StorportRoleTypeFunction() { - exists(FunctionDeclarationEntry fde | - fde.getFunction() = this and - fde.getTypedefType() = roleType - ) - } - - string getRoleTypeString() { result = roleType.getName() } - - StorportRoleTypeType getRoleTypeType() { result = roleType } -} - -predicate hasRoleType(Function f) { f instanceof StorportRoleTypeFunction } - -class StorportDriverObjectFunctionAccess extends FunctionAccess { - StorportRoleTypeType rttExpected; - - StorportDriverObjectFunctionAccess() { - exists(VariableAccess driverObjectAccess, AssignExpr driverObjectAssign | - driverObjectAccess.getTarget().getType().getName().matches("PDRIVER_OBJECT") and - this = driverObjectAssign.getRValue() and - rttExpected = driverObjectAssign.getLValue().getUnderlyingType().(PointerType).getBaseType() - ) - } - - StorportRoleTypeType getExpectedRoleTypeType() { result = rttExpected } -} - -class StorportDriverEntryPoint extends FunctionAccess { - StorportDriverEntryPoint() { this instanceof StorportDriverObjectFunctionAccess } -} - -// declared functions that are used as if they have a role type, wether or not they do -class StorportImplicitRoleTypeFunction extends Function { - StorportRoleTypeType rttExpected; - FunctionAccess funcUse; - - StorportImplicitRoleTypeFunction() { - exists(FunctionCall fc, int n | fc.getArgument(n) instanceof FunctionAccess | - this = fc.getArgument(n).(FunctionAccess).getTarget() and - fc.getTarget().getParameter(n).getUnderlyingType().(PointerType).getBaseType() instanceof - StorportRoleTypeType and - rttExpected = fc.getTarget().getParameter(n).getUnderlyingType().(PointerType).getBaseType() and - fc.getTarget().getParameter(n).getUnderlyingType().(PointerType).getBaseType() instanceof - StorportRoleTypeType and - funcUse = fc.getArgument(n) - ) - or - exists(StorportDriverObjectFunctionAccess funcAssign | - funcAssign.getTarget() = this and - rttExpected = funcAssign.getExpectedRoleTypeType() and - funcUse = funcAssign - ) - } - - string getExpectedRoleTypeString() { result = rttExpected.toString() } - - StorportRoleTypeType getExpectedRoleTypeType() { result = rttExpected } - - string getActualRoleTypeString() { - if this instanceof StorportRoleTypeFunction - then result = this.(StorportRoleTypeFunction).getRoleTypeType().toString() - else result = "" - } - - FunctionAccess getFunctionUse() { result = funcUse } -} - -/** A Storport protocol Driver Initialize callback routine. */ -class StorportDriverInitialize extends StorportCallbackRoutine, StorportRoleTypeFunction { - StorportDriverInitialize() { callbackType.getName().matches("sp_DRIVER_INITIALIZE") } -} - -/** A Storport protocol Hardware Initialize callback routine. */ -class StorportHwInitialize extends StorportCallbackRoutine, StorportRoleTypeFunction { - StorportHwInitialize() { callbackType.getName().matches("HW_INITIALIZE") } -} - -/** A Storport protocol Hardware Build IO callback routine. */ -class StorportHwBuildIo extends StorportCallbackRoutine, StorportRoleTypeFunction { - StorportHwBuildIo() { callbackType.getName().matches("HW_BUILDIO") } -} - -/** A Storport protocol Hardware Start IO callback routine. */ -class StorportHwStartIo extends StorportCallbackRoutine, StorportRoleTypeFunction { - StorportHwStartIo() { callbackType.getName().matches("HW_STARTIO") } -} - -/** A Storport protocol Hardware Interrupt callback routine. */ -class StorportHwInterrupt extends StorportCallbackRoutine, StorportRoleTypeFunction { - StorportHwInterrupt() { callbackType.getName().matches("HW_INTERRUPT") } -} - -/** A Storport protocol Hardware Timer callback routine. */ -class StorportHwTimer extends StorportCallbackRoutine, StorportRoleTypeFunction { - StorportHwTimer() { callbackType.getName().matches("HW_TIMER") } -} - -/** A Storport protocol Hardware Find Adapter callback routine. */ -class StorportHwFindAdapter extends StorportCallbackRoutine, StorportRoleTypeFunction { - StorportHwFindAdapter() { callbackType.getName().matches("HW_FIND_ADAPTER") } -} - -/** A Storport protocol Hardware Reset Bus callback routine. */ -class StorportHwResetBus extends StorportCallbackRoutine, StorportRoleTypeFunction { - StorportHwResetBus() { callbackType.getName().matches("HW_RESET_BUS") } -} - -/** A Storport protocol Hardware Adapter Control callback routine. */ -class StorportHwAdapterControl extends StorportCallbackRoutine, StorportRoleTypeFunction { - StorportHwAdapterControl() { callbackType.getName().matches("HW_ADAPTER_CONTROL") } -} - -/** A Storport protocol Hardware Passive Initialize callback routine. */ -class StorportHwPassiveInitializeRoutine extends StorportCallbackRoutine, StorportRoleTypeFunction { - StorportHwPassiveInitializeRoutine() { - callbackType.getName().matches("HW_PASSIVE_INITIALIZE_ROUTINE") - } -} - -/** A Storport protocol Hardware DPC callback routine. */ -class StorportHwDpcRoutine extends StorportCallbackRoutine, StorportRoleTypeFunction { - StorportHwDpcRoutine() { callbackType.getName().matches("HW_DPC_ROUTINE") } -} - -/** A Storport protocol Hardware Free Adapter Resources callback routine. */ -class StorportHwFreeAdapterResources extends StorportCallbackRoutine, StorportRoleTypeFunction { - StorportHwFreeAdapterResources() { callbackType.getName().matches("HW_FREE_ADAPTER_RESOURCES") } -} - -/** A Storport protocol Hardware Process Service Request callback routine. */ -class StorportHwProcessServiceRequest extends StorportCallbackRoutine, StorportRoleTypeFunction { - StorportHwProcessServiceRequest() { callbackType.getName().matches("HW_PROCESS_SERVICE_REQUEST") } -} - -/** A Storport protocol Hardware Complete Service IRP callback routine. */ -class StorportHwCompleteServiceIrp extends StorportCallbackRoutine, StorportRoleTypeFunction { - StorportHwCompleteServiceIrp() { callbackType.getName().matches("HW_COMPLETE_SERVICE_IRP") } -} - -/** A Storport protocol Hardware Initialize Tracing callback routine. */ -class StorportHwInitializeTracing extends StorportCallbackRoutine, StorportRoleTypeFunction { - StorportHwInitializeTracing() { callbackType.getName().matches("HW_INITIALIZE_TRACING") } -} - -/** A Storport protocol Hardware Cleanup Tracing callback routine. */ -class StorportHwCleanupTracing extends StorportCallbackRoutine, StorportRoleTypeFunction { - StorportHwCleanupTracing() { callbackType.getName().matches("HW_CLEANUP_TRACING") } -} - -/** A Storport protocol Virtual Hardware Find Adapter callback routine. */ -class StorportVirtualHwFindAdapter extends StorportCallbackRoutine, StorportRoleTypeFunction { - StorportVirtualHwFindAdapter() { callbackType.getName().matches("VIRTUAL_HW_FIND_ADAPTER") } -} - -/** A Storport protocol Hardware Message Signaled Interrupt callback routine. */ -class StorportHwMessageSignaledInterruptRoutine extends StorportCallbackRoutine, - StorportRoleTypeFunction -{ - StorportHwMessageSignaledInterruptRoutine() { - callbackType.getName().matches("HW_MESSAGE_SIGNALED_INTERRUPT_ROUTINE") - } -} - -/** A Storport protocol Driver Unload callback routine. */ -class StorportDriverUnload extends StorportCallbackRoutine, StorportRoleTypeFunction { - StorportDriverUnload() { callbackType.getName().matches("DRIVER_UNLOAD") } -} +/** + * This QL library defines classes and predicates for analyzing NDIS drivers. + * It provides definitions for NDIS dispatch routines, callback routines, and role types. + * The library also includes a typedef for the standard NDIS callback routines. + */ + +// Copyright (c) Microsoft Corporation. +// Licensed under the MIT license. +import cpp +import drivers.libraries.SAL + + +/** Determines if a given assignment, recursively, has a Storport callback routine as the right-hand side. */ + +private predicate isCallbackRoutineAssignment(AssignExpr ae) { + exists(FunctionAccess fa | + ae.getRValue() = fa and + fa.getTarget() instanceof StorportCallbackRoutine + ) + or + ae.getRValue() instanceof AssignExpr and + isCallbackRoutineAssignment(ae.getRValue().(AssignExpr)) +} + +/** A typedef for Role Types */ +class StorportRoleTypeType extends TypedefType { + StorportRoleTypeType() { + ( + this.getName().matches("sp_DRIVER_INITIALIZE") or + this.getName().matches("HW_INITIALIZE") or + this.getName().matches("HW_BUILDIO") or + this.getName().matches("HW_STARTIO") or + this.getName().matches("HW_INTERRUPT") or + this.getName().matches("HW_TIMER") or + this.getName().matches("HW_FIND_ADAPTER") or + this.getName().matches("HW_RESET_BUS") or + this.getName().matches("HW_ADAPTER_CONTROL") or + this.getName().matches("HW_PASSIVE_INITIALIZE_ROUTINE") or + this.getName().matches("HW_DPC_ROUTINE") or + this.getName().matches("HW_FREE_ADAPTER_RESOURCES") or + this.getName().matches("HW_PROCESS_SERVICE_REQUEST") or + this.getName().matches("HW_COMPLETE_SERVICE_IRP") or + this.getName().matches("HW_INITIALIZE_TRACING") or + this.getName().matches("HW_CLEANUP_TRACING") or + this.getName().matches("VIRTUAL_HW_FIND_ADAPTER") or + this.getName().matches("HW_MESSAGE_SIGNALED_INTERRUPT_ROUTINE") + ) + } +} + +/** A typedef for the standard Storport callback routines. Aka Role Types */ + +class StorportCallbackRoutineTypedef extends StorportRoleTypeType { + StorportCallbackRoutineTypedef() { this.getFile().getBaseName().matches("storport.h") } +} + +/** + * Represents a function implementing a Storport callback routine. + + * Defines a function to be a callback routine iff it has a typedef + * in its definition which matches the Storport callback typedefs, and it + + * is in a Storport driver (includes wdm.h.) + + */ +class StorportCallbackRoutine extends Function { + /** The callback routine type, i.e. DRIVER_UNLOAD. */ + StorportCallbackRoutineTypedef callbackType; + + StorportCallbackRoutine() { + exists(FunctionDeclarationEntry fde | + fde.getFunction() = this and + fde.getTypedefType() = callbackType + ) + } +} + +/** + * Similar to StorportCallbackRoutine, but specifically for Role Types + */ +abstract class StorportRoleTypeFunction extends Function { + StorportCallbackRoutineTypedef roleType; + + StorportRoleTypeFunction() { + exists(FunctionDeclarationEntry fde | + fde.getFunction() = this and + fde.getTypedefType() = roleType + ) + } + + string getRoleTypeString() { result = roleType.getName() } + + StorportRoleTypeType getRoleTypeType() { result = roleType } +} + +predicate hasRoleType(Function f) { f instanceof StorportRoleTypeFunction } + +class StorportDriverObjectFunctionAccess extends FunctionAccess { + StorportRoleTypeType rttExpected; + + StorportDriverObjectFunctionAccess() { + exists(VariableAccess driverObjectAccess, AssignExpr driverObjectAssign | + driverObjectAccess.getTarget().getType().getName().matches("PDRIVER_OBJECT") and + this = driverObjectAssign.getRValue() and + rttExpected = driverObjectAssign.getLValue().getUnderlyingType().(PointerType).getBaseType() + ) + } + + StorportRoleTypeType getExpectedRoleTypeType() { result = rttExpected } +} + +class StorportDriverEntryPoint extends FunctionAccess { + StorportDriverEntryPoint() { this instanceof StorportDriverObjectFunctionAccess } +} + +// declared functions that are used as if they have a role type, wether or not they do +class StorportImplicitRoleTypeFunction extends Function { + StorportRoleTypeType rttExpected; + FunctionAccess funcUse; + + StorportImplicitRoleTypeFunction() { + exists(FunctionCall fc, int n | fc.getArgument(n) instanceof FunctionAccess | + this = fc.getArgument(n).(FunctionAccess).getTarget() and + fc.getTarget().getParameter(n).getUnderlyingType().(PointerType).getBaseType() instanceof + StorportRoleTypeType and + rttExpected = fc.getTarget().getParameter(n).getUnderlyingType().(PointerType).getBaseType() and + fc.getTarget().getParameter(n).getUnderlyingType().(PointerType).getBaseType() instanceof + StorportRoleTypeType and + funcUse = fc.getArgument(n) + ) + or + exists(StorportDriverObjectFunctionAccess funcAssign | + funcAssign.getTarget() = this and + rttExpected = funcAssign.getExpectedRoleTypeType() and + funcUse = funcAssign + ) + } + + string getExpectedRoleTypeString() { result = rttExpected.toString() } + + StorportRoleTypeType getExpectedRoleTypeType() { result = rttExpected } + + string getActualRoleTypeString() { + if this instanceof StorportRoleTypeFunction + then result = this.(StorportRoleTypeFunction).getRoleTypeType().toString() + else result = "" + } + + FunctionAccess getFunctionUse() { result = funcUse } +} + +/** A Storport protocol Driver Initialize callback routine. */ +class StorportDriverInitialize extends StorportCallbackRoutine, StorportRoleTypeFunction { + StorportDriverInitialize() { callbackType.getName().matches("sp_DRIVER_INITIALIZE") } +} + +/** A Storport protocol Hardware Initialize callback routine. */ +class StorportHwInitialize extends StorportCallbackRoutine, StorportRoleTypeFunction { + StorportHwInitialize() { callbackType.getName().matches("HW_INITIALIZE") } +} + +/** A Storport protocol Hardware Build IO callback routine. */ +class StorportHwBuildIo extends StorportCallbackRoutine, StorportRoleTypeFunction { + StorportHwBuildIo() { callbackType.getName().matches("HW_BUILDIO") } +} + +/** A Storport protocol Hardware Start IO callback routine. */ +class StorportHwStartIo extends StorportCallbackRoutine, StorportRoleTypeFunction { + StorportHwStartIo() { callbackType.getName().matches("HW_STARTIO") } +} + +/** A Storport protocol Hardware Interrupt callback routine. */ +class StorportHwInterrupt extends StorportCallbackRoutine, StorportRoleTypeFunction { + StorportHwInterrupt() { callbackType.getName().matches("HW_INTERRUPT") } +} + +/** A Storport protocol Hardware Timer callback routine. */ +class StorportHwTimer extends StorportCallbackRoutine, StorportRoleTypeFunction { + StorportHwTimer() { callbackType.getName().matches("HW_TIMER") } +} + +/** A Storport protocol Hardware Find Adapter callback routine. */ +class StorportHwFindAdapter extends StorportCallbackRoutine, StorportRoleTypeFunction { + StorportHwFindAdapter() { callbackType.getName().matches("HW_FIND_ADAPTER") } +} + +/** A Storport protocol Hardware Reset Bus callback routine. */ +class StorportHwResetBus extends StorportCallbackRoutine, StorportRoleTypeFunction { + StorportHwResetBus() { callbackType.getName().matches("HW_RESET_BUS") } +} + +/** A Storport protocol Hardware Adapter Control callback routine. */ +class StorportHwAdapterControl extends StorportCallbackRoutine, StorportRoleTypeFunction { + StorportHwAdapterControl() { callbackType.getName().matches("HW_ADAPTER_CONTROL") } +} + +/** A Storport protocol Hardware Passive Initialize callback routine. */ +class StorportHwPassiveInitializeRoutine extends StorportCallbackRoutine, StorportRoleTypeFunction { + StorportHwPassiveInitializeRoutine() { + callbackType.getName().matches("HW_PASSIVE_INITIALIZE_ROUTINE") + } +} + +/** A Storport protocol Hardware DPC callback routine. */ +class StorportHwDpcRoutine extends StorportCallbackRoutine, StorportRoleTypeFunction { + StorportHwDpcRoutine() { callbackType.getName().matches("HW_DPC_ROUTINE") } +} + +/** A Storport protocol Hardware Free Adapter Resources callback routine. */ +class StorportHwFreeAdapterResources extends StorportCallbackRoutine, StorportRoleTypeFunction { + StorportHwFreeAdapterResources() { callbackType.getName().matches("HW_FREE_ADAPTER_RESOURCES") } +} + +/** A Storport protocol Hardware Process Service Request callback routine. */ +class StorportHwProcessServiceRequest extends StorportCallbackRoutine, StorportRoleTypeFunction { + StorportHwProcessServiceRequest() { callbackType.getName().matches("HW_PROCESS_SERVICE_REQUEST") } +} + +/** A Storport protocol Hardware Complete Service IRP callback routine. */ +class StorportHwCompleteServiceIrp extends StorportCallbackRoutine, StorportRoleTypeFunction { + StorportHwCompleteServiceIrp() { callbackType.getName().matches("HW_COMPLETE_SERVICE_IRP") } +} + +/** A Storport protocol Hardware Initialize Tracing callback routine. */ +class StorportHwInitializeTracing extends StorportCallbackRoutine, StorportRoleTypeFunction { + StorportHwInitializeTracing() { callbackType.getName().matches("HW_INITIALIZE_TRACING") } +} + +/** A Storport protocol Hardware Cleanup Tracing callback routine. */ +class StorportHwCleanupTracing extends StorportCallbackRoutine, StorportRoleTypeFunction { + StorportHwCleanupTracing() { callbackType.getName().matches("HW_CLEANUP_TRACING") } +} + +/** A Storport protocol Virtual Hardware Find Adapter callback routine. */ +class StorportVirtualHwFindAdapter extends StorportCallbackRoutine, StorportRoleTypeFunction { + StorportVirtualHwFindAdapter() { callbackType.getName().matches("VIRTUAL_HW_FIND_ADAPTER") } +} + +/** A Storport protocol Hardware Message Signaled Interrupt callback routine. */ +class StorportHwMessageSignaledInterruptRoutine extends StorportCallbackRoutine, + StorportRoleTypeFunction +{ + StorportHwMessageSignaledInterruptRoutine() { + callbackType.getName().matches("HW_MESSAGE_SIGNALED_INTERRUPT_ROUTINE") + } +} + +/** A Storport protocol Driver Unload callback routine. */ +class StorportDriverUnload extends StorportCallbackRoutine, StorportRoleTypeFunction { + StorportDriverUnload() { callbackType.getName().matches("DRIVER_UNLOAD") } +} diff --git a/src/drivers/test/README.md b/src/qlpack/src/drivers/test/README.md similarity index 100% rename from src/drivers/test/README.md rename to src/qlpack/src/drivers/test/README.md diff --git a/src/drivers/test/TestTemplates/ApplicationForDriversTestTemplate/ApplicationForDriversTestTemplate.sln b/src/qlpack/src/drivers/test/TestTemplates/ApplicationForDriversTestTemplate/ApplicationForDriversTestTemplate.sln similarity index 100% rename from src/drivers/test/TestTemplates/ApplicationForDriversTestTemplate/ApplicationForDriversTestTemplate.sln rename to src/qlpack/src/drivers/test/TestTemplates/ApplicationForDriversTestTemplate/ApplicationForDriversTestTemplate.sln diff --git a/src/drivers/test/TestTemplates/ApplicationForDriversTestTemplate/ApplicationForDriversTestTemplate.vcxproj b/src/qlpack/src/drivers/test/TestTemplates/ApplicationForDriversTestTemplate/ApplicationForDriversTestTemplate.vcxproj similarity index 100% rename from src/drivers/test/TestTemplates/ApplicationForDriversTestTemplate/ApplicationForDriversTestTemplate.vcxproj rename to src/qlpack/src/drivers/test/TestTemplates/ApplicationForDriversTestTemplate/ApplicationForDriversTestTemplate.vcxproj diff --git a/src/drivers/test/TestTemplates/ApplicationForDriversTestTemplate/ApplicationForDriversTestTemplate.vcxproj.filters b/src/qlpack/src/drivers/test/TestTemplates/ApplicationForDriversTestTemplate/ApplicationForDriversTestTemplate.vcxproj.filters similarity index 100% rename from src/drivers/test/TestTemplates/ApplicationForDriversTestTemplate/ApplicationForDriversTestTemplate.vcxproj.filters rename to src/qlpack/src/drivers/test/TestTemplates/ApplicationForDriversTestTemplate/ApplicationForDriversTestTemplate.vcxproj.filters diff --git a/src/drivers/test/TestTemplates/ApplicationForDriversTestTemplate/ApplicationForDriversTestTemplate.vcxproj.user b/src/qlpack/src/drivers/test/TestTemplates/ApplicationForDriversTestTemplate/ApplicationForDriversTestTemplate.vcxproj.user similarity index 100% rename from src/drivers/test/TestTemplates/ApplicationForDriversTestTemplate/ApplicationForDriversTestTemplate.vcxproj.user rename to src/qlpack/src/drivers/test/TestTemplates/ApplicationForDriversTestTemplate/ApplicationForDriversTestTemplate.vcxproj.user diff --git a/src/drivers/test/TestTemplates/ApplicationForDriversTestTemplate/Source.cpp b/src/qlpack/src/drivers/test/TestTemplates/ApplicationForDriversTestTemplate/Source.cpp similarity index 100% rename from src/drivers/test/TestTemplates/ApplicationForDriversTestTemplate/Source.cpp rename to src/qlpack/src/drivers/test/TestTemplates/ApplicationForDriversTestTemplate/Source.cpp diff --git a/src/drivers/test/TestTemplates/ApplicationForDriversTestTemplate/driver_snippet.c b/src/qlpack/src/drivers/test/TestTemplates/ApplicationForDriversTestTemplate/driver_snippet.c similarity index 100% rename from src/drivers/test/TestTemplates/ApplicationForDriversTestTemplate/driver_snippet.c rename to src/qlpack/src/drivers/test/TestTemplates/ApplicationForDriversTestTemplate/driver_snippet.c diff --git a/src/drivers/test/TestTemplates/CppKMDFTestTemplate/CppKMDFTestTemplate.inf b/src/qlpack/src/drivers/test/TestTemplates/CppKMDFTestTemplate/CppKMDFTestTemplate.inf similarity index 100% rename from src/drivers/test/TestTemplates/CppKMDFTestTemplate/CppKMDFTestTemplate.inf rename to src/qlpack/src/drivers/test/TestTemplates/CppKMDFTestTemplate/CppKMDFTestTemplate.inf diff --git a/src/drivers/test/TestTemplates/CppKMDFTestTemplate/CppKMDFTestTemplate.sln b/src/qlpack/src/drivers/test/TestTemplates/CppKMDFTestTemplate/CppKMDFTestTemplate.sln similarity index 100% rename from src/drivers/test/TestTemplates/CppKMDFTestTemplate/CppKMDFTestTemplate.sln rename to src/qlpack/src/drivers/test/TestTemplates/CppKMDFTestTemplate/CppKMDFTestTemplate.sln diff --git a/src/drivers/test/TestTemplates/CppKMDFTestTemplate/CppKMDFTestTemplate.vcxproj b/src/qlpack/src/drivers/test/TestTemplates/CppKMDFTestTemplate/CppKMDFTestTemplate.vcxproj similarity index 100% rename from src/drivers/test/TestTemplates/CppKMDFTestTemplate/CppKMDFTestTemplate.vcxproj rename to src/qlpack/src/drivers/test/TestTemplates/CppKMDFTestTemplate/CppKMDFTestTemplate.vcxproj diff --git a/src/drivers/test/TestTemplates/CppKMDFTestTemplate/CppKMDFTestTemplate.vcxproj.filters b/src/qlpack/src/drivers/test/TestTemplates/CppKMDFTestTemplate/CppKMDFTestTemplate.vcxproj.filters similarity index 100% rename from src/drivers/test/TestTemplates/CppKMDFTestTemplate/CppKMDFTestTemplate.vcxproj.filters rename to src/qlpack/src/drivers/test/TestTemplates/CppKMDFTestTemplate/CppKMDFTestTemplate.vcxproj.filters diff --git a/src/drivers/test/TestTemplates/CppKMDFTestTemplate/Device.c b/src/qlpack/src/drivers/test/TestTemplates/CppKMDFTestTemplate/Device.c similarity index 100% rename from src/drivers/test/TestTemplates/CppKMDFTestTemplate/Device.c rename to src/qlpack/src/drivers/test/TestTemplates/CppKMDFTestTemplate/Device.c diff --git a/src/drivers/test/TestTemplates/CppKMDFTestTemplate/Device.h b/src/qlpack/src/drivers/test/TestTemplates/CppKMDFTestTemplate/Device.h similarity index 100% rename from src/drivers/test/TestTemplates/CppKMDFTestTemplate/Device.h rename to src/qlpack/src/drivers/test/TestTemplates/CppKMDFTestTemplate/Device.h diff --git a/src/drivers/test/TestTemplates/CppKMDFTestTemplate/Driver.cpp b/src/qlpack/src/drivers/test/TestTemplates/CppKMDFTestTemplate/Driver.cpp similarity index 100% rename from src/drivers/test/TestTemplates/CppKMDFTestTemplate/Driver.cpp rename to src/qlpack/src/drivers/test/TestTemplates/CppKMDFTestTemplate/Driver.cpp diff --git a/src/drivers/test/TestTemplates/CppKMDFTestTemplate/Driver.h b/src/qlpack/src/drivers/test/TestTemplates/CppKMDFTestTemplate/Driver.h similarity index 100% rename from src/drivers/test/TestTemplates/CppKMDFTestTemplate/Driver.h rename to src/qlpack/src/drivers/test/TestTemplates/CppKMDFTestTemplate/Driver.h diff --git a/src/drivers/test/TestTemplates/CppKMDFTestTemplate/Public.h b/src/qlpack/src/drivers/test/TestTemplates/CppKMDFTestTemplate/Public.h similarity index 100% rename from src/drivers/test/TestTemplates/CppKMDFTestTemplate/Public.h rename to src/qlpack/src/drivers/test/TestTemplates/CppKMDFTestTemplate/Public.h diff --git a/src/drivers/test/TestTemplates/CppKMDFTestTemplate/Queue.c b/src/qlpack/src/drivers/test/TestTemplates/CppKMDFTestTemplate/Queue.c similarity index 100% rename from src/drivers/test/TestTemplates/CppKMDFTestTemplate/Queue.c rename to src/qlpack/src/drivers/test/TestTemplates/CppKMDFTestTemplate/Queue.c diff --git a/src/drivers/test/TestTemplates/CppKMDFTestTemplate/Queue.h b/src/qlpack/src/drivers/test/TestTemplates/CppKMDFTestTemplate/Queue.h similarity index 100% rename from src/drivers/test/TestTemplates/CppKMDFTestTemplate/Queue.h rename to src/qlpack/src/drivers/test/TestTemplates/CppKMDFTestTemplate/Queue.h diff --git a/src/drivers/test/TestTemplates/CppKMDFTestTemplate/ReadMe.txt b/src/qlpack/src/drivers/test/TestTemplates/CppKMDFTestTemplate/ReadMe.txt similarity index 100% rename from src/drivers/test/TestTemplates/CppKMDFTestTemplate/ReadMe.txt rename to src/qlpack/src/drivers/test/TestTemplates/CppKMDFTestTemplate/ReadMe.txt diff --git a/src/drivers/test/TestTemplates/CppKMDFTestTemplate/Trace.h b/src/qlpack/src/drivers/test/TestTemplates/CppKMDFTestTemplate/Trace.h similarity index 100% rename from src/drivers/test/TestTemplates/CppKMDFTestTemplate/Trace.h rename to src/qlpack/src/drivers/test/TestTemplates/CppKMDFTestTemplate/Trace.h diff --git a/src/drivers/test/TestTemplates/CppKMDFTestTemplate/driver/driver_snippet.cpp b/src/qlpack/src/drivers/test/TestTemplates/CppKMDFTestTemplate/driver/driver_snippet.cpp similarity index 100% rename from src/drivers/test/TestTemplates/CppKMDFTestTemplate/driver/driver_snippet.cpp rename to src/qlpack/src/drivers/test/TestTemplates/CppKMDFTestTemplate/driver/driver_snippet.cpp diff --git a/src/drivers/test/TestTemplates/KMDFTestTemplate/Device.c b/src/qlpack/src/drivers/test/TestTemplates/KMDFTestTemplate/Device.c similarity index 100% rename from src/drivers/test/TestTemplates/KMDFTestTemplate/Device.c rename to src/qlpack/src/drivers/test/TestTemplates/KMDFTestTemplate/Device.c diff --git a/src/drivers/test/TestTemplates/KMDFTestTemplate/Device.h b/src/qlpack/src/drivers/test/TestTemplates/KMDFTestTemplate/Device.h similarity index 100% rename from src/drivers/test/TestTemplates/KMDFTestTemplate/Device.h rename to src/qlpack/src/drivers/test/TestTemplates/KMDFTestTemplate/Device.h diff --git a/src/drivers/test/TestTemplates/KMDFTestTemplate/Driver.c b/src/qlpack/src/drivers/test/TestTemplates/KMDFTestTemplate/Driver.c similarity index 100% rename from src/drivers/test/TestTemplates/KMDFTestTemplate/Driver.c rename to src/qlpack/src/drivers/test/TestTemplates/KMDFTestTemplate/Driver.c diff --git a/src/drivers/test/TestTemplates/KMDFTestTemplate/Driver.h b/src/qlpack/src/drivers/test/TestTemplates/KMDFTestTemplate/Driver.h similarity index 100% rename from src/drivers/test/TestTemplates/KMDFTestTemplate/Driver.h rename to src/qlpack/src/drivers/test/TestTemplates/KMDFTestTemplate/Driver.h diff --git a/src/drivers/test/TestTemplates/KMDFTestTemplate/KMDFTestTemplate.inf b/src/qlpack/src/drivers/test/TestTemplates/KMDFTestTemplate/KMDFTestTemplate.inf similarity index 100% rename from src/drivers/test/TestTemplates/KMDFTestTemplate/KMDFTestTemplate.inf rename to src/qlpack/src/drivers/test/TestTemplates/KMDFTestTemplate/KMDFTestTemplate.inf diff --git a/src/drivers/test/TestTemplates/KMDFTestTemplate/KMDFTestTemplate.sln b/src/qlpack/src/drivers/test/TestTemplates/KMDFTestTemplate/KMDFTestTemplate.sln similarity index 100% rename from src/drivers/test/TestTemplates/KMDFTestTemplate/KMDFTestTemplate.sln rename to src/qlpack/src/drivers/test/TestTemplates/KMDFTestTemplate/KMDFTestTemplate.sln diff --git a/src/drivers/test/TestTemplates/KMDFTestTemplate/KMDFTestTemplate.vcxproj b/src/qlpack/src/drivers/test/TestTemplates/KMDFTestTemplate/KMDFTestTemplate.vcxproj similarity index 100% rename from src/drivers/test/TestTemplates/KMDFTestTemplate/KMDFTestTemplate.vcxproj rename to src/qlpack/src/drivers/test/TestTemplates/KMDFTestTemplate/KMDFTestTemplate.vcxproj diff --git a/src/drivers/test/TestTemplates/KMDFTestTemplate/KMDFTestTemplate.vcxproj.filters b/src/qlpack/src/drivers/test/TestTemplates/KMDFTestTemplate/KMDFTestTemplate.vcxproj.filters similarity index 100% rename from src/drivers/test/TestTemplates/KMDFTestTemplate/KMDFTestTemplate.vcxproj.filters rename to src/qlpack/src/drivers/test/TestTemplates/KMDFTestTemplate/KMDFTestTemplate.vcxproj.filters diff --git a/src/drivers/test/TestTemplates/KMDFTestTemplate/Public.h b/src/qlpack/src/drivers/test/TestTemplates/KMDFTestTemplate/Public.h similarity index 100% rename from src/drivers/test/TestTemplates/KMDFTestTemplate/Public.h rename to src/qlpack/src/drivers/test/TestTemplates/KMDFTestTemplate/Public.h diff --git a/src/drivers/test/TestTemplates/KMDFTestTemplate/Queue.c b/src/qlpack/src/drivers/test/TestTemplates/KMDFTestTemplate/Queue.c similarity index 100% rename from src/drivers/test/TestTemplates/KMDFTestTemplate/Queue.c rename to src/qlpack/src/drivers/test/TestTemplates/KMDFTestTemplate/Queue.c diff --git a/src/drivers/test/TestTemplates/KMDFTestTemplate/Queue.h b/src/qlpack/src/drivers/test/TestTemplates/KMDFTestTemplate/Queue.h similarity index 100% rename from src/drivers/test/TestTemplates/KMDFTestTemplate/Queue.h rename to src/qlpack/src/drivers/test/TestTemplates/KMDFTestTemplate/Queue.h diff --git a/src/drivers/test/TestTemplates/KMDFTestTemplate/ReadMe.txt b/src/qlpack/src/drivers/test/TestTemplates/KMDFTestTemplate/ReadMe.txt similarity index 100% rename from src/drivers/test/TestTemplates/KMDFTestTemplate/ReadMe.txt rename to src/qlpack/src/drivers/test/TestTemplates/KMDFTestTemplate/ReadMe.txt diff --git a/src/drivers/test/TestTemplates/KMDFTestTemplate/Trace.h b/src/qlpack/src/drivers/test/TestTemplates/KMDFTestTemplate/Trace.h similarity index 100% rename from src/drivers/test/TestTemplates/KMDFTestTemplate/Trace.h rename to src/qlpack/src/drivers/test/TestTemplates/KMDFTestTemplate/Trace.h diff --git a/src/drivers/test/TestTemplates/KMDFTestTemplate/driver/driver_snippet.c b/src/qlpack/src/drivers/test/TestTemplates/KMDFTestTemplate/driver/driver_snippet.c similarity index 100% rename from src/drivers/test/TestTemplates/KMDFTestTemplate/driver/driver_snippet.c rename to src/qlpack/src/drivers/test/TestTemplates/KMDFTestTemplate/driver/driver_snippet.c diff --git a/src/drivers/test/TestTemplates/QueryTemplate/QueryTemplate.qhelp b/src/qlpack/src/drivers/test/TestTemplates/QueryTemplate/QueryTemplate.qhelp similarity index 100% rename from src/drivers/test/TestTemplates/QueryTemplate/QueryTemplate.qhelp rename to src/qlpack/src/drivers/test/TestTemplates/QueryTemplate/QueryTemplate.qhelp diff --git a/src/drivers/test/TestTemplates/QueryTemplate/QueryTemplate.ql b/src/qlpack/src/drivers/test/TestTemplates/QueryTemplate/QueryTemplate.ql similarity index 100% rename from src/drivers/test/TestTemplates/QueryTemplate/QueryTemplate.ql rename to src/qlpack/src/drivers/test/TestTemplates/QueryTemplate/QueryTemplate.ql diff --git a/src/drivers/test/TestTemplates/QueryTemplate/QueryTemplate.sarif b/src/qlpack/src/drivers/test/TestTemplates/QueryTemplate/QueryTemplate.sarif similarity index 100% rename from src/drivers/test/TestTemplates/QueryTemplate/QueryTemplate.sarif rename to src/qlpack/src/drivers/test/TestTemplates/QueryTemplate/QueryTemplate.sarif diff --git a/src/drivers/test/TestTemplates/QueryTemplate/driver_snippet.c b/src/qlpack/src/drivers/test/TestTemplates/QueryTemplate/driver_snippet.c similarity index 100% rename from src/drivers/test/TestTemplates/QueryTemplate/driver_snippet.c rename to src/qlpack/src/drivers/test/TestTemplates/QueryTemplate/driver_snippet.c diff --git a/src/drivers/test/TestTemplates/WDMTestTemplate/README.md b/src/qlpack/src/drivers/test/TestTemplates/WDMTestTemplate/README.md similarity index 100% rename from src/drivers/test/TestTemplates/WDMTestTemplate/README.md rename to src/qlpack/src/drivers/test/TestTemplates/WDMTestTemplate/README.md diff --git a/src/drivers/test/TestTemplates/WDMTestTemplate/WDMTestTemplate.sln b/src/qlpack/src/drivers/test/TestTemplates/WDMTestTemplate/WDMTestTemplate.sln similarity index 100% rename from src/drivers/test/TestTemplates/WDMTestTemplate/WDMTestTemplate.sln rename to src/qlpack/src/drivers/test/TestTemplates/WDMTestTemplate/WDMTestTemplate.sln diff --git a/src/drivers/test/TestTemplates/WDMTestTemplate/driver/driver_snippet.c b/src/qlpack/src/drivers/test/TestTemplates/WDMTestTemplate/driver/driver_snippet.c similarity index 100% rename from src/drivers/test/TestTemplates/WDMTestTemplate/driver/driver_snippet.c rename to src/qlpack/src/drivers/test/TestTemplates/WDMTestTemplate/driver/driver_snippet.c diff --git a/src/drivers/test/TestTemplates/WDMTestTemplate/driver/fail_driver1.c b/src/qlpack/src/drivers/test/TestTemplates/WDMTestTemplate/driver/fail_driver1.c similarity index 100% rename from src/drivers/test/TestTemplates/WDMTestTemplate/driver/fail_driver1.c rename to src/qlpack/src/drivers/test/TestTemplates/WDMTestTemplate/driver/fail_driver1.c diff --git a/src/drivers/test/TestTemplates/WDMTestTemplate/driver/fail_driver1.h b/src/qlpack/src/drivers/test/TestTemplates/WDMTestTemplate/driver/fail_driver1.h similarity index 100% rename from src/drivers/test/TestTemplates/WDMTestTemplate/driver/fail_driver1.h rename to src/qlpack/src/drivers/test/TestTemplates/WDMTestTemplate/driver/fail_driver1.h diff --git a/src/drivers/test/TestTemplates/WDMTestTemplate/driver/fail_driver1.vcxproj b/src/qlpack/src/drivers/test/TestTemplates/WDMTestTemplate/driver/fail_driver1.vcxproj similarity index 100% rename from src/drivers/test/TestTemplates/WDMTestTemplate/driver/fail_driver1.vcxproj rename to src/qlpack/src/drivers/test/TestTemplates/WDMTestTemplate/driver/fail_driver1.vcxproj diff --git a/src/drivers/test/TestTemplates/WDMTestTemplate/driver/fail_driver1.vcxproj.Filters b/src/qlpack/src/drivers/test/TestTemplates/WDMTestTemplate/driver/fail_driver1.vcxproj.Filters similarity index 100% rename from src/drivers/test/TestTemplates/WDMTestTemplate/driver/fail_driver1.vcxproj.Filters rename to src/qlpack/src/drivers/test/TestTemplates/WDMTestTemplate/driver/fail_driver1.vcxproj.Filters diff --git a/src/drivers/test/TestTemplates/WDMTestTemplate/driver/fail_driver1.vcxproj.user b/src/qlpack/src/drivers/test/TestTemplates/WDMTestTemplate/driver/fail_driver1.vcxproj.user similarity index 100% rename from src/drivers/test/TestTemplates/WDMTestTemplate/driver/fail_driver1.vcxproj.user rename to src/qlpack/src/drivers/test/TestTemplates/WDMTestTemplate/driver/fail_driver1.vcxproj.user diff --git a/src/drivers/test/build_create_analyze_test.py b/src/qlpack/src/drivers/test/build_create_analyze_test.py similarity index 100% rename from src/drivers/test/build_create_analyze_test.py rename to src/qlpack/src/drivers/test/build_create_analyze_test.py diff --git a/src/drivers/test/compare_results.py b/src/qlpack/src/drivers/test/compare_results.py similarity index 100% rename from src/drivers/test/compare_results.py rename to src/qlpack/src/drivers/test/compare_results.py diff --git a/src/drivers/test/diff/AnnotationSyntax.sarif b/src/qlpack/src/drivers/test/diff/AnnotationSyntax.sarif similarity index 100% rename from src/drivers/test/diff/AnnotationSyntax.sarif rename to src/qlpack/src/drivers/test/diff/AnnotationSyntax.sarif diff --git a/src/drivers/test/diff/CurrentFunctionTypeNotCorrect.sarif b/src/qlpack/src/drivers/test/diff/CurrentFunctionTypeNotCorrect.sarif similarity index 100% rename from src/drivers/test/diff/CurrentFunctionTypeNotCorrect.sarif rename to src/qlpack/src/drivers/test/diff/CurrentFunctionTypeNotCorrect.sarif diff --git a/src/drivers/test/diff/DefaultPoolTag.sarif b/src/qlpack/src/drivers/test/diff/DefaultPoolTag.sarif similarity index 100% rename from src/drivers/test/diff/DefaultPoolTag.sarif rename to src/qlpack/src/drivers/test/diff/DefaultPoolTag.sarif diff --git a/src/drivers/test/diff/DefaultPoolTagExtended.sarif b/src/qlpack/src/drivers/test/diff/DefaultPoolTagExtended.sarif similarity index 100% rename from src/drivers/test/diff/DefaultPoolTagExtended.sarif rename to src/qlpack/src/drivers/test/diff/DefaultPoolTagExtended.sarif diff --git a/src/drivers/test/diff/DeviceInitApi.sarif b/src/qlpack/src/drivers/test/diff/DeviceInitApi.sarif similarity index 100% rename from src/drivers/test/diff/DeviceInitApi.sarif rename to src/qlpack/src/drivers/test/diff/DeviceInitApi.sarif diff --git a/src/drivers/test/diff/DriverEntrySaveBuffer.sarif b/src/qlpack/src/drivers/test/diff/DriverEntrySaveBuffer.sarif similarity index 100% rename from src/drivers/test/diff/DriverEntrySaveBuffer.sarif rename to src/qlpack/src/drivers/test/diff/DriverEntrySaveBuffer.sarif diff --git a/src/drivers/test/diff/DriverIsolationRtlViolation.sarif b/src/qlpack/src/drivers/test/diff/DriverIsolationRtlViolation.sarif similarity index 100% rename from src/drivers/test/diff/DriverIsolationRtlViolation.sarif rename to src/qlpack/src/drivers/test/diff/DriverIsolationRtlViolation.sarif diff --git a/src/drivers/test/diff/DriverIsolationZwViolation1.sarif b/src/qlpack/src/drivers/test/diff/DriverIsolationZwViolation1.sarif similarity index 100% rename from src/drivers/test/diff/DriverIsolationZwViolation1.sarif rename to src/qlpack/src/drivers/test/diff/DriverIsolationZwViolation1.sarif diff --git a/src/drivers/test/diff/DriverIsolationZwViolation2.sarif b/src/qlpack/src/drivers/test/diff/DriverIsolationZwViolation2.sarif similarity index 100% rename from src/drivers/test/diff/DriverIsolationZwViolation2.sarif rename to src/qlpack/src/drivers/test/diff/DriverIsolationZwViolation2.sarif diff --git a/src/drivers/test/diff/ExtendedDeprecatedApis.sarif b/src/qlpack/src/drivers/test/diff/ExaminedValue.sarif similarity index 100% rename from src/drivers/test/diff/ExtendedDeprecatedApis.sarif rename to src/qlpack/src/drivers/test/diff/ExaminedValue.sarif diff --git a/src/drivers/test/diff/FloatHardwareStateProtection.sarif b/src/qlpack/src/drivers/test/diff/ExtendedDeprecatedApis.sarif similarity index 100% rename from src/drivers/test/diff/FloatHardwareStateProtection.sarif rename to src/qlpack/src/drivers/test/diff/ExtendedDeprecatedApis.sarif diff --git a/src/drivers/test/diff/FloatSafeExit.sarif b/src/qlpack/src/drivers/test/diff/FloatHardwareStateProtection.sarif similarity index 100% rename from src/drivers/test/diff/FloatSafeExit.sarif rename to src/qlpack/src/drivers/test/diff/FloatHardwareStateProtection.sarif diff --git a/src/drivers/test/diff/FloatUnsafeExit.sarif b/src/qlpack/src/drivers/test/diff/FloatSafeExit.sarif similarity index 100% rename from src/drivers/test/diff/FloatUnsafeExit.sarif rename to src/qlpack/src/drivers/test/diff/FloatSafeExit.sarif diff --git a/src/drivers/test/diff/IRPStackEntryCopy.sarif b/src/qlpack/src/drivers/test/diff/FloatUnsafeExit.sarif similarity index 100% rename from src/drivers/test/diff/IRPStackEntryCopy.sarif rename to src/qlpack/src/drivers/test/diff/FloatUnsafeExit.sarif diff --git a/src/drivers/test/diff/ImportantFunctionCallOptimizedOut.sarif b/src/qlpack/src/drivers/test/diff/IRPStackEntryCopy.sarif similarity index 100% rename from src/drivers/test/diff/ImportantFunctionCallOptimizedOut.sarif rename to src/qlpack/src/drivers/test/diff/IRPStackEntryCopy.sarif diff --git a/src/drivers/test/diff/ImproperNotOperatorOnZero.sarif b/src/qlpack/src/drivers/test/diff/IllegalFieldAccess.sarif similarity index 100% rename from src/drivers/test/diff/ImproperNotOperatorOnZero.sarif rename to src/qlpack/src/drivers/test/diff/IllegalFieldAccess.sarif diff --git a/src/drivers/test/diff/InitNotCleared.sarif b/src/qlpack/src/drivers/test/diff/IllegalFieldAccess2.sarif similarity index 100% rename from src/drivers/test/diff/InitNotCleared.sarif rename to src/qlpack/src/drivers/test/diff/IllegalFieldAccess2.sarif diff --git a/src/drivers/test/diff/InvalidFunctionClassTypedef.sarif b/src/qlpack/src/drivers/test/diff/IllegalFieldWrite.sarif similarity index 100% rename from src/drivers/test/diff/InvalidFunctionClassTypedef.sarif rename to src/qlpack/src/drivers/test/diff/IllegalFieldWrite.sarif diff --git a/src/drivers/test/diff/InvalidFunctionPointerAnnotation.sarif b/src/qlpack/src/drivers/test/diff/ImportantFunctionCallOptimizedOut.sarif similarity index 100% rename from src/drivers/test/diff/InvalidFunctionPointerAnnotation.sarif rename to src/qlpack/src/drivers/test/diff/ImportantFunctionCallOptimizedOut.sarif diff --git a/src/drivers/test/diff/IoInitializeTimerCall.sarif b/src/qlpack/src/drivers/test/diff/ImproperNotOperatorOnZero.sarif similarity index 100% rename from src/drivers/test/diff/IoInitializeTimerCall.sarif rename to src/qlpack/src/drivers/test/diff/ImproperNotOperatorOnZero.sarif diff --git a/src/drivers/test/diff/IrqTooHigh.sarif b/src/qlpack/src/drivers/test/diff/InitNotCleared.sarif similarity index 100% rename from src/drivers/test/diff/IrqTooHigh.sarif rename to src/qlpack/src/drivers/test/diff/InitNotCleared.sarif diff --git a/src/drivers/test/diff/IrqTooLow.sarif b/src/qlpack/src/drivers/test/diff/InvalidFunctionClassTypedef.sarif similarity index 100% rename from src/drivers/test/diff/IrqTooLow.sarif rename to src/qlpack/src/drivers/test/diff/InvalidFunctionClassTypedef.sarif diff --git a/src/drivers/test/diff/IrqlAnnotationIssue.sarif b/src/qlpack/src/drivers/test/diff/InvalidFunctionPointerAnnotation.sarif similarity index 100% rename from src/drivers/test/diff/IrqlAnnotationIssue.sarif rename to src/qlpack/src/drivers/test/diff/InvalidFunctionPointerAnnotation.sarif diff --git a/src/drivers/test/diff/IrqlCancelRoutine.sarif b/src/qlpack/src/drivers/test/diff/IoInitializeTimerCall.sarif similarity index 100% rename from src/drivers/test/diff/IrqlCancelRoutine.sarif rename to src/qlpack/src/drivers/test/diff/IoInitializeTimerCall.sarif diff --git a/src/drivers/test/diff/IrqlFloatStateMismatch.sarif b/src/qlpack/src/drivers/test/diff/IrqTooHigh.sarif similarity index 100% rename from src/drivers/test/diff/IrqlFloatStateMismatch.sarif rename to src/qlpack/src/drivers/test/diff/IrqTooHigh.sarif diff --git a/src/drivers/test/diff/IrqlFunctionNotAnnotated.sarif b/src/qlpack/src/drivers/test/diff/IrqTooLow.sarif similarity index 100% rename from src/drivers/test/diff/IrqlFunctionNotAnnotated.sarif rename to src/qlpack/src/drivers/test/diff/IrqTooLow.sarif diff --git a/src/drivers/test/diff/IrqlIllegalValue.sarif b/src/qlpack/src/drivers/test/diff/IrqlAnnotationIssue.sarif similarity index 100% rename from src/drivers/test/diff/IrqlIllegalValue.sarif rename to src/qlpack/src/drivers/test/diff/IrqlAnnotationIssue.sarif diff --git a/src/drivers/test/diff/IrqlInconsistentWithRequired.sarif b/src/qlpack/src/drivers/test/diff/IrqlCancelRoutine.sarif similarity index 100% rename from src/drivers/test/diff/IrqlInconsistentWithRequired.sarif rename to src/qlpack/src/drivers/test/diff/IrqlCancelRoutine.sarif diff --git a/src/drivers/test/diff/IrqlLoweredImproperly.sarif b/src/qlpack/src/drivers/test/diff/IrqlFloatStateMismatch.sarif similarity index 100% rename from src/drivers/test/diff/IrqlLoweredImproperly.sarif rename to src/qlpack/src/drivers/test/diff/IrqlFloatStateMismatch.sarif diff --git a/src/drivers/test/diff/KeSetEventIrql.sarif b/src/qlpack/src/drivers/test/diff/IrqlFunctionNotAnnotated.sarif similarity index 100% rename from src/drivers/test/diff/KeSetEventIrql.sarif rename to src/qlpack/src/drivers/test/diff/IrqlFunctionNotAnnotated.sarif diff --git a/src/drivers/test/diff/KeSetEventPageable.sarif b/src/qlpack/src/drivers/test/diff/IrqlIllegalValue.sarif similarity index 100% rename from src/drivers/test/diff/KeSetEventPageable.sarif rename to src/qlpack/src/drivers/test/diff/IrqlIllegalValue.sarif diff --git a/src/drivers/test/diff/MultipleFunctionClassAnnotations.sarif b/src/qlpack/src/drivers/test/diff/IrqlInconsistentWithRequired.sarif similarity index 100% rename from src/drivers/test/diff/MultipleFunctionClassAnnotations.sarif rename to src/qlpack/src/drivers/test/diff/IrqlInconsistentWithRequired.sarif diff --git a/src/drivers/test/diff/MultithreadedAVCondition.sarif b/src/qlpack/src/drivers/test/diff/IrqlLoweredImproperly.sarif similarity index 100% rename from src/drivers/test/diff/MultithreadedAVCondition.sarif rename to src/qlpack/src/drivers/test/diff/IrqlLoweredImproperly.sarif diff --git a/src/drivers/test/diff/NtstatusExplicitCast.sarif b/src/qlpack/src/drivers/test/diff/IrqlNotSaved.sarif similarity index 100% rename from src/drivers/test/diff/NtstatusExplicitCast.sarif rename to src/qlpack/src/drivers/test/diff/IrqlNotSaved.sarif diff --git a/src/drivers/test/diff/NtstatusExplicitCast2.sarif b/src/qlpack/src/drivers/test/diff/IrqlNotUsed.sarif similarity index 100% rename from src/drivers/test/diff/NtstatusExplicitCast2.sarif rename to src/qlpack/src/drivers/test/diff/IrqlNotUsed.sarif diff --git a/src/drivers/test/diff/NtstatusExplicitCast3.sarif b/src/qlpack/src/drivers/test/diff/IrqlSetTooHigh.sarif similarity index 100% rename from src/drivers/test/diff/NtstatusExplicitCast3.sarif rename to src/qlpack/src/drivers/test/diff/IrqlSetTooHigh.sarif diff --git a/src/drivers/test/diff/IrqlSetTooLow.sarif b/src/qlpack/src/drivers/test/diff/IrqlSetTooLow.sarif similarity index 100% rename from src/drivers/test/diff/IrqlSetTooLow.sarif rename to src/qlpack/src/drivers/test/diff/IrqlSetTooLow.sarif diff --git a/src/drivers/test/diff/NullCharacterPointerAssignment.sarif b/src/qlpack/src/drivers/test/diff/IrqlTooHigh.sarif similarity index 100% rename from src/drivers/test/diff/NullCharacterPointerAssignment.sarif rename to src/qlpack/src/drivers/test/diff/IrqlTooHigh.sarif diff --git a/src/drivers/test/diff/ObReferenceMode.sarif b/src/qlpack/src/drivers/test/diff/IrqlTooLow.sarif similarity index 100% rename from src/drivers/test/diff/ObReferenceMode.sarif rename to src/qlpack/src/drivers/test/diff/IrqlTooLow.sarif diff --git a/src/drivers/test/diff/OperandAssignment.sarif b/src/qlpack/src/drivers/test/diff/KeSetEventIrql.sarif similarity index 100% rename from src/drivers/test/diff/OperandAssignment.sarif rename to src/qlpack/src/drivers/test/diff/KeSetEventIrql.sarif diff --git a/src/drivers/test/diff/PointerVariableSize.sarif b/src/qlpack/src/drivers/test/diff/KeSetEventPageable.sarif similarity index 100% rename from src/drivers/test/diff/PointerVariableSize.sarif rename to src/qlpack/src/drivers/test/diff/KeSetEventPageable.sarif diff --git a/src/drivers/test/diff/PoolTagIntegral.sarif b/src/qlpack/src/drivers/test/diff/KeWaitLocal.sarif similarity index 100% rename from src/drivers/test/diff/PoolTagIntegral.sarif rename to src/qlpack/src/drivers/test/diff/KeWaitLocal.sarif diff --git a/src/drivers/test/diff/RoutineFunctionTypeNotExpected.sarif b/src/qlpack/src/drivers/test/diff/MultipleFunctionClassAnnotations.sarif similarity index 100% rename from src/drivers/test/diff/RoutineFunctionTypeNotExpected.sarif rename to src/qlpack/src/drivers/test/diff/MultipleFunctionClassAnnotations.sarif diff --git a/src/drivers/test/diff/StaticInitializer.sarif b/src/qlpack/src/drivers/test/diff/MultiplePagedCode.sarif similarity index 100% rename from src/drivers/test/diff/StaticInitializer.sarif rename to src/qlpack/src/drivers/test/diff/MultiplePagedCode.sarif diff --git a/src/drivers/test/diff/StrictTypeMatch.sarif b/src/qlpack/src/drivers/test/diff/MultithreadedAVCondition.sarif similarity index 100% rename from src/drivers/test/diff/StrictTypeMatch.sarif rename to src/qlpack/src/drivers/test/diff/MultithreadedAVCondition.sarif diff --git a/src/drivers/test/diff/UnsafeCallInGlobalInit.sarif b/src/qlpack/src/drivers/test/diff/NoPagedCode.sarif similarity index 100% rename from src/drivers/test/diff/UnsafeCallInGlobalInit.sarif rename to src/qlpack/src/drivers/test/diff/NoPagedCode.sarif diff --git a/src/drivers/test/diff/WdkDeprecatedApis.sarif b/src/qlpack/src/drivers/test/diff/NoPagingSegment.sarif similarity index 100% rename from src/drivers/test/diff/WdkDeprecatedApis.sarif rename to src/qlpack/src/drivers/test/diff/NoPagingSegment.sarif diff --git a/src/drivers/test/diff/IllegalFieldAccess2.sarif b/src/qlpack/src/drivers/test/diff/NtstatusExplicitCast.sarif similarity index 93% rename from src/drivers/test/diff/IllegalFieldAccess2.sarif rename to src/qlpack/src/drivers/test/diff/NtstatusExplicitCast.sarif index 8d5a80f9..dea8275e 100644 --- a/src/drivers/test/diff/IllegalFieldAccess2.sarif +++ b/src/qlpack/src/drivers/test/diff/NtstatusExplicitCast.sarif @@ -1,21 +1,21 @@ -{ - "all": { - "+": 0, - "-": 0 - }, - "error": { - "+": 0, - "-": 0, - "codes": [] - }, - "warning": { - "+": 0, - "-": 0, - "codes": [] - }, - "note": { - "+": 0, - "-": 0, - "codes": [] - } +{ + "all": { + "+": 0, + "-": 0 + }, + "error": { + "+": 0, + "-": 0, + "codes": [] + }, + "warning": { + "+": 0, + "-": 0, + "codes": [] + }, + "note": { + "+": 0, + "-": 0, + "codes": [] + } } \ No newline at end of file diff --git a/src/drivers/test/diff/IllegalFieldWrite.sarif b/src/qlpack/src/drivers/test/diff/NtstatusExplicitCast2.sarif similarity index 93% rename from src/drivers/test/diff/IllegalFieldWrite.sarif rename to src/qlpack/src/drivers/test/diff/NtstatusExplicitCast2.sarif index 8d5a80f9..dea8275e 100644 --- a/src/drivers/test/diff/IllegalFieldWrite.sarif +++ b/src/qlpack/src/drivers/test/diff/NtstatusExplicitCast2.sarif @@ -1,21 +1,21 @@ -{ - "all": { - "+": 0, - "-": 0 - }, - "error": { - "+": 0, - "-": 0, - "codes": [] - }, - "warning": { - "+": 0, - "-": 0, - "codes": [] - }, - "note": { - "+": 0, - "-": 0, - "codes": [] - } +{ + "all": { + "+": 0, + "-": 0 + }, + "error": { + "+": 0, + "-": 0, + "codes": [] + }, + "warning": { + "+": 0, + "-": 0, + "codes": [] + }, + "note": { + "+": 0, + "-": 0, + "codes": [] + } } \ No newline at end of file diff --git a/src/drivers/test/diff/ExaminedValue.sarif b/src/qlpack/src/drivers/test/diff/NtstatusExplicitCast3.sarif similarity index 93% rename from src/drivers/test/diff/ExaminedValue.sarif rename to src/qlpack/src/drivers/test/diff/NtstatusExplicitCast3.sarif index 8d5a80f9..dea8275e 100644 --- a/src/drivers/test/diff/ExaminedValue.sarif +++ b/src/qlpack/src/drivers/test/diff/NtstatusExplicitCast3.sarif @@ -1,21 +1,21 @@ -{ - "all": { - "+": 0, - "-": 0 - }, - "error": { - "+": 0, - "-": 0, - "codes": [] - }, - "warning": { - "+": 0, - "-": 0, - "codes": [] - }, - "note": { - "+": 0, - "-": 0, - "codes": [] - } +{ + "all": { + "+": 0, + "-": 0 + }, + "error": { + "+": 0, + "-": 0, + "codes": [] + }, + "warning": { + "+": 0, + "-": 0, + "codes": [] + }, + "note": { + "+": 0, + "-": 0, + "codes": [] + } } \ No newline at end of file diff --git a/src/drivers/test/diff/IllegalFieldAccess.sarif b/src/qlpack/src/drivers/test/diff/NullCharacterPointerAssignment.sarif similarity index 93% rename from src/drivers/test/diff/IllegalFieldAccess.sarif rename to src/qlpack/src/drivers/test/diff/NullCharacterPointerAssignment.sarif index 8d5a80f9..dea8275e 100644 --- a/src/drivers/test/diff/IllegalFieldAccess.sarif +++ b/src/qlpack/src/drivers/test/diff/NullCharacterPointerAssignment.sarif @@ -1,21 +1,21 @@ -{ - "all": { - "+": 0, - "-": 0 - }, - "error": { - "+": 0, - "-": 0, - "codes": [] - }, - "warning": { - "+": 0, - "-": 0, - "codes": [] - }, - "note": { - "+": 0, - "-": 0, - "codes": [] - } +{ + "all": { + "+": 0, + "-": 0 + }, + "error": { + "+": 0, + "-": 0, + "codes": [] + }, + "warning": { + "+": 0, + "-": 0, + "codes": [] + }, + "note": { + "+": 0, + "-": 0, + "codes": [] + } } \ No newline at end of file diff --git a/src/qlpack/src/drivers/test/diff/ObReferenceMode.sarif b/src/qlpack/src/drivers/test/diff/ObReferenceMode.sarif new file mode 100644 index 00000000..dea8275e --- /dev/null +++ b/src/qlpack/src/drivers/test/diff/ObReferenceMode.sarif @@ -0,0 +1,21 @@ +{ + "all": { + "+": 0, + "-": 0 + }, + "error": { + "+": 0, + "-": 0, + "codes": [] + }, + "warning": { + "+": 0, + "-": 0, + "codes": [] + }, + "note": { + "+": 0, + "-": 0, + "codes": [] + } +} \ No newline at end of file diff --git a/src/drivers/test/diff/OpaqueMdlUse.sarif b/src/qlpack/src/drivers/test/diff/OpaqueMdlUse.sarif similarity index 93% rename from src/drivers/test/diff/OpaqueMdlUse.sarif rename to src/qlpack/src/drivers/test/diff/OpaqueMdlUse.sarif index 8d5a80f9..dea8275e 100644 --- a/src/drivers/test/diff/OpaqueMdlUse.sarif +++ b/src/qlpack/src/drivers/test/diff/OpaqueMdlUse.sarif @@ -1,21 +1,21 @@ -{ - "all": { - "+": 0, - "-": 0 - }, - "error": { - "+": 0, - "-": 0, - "codes": [] - }, - "warning": { - "+": 0, - "-": 0, - "codes": [] - }, - "note": { - "+": 0, - "-": 0, - "codes": [] - } +{ + "all": { + "+": 0, + "-": 0 + }, + "error": { + "+": 0, + "-": 0, + "codes": [] + }, + "warning": { + "+": 0, + "-": 0, + "codes": [] + }, + "note": { + "+": 0, + "-": 0, + "codes": [] + } } \ No newline at end of file diff --git a/src/drivers/test/diff/OpaqueMdlWrite.sarif b/src/qlpack/src/drivers/test/diff/OpaqueMdlWrite.sarif similarity index 93% rename from src/drivers/test/diff/OpaqueMdlWrite.sarif rename to src/qlpack/src/drivers/test/diff/OpaqueMdlWrite.sarif index 8d5a80f9..dea8275e 100644 --- a/src/drivers/test/diff/OpaqueMdlWrite.sarif +++ b/src/qlpack/src/drivers/test/diff/OpaqueMdlWrite.sarif @@ -1,21 +1,21 @@ -{ - "all": { - "+": 0, - "-": 0 - }, - "error": { - "+": 0, - "-": 0, - "codes": [] - }, - "warning": { - "+": 0, - "-": 0, - "codes": [] - }, - "note": { - "+": 0, - "-": 0, - "codes": [] - } +{ + "all": { + "+": 0, + "-": 0 + }, + "error": { + "+": 0, + "-": 0, + "codes": [] + }, + "warning": { + "+": 0, + "-": 0, + "codes": [] + }, + "note": { + "+": 0, + "-": 0, + "codes": [] + } } \ No newline at end of file diff --git a/src/qlpack/src/drivers/test/diff/OperandAssignment.sarif b/src/qlpack/src/drivers/test/diff/OperandAssignment.sarif new file mode 100644 index 00000000..dea8275e --- /dev/null +++ b/src/qlpack/src/drivers/test/diff/OperandAssignment.sarif @@ -0,0 +1,21 @@ +{ + "all": { + "+": 0, + "-": 0 + }, + "error": { + "+": 0, + "-": 0, + "codes": [] + }, + "warning": { + "+": 0, + "-": 0, + "codes": [] + }, + "note": { + "+": 0, + "-": 0, + "codes": [] + } +} \ No newline at end of file diff --git a/src/drivers/test/diff/PendingStatusError.sarif b/src/qlpack/src/drivers/test/diff/PendingStatusError.sarif similarity index 93% rename from src/drivers/test/diff/PendingStatusError.sarif rename to src/qlpack/src/drivers/test/diff/PendingStatusError.sarif index 8d5a80f9..dea8275e 100644 --- a/src/drivers/test/diff/PendingStatusError.sarif +++ b/src/qlpack/src/drivers/test/diff/PendingStatusError.sarif @@ -1,21 +1,21 @@ -{ - "all": { - "+": 0, - "-": 0 - }, - "error": { - "+": 0, - "-": 0, - "codes": [] - }, - "warning": { - "+": 0, - "-": 0, - "codes": [] - }, - "note": { - "+": 0, - "-": 0, - "codes": [] - } +{ + "all": { + "+": 0, + "-": 0 + }, + "error": { + "+": 0, + "-": 0, + "codes": [] + }, + "warning": { + "+": 0, + "-": 0, + "codes": [] + }, + "note": { + "+": 0, + "-": 0, + "codes": [] + } } \ No newline at end of file diff --git a/src/qlpack/src/drivers/test/diff/PointerVariableSize.sarif b/src/qlpack/src/drivers/test/diff/PointerVariableSize.sarif new file mode 100644 index 00000000..dea8275e --- /dev/null +++ b/src/qlpack/src/drivers/test/diff/PointerVariableSize.sarif @@ -0,0 +1,21 @@ +{ + "all": { + "+": 0, + "-": 0 + }, + "error": { + "+": 0, + "-": 0, + "codes": [] + }, + "warning": { + "+": 0, + "-": 0, + "codes": [] + }, + "note": { + "+": 0, + "-": 0, + "codes": [] + } +} \ No newline at end of file diff --git a/src/qlpack/src/drivers/test/diff/PoolTagIntegral.sarif b/src/qlpack/src/drivers/test/diff/PoolTagIntegral.sarif new file mode 100644 index 00000000..dea8275e --- /dev/null +++ b/src/qlpack/src/drivers/test/diff/PoolTagIntegral.sarif @@ -0,0 +1,21 @@ +{ + "all": { + "+": 0, + "-": 0 + }, + "error": { + "+": 0, + "-": 0, + "codes": [] + }, + "warning": { + "+": 0, + "-": 0, + "codes": [] + }, + "note": { + "+": 0, + "-": 0, + "codes": [] + } +} \ No newline at end of file diff --git a/src/drivers/test/diff/RoleTypeCorrectlyUsed.sarif b/src/qlpack/src/drivers/test/diff/RoleTypeCorrectlyUsed.sarif similarity index 93% rename from src/drivers/test/diff/RoleTypeCorrectlyUsed.sarif rename to src/qlpack/src/drivers/test/diff/RoleTypeCorrectlyUsed.sarif index 8d5a80f9..dea8275e 100644 --- a/src/drivers/test/diff/RoleTypeCorrectlyUsed.sarif +++ b/src/qlpack/src/drivers/test/diff/RoleTypeCorrectlyUsed.sarif @@ -1,21 +1,21 @@ -{ - "all": { - "+": 0, - "-": 0 - }, - "error": { - "+": 0, - "-": 0, - "codes": [] - }, - "warning": { - "+": 0, - "-": 0, - "codes": [] - }, - "note": { - "+": 0, - "-": 0, - "codes": [] - } +{ + "all": { + "+": 0, + "-": 0 + }, + "error": { + "+": 0, + "-": 0, + "codes": [] + }, + "warning": { + "+": 0, + "-": 0, + "codes": [] + }, + "note": { + "+": 0, + "-": 0, + "codes": [] + } } \ No newline at end of file diff --git a/src/qlpack/src/drivers/test/diff/RoutineFunctionTypeNotExpected.sarif b/src/qlpack/src/drivers/test/diff/RoutineFunctionTypeNotExpected.sarif new file mode 100644 index 00000000..dea8275e --- /dev/null +++ b/src/qlpack/src/drivers/test/diff/RoutineFunctionTypeNotExpected.sarif @@ -0,0 +1,21 @@ +{ + "all": { + "+": 0, + "-": 0 + }, + "error": { + "+": 0, + "-": 0, + "codes": [] + }, + "warning": { + "+": 0, + "-": 0, + "codes": [] + }, + "note": { + "+": 0, + "-": 0, + "codes": [] + } +} \ No newline at end of file diff --git a/src/qlpack/src/drivers/test/diff/StaticInitializer.sarif b/src/qlpack/src/drivers/test/diff/StaticInitializer.sarif new file mode 100644 index 00000000..dea8275e --- /dev/null +++ b/src/qlpack/src/drivers/test/diff/StaticInitializer.sarif @@ -0,0 +1,21 @@ +{ + "all": { + "+": 0, + "-": 0 + }, + "error": { + "+": 0, + "-": 0, + "codes": [] + }, + "warning": { + "+": 0, + "-": 0, + "codes": [] + }, + "note": { + "+": 0, + "-": 0, + "codes": [] + } +} \ No newline at end of file diff --git a/src/drivers/test/diff/StrSafe.sarif b/src/qlpack/src/drivers/test/diff/StrSafe.sarif similarity index 93% rename from src/drivers/test/diff/StrSafe.sarif rename to src/qlpack/src/drivers/test/diff/StrSafe.sarif index 8d5a80f9..dea8275e 100644 --- a/src/drivers/test/diff/StrSafe.sarif +++ b/src/qlpack/src/drivers/test/diff/StrSafe.sarif @@ -1,21 +1,21 @@ -{ - "all": { - "+": 0, - "-": 0 - }, - "error": { - "+": 0, - "-": 0, - "codes": [] - }, - "warning": { - "+": 0, - "-": 0, - "codes": [] - }, - "note": { - "+": 0, - "-": 0, - "codes": [] - } +{ + "all": { + "+": 0, + "-": 0 + }, + "error": { + "+": 0, + "-": 0, + "codes": [] + }, + "warning": { + "+": 0, + "-": 0, + "codes": [] + }, + "note": { + "+": 0, + "-": 0, + "codes": [] + } } \ No newline at end of file diff --git a/src/qlpack/src/drivers/test/diff/StrictTypeMatch.sarif b/src/qlpack/src/drivers/test/diff/StrictTypeMatch.sarif new file mode 100644 index 00000000..dea8275e --- /dev/null +++ b/src/qlpack/src/drivers/test/diff/StrictTypeMatch.sarif @@ -0,0 +1,21 @@ +{ + "all": { + "+": 0, + "-": 0 + }, + "error": { + "+": 0, + "-": 0, + "codes": [] + }, + "warning": { + "+": 0, + "-": 0, + "codes": [] + }, + "note": { + "+": 0, + "-": 0, + "codes": [] + } +} \ No newline at end of file diff --git a/src/drivers/test/diff/UnicodeStringFreed.sarif b/src/qlpack/src/drivers/test/diff/UnicodeStringFreed.sarif similarity index 93% rename from src/drivers/test/diff/UnicodeStringFreed.sarif rename to src/qlpack/src/drivers/test/diff/UnicodeStringFreed.sarif index 8d5a80f9..dea8275e 100644 --- a/src/drivers/test/diff/UnicodeStringFreed.sarif +++ b/src/qlpack/src/drivers/test/diff/UnicodeStringFreed.sarif @@ -1,21 +1,21 @@ -{ - "all": { - "+": 0, - "-": 0 - }, - "error": { - "+": 0, - "-": 0, - "codes": [] - }, - "warning": { - "+": 0, - "-": 0, - "codes": [] - }, - "note": { - "+": 0, - "-": 0, - "codes": [] - } +{ + "all": { + "+": 0, + "-": 0 + }, + "error": { + "+": 0, + "-": 0, + "codes": [] + }, + "warning": { + "+": 0, + "-": 0, + "codes": [] + }, + "note": { + "+": 0, + "-": 0, + "codes": [] + } } \ No newline at end of file diff --git a/src/qlpack/src/drivers/test/diff/UnsafeCallInGlobalInit.sarif b/src/qlpack/src/drivers/test/diff/UnsafeCallInGlobalInit.sarif new file mode 100644 index 00000000..dea8275e --- /dev/null +++ b/src/qlpack/src/drivers/test/diff/UnsafeCallInGlobalInit.sarif @@ -0,0 +1,21 @@ +{ + "all": { + "+": 0, + "-": 0 + }, + "error": { + "+": 0, + "-": 0, + "codes": [] + }, + "warning": { + "+": 0, + "-": 0, + "codes": [] + }, + "note": { + "+": 0, + "-": 0, + "codes": [] + } +} \ No newline at end of file diff --git a/src/qlpack/src/drivers/test/diff/WdkDeprecatedApis.sarif b/src/qlpack/src/drivers/test/diff/WdkDeprecatedApis.sarif new file mode 100644 index 00000000..dea8275e --- /dev/null +++ b/src/qlpack/src/drivers/test/diff/WdkDeprecatedApis.sarif @@ -0,0 +1,21 @@ +{ + "all": { + "+": 0, + "-": 0 + }, + "error": { + "+": 0, + "-": 0, + "codes": [] + }, + "warning": { + "+": 0, + "-": 0, + "codes": [] + }, + "note": { + "+": 0, + "-": 0, + "codes": [] + } +} \ No newline at end of file diff --git a/src/drivers/test/diff/WrongDispatchTableAssignment.sarif b/src/qlpack/src/drivers/test/diff/WrongDispatchTableAssignment.sarif similarity index 93% rename from src/drivers/test/diff/WrongDispatchTableAssignment.sarif rename to src/qlpack/src/drivers/test/diff/WrongDispatchTableAssignment.sarif index 8d5a80f9..dea8275e 100644 --- a/src/drivers/test/diff/WrongDispatchTableAssignment.sarif +++ b/src/qlpack/src/drivers/test/diff/WrongDispatchTableAssignment.sarif @@ -1,21 +1,21 @@ -{ - "all": { - "+": 0, - "-": 0 - }, - "error": { - "+": 0, - "-": 0, - "codes": [] - }, - "warning": { - "+": 0, - "-": 0, - "codes": [] - }, - "note": { - "+": 0, - "-": 0, - "codes": [] - } +{ + "all": { + "+": 0, + "-": 0 + }, + "error": { + "+": 0, + "-": 0, + "codes": [] + }, + "warning": { + "+": 0, + "-": 0, + "codes": [] + }, + "note": { + "+": 0, + "-": 0, + "codes": [] + } } \ No newline at end of file diff --git a/src/drivers/test/dvl_tests/dvl_tests.ps1 b/src/qlpack/src/drivers/test/dvl_tests/dvl_tests.ps1 similarity index 100% rename from src/drivers/test/dvl_tests/dvl_tests.ps1 rename to src/qlpack/src/drivers/test/dvl_tests/dvl_tests.ps1 diff --git a/src/drivers/test/dvl_tests/expected_results/clean_expected.sarif b/src/qlpack/src/drivers/test/dvl_tests/expected_results/clean_expected.sarif similarity index 100% rename from src/drivers/test/dvl_tests/expected_results/clean_expected.sarif rename to src/qlpack/src/drivers/test/dvl_tests/expected_results/clean_expected.sarif diff --git a/src/drivers/test/dvl_tests/expected_results/mustfix_expected.sarif b/src/qlpack/src/drivers/test/dvl_tests/expected_results/mustfix_expected.sarif similarity index 100% rename from src/drivers/test/dvl_tests/expected_results/mustfix_expected.sarif rename to src/qlpack/src/drivers/test/dvl_tests/expected_results/mustfix_expected.sarif diff --git a/src/drivers/test/requirements.txt b/src/qlpack/src/drivers/test/requirements.txt similarity index 100% rename from src/drivers/test/requirements.txt rename to src/qlpack/src/drivers/test/requirements.txt diff --git a/src/drivers/wdm/libraries/Mdl.qll b/src/qlpack/src/drivers/wdm/libraries/Mdl.qll similarity index 100% rename from src/drivers/wdm/libraries/Mdl.qll rename to src/qlpack/src/drivers/wdm/libraries/Mdl.qll diff --git a/src/drivers/wdm/libraries/WdmDrivers.qll b/src/qlpack/src/drivers/wdm/libraries/WdmDrivers.qll similarity index 100% rename from src/drivers/wdm/libraries/WdmDrivers.qll rename to src/qlpack/src/drivers/wdm/libraries/WdmDrivers.qll diff --git a/src/drivers/wdm/queries/IllegalFieldAccess/IllegalFieldAccess.qhelp b/src/qlpack/src/drivers/wdm/queries/IllegalFieldAccess/IllegalFieldAccess.qhelp similarity index 100% rename from src/drivers/wdm/queries/IllegalFieldAccess/IllegalFieldAccess.qhelp rename to src/qlpack/src/drivers/wdm/queries/IllegalFieldAccess/IllegalFieldAccess.qhelp diff --git a/src/drivers/wdm/queries/IllegalFieldAccess/IllegalFieldAccess.ql b/src/qlpack/src/drivers/wdm/queries/IllegalFieldAccess/IllegalFieldAccess.ql similarity index 100% rename from src/drivers/wdm/queries/IllegalFieldAccess/IllegalFieldAccess.ql rename to src/qlpack/src/drivers/wdm/queries/IllegalFieldAccess/IllegalFieldAccess.ql diff --git a/src/drivers/wdm/queries/IllegalFieldAccess/IllegalFieldAccess.sarif b/src/qlpack/src/drivers/wdm/queries/IllegalFieldAccess/IllegalFieldAccess.sarif similarity index 100% rename from src/drivers/wdm/queries/IllegalFieldAccess/IllegalFieldAccess.sarif rename to src/qlpack/src/drivers/wdm/queries/IllegalFieldAccess/IllegalFieldAccess.sarif diff --git a/src/drivers/wdm/queries/IllegalFieldAccess/driver_snippet.c b/src/qlpack/src/drivers/wdm/queries/IllegalFieldAccess/driver_snippet.c similarity index 100% rename from src/drivers/wdm/queries/IllegalFieldAccess/driver_snippet.c rename to src/qlpack/src/drivers/wdm/queries/IllegalFieldAccess/driver_snippet.c diff --git a/src/drivers/wdm/queries/IllegalFieldAccess2/IllegalFieldAccess2.qhelp b/src/qlpack/src/drivers/wdm/queries/IllegalFieldAccess2/IllegalFieldAccess2.qhelp similarity index 100% rename from src/drivers/wdm/queries/IllegalFieldAccess2/IllegalFieldAccess2.qhelp rename to src/qlpack/src/drivers/wdm/queries/IllegalFieldAccess2/IllegalFieldAccess2.qhelp diff --git a/src/drivers/wdm/queries/IllegalFieldAccess2/IllegalFieldAccess2.ql b/src/qlpack/src/drivers/wdm/queries/IllegalFieldAccess2/IllegalFieldAccess2.ql similarity index 100% rename from src/drivers/wdm/queries/IllegalFieldAccess2/IllegalFieldAccess2.ql rename to src/qlpack/src/drivers/wdm/queries/IllegalFieldAccess2/IllegalFieldAccess2.ql diff --git a/src/drivers/wdm/queries/IllegalFieldAccess2/IllegalFieldAccess2.sarif b/src/qlpack/src/drivers/wdm/queries/IllegalFieldAccess2/IllegalFieldAccess2.sarif similarity index 100% rename from src/drivers/wdm/queries/IllegalFieldAccess2/IllegalFieldAccess2.sarif rename to src/qlpack/src/drivers/wdm/queries/IllegalFieldAccess2/IllegalFieldAccess2.sarif diff --git a/src/drivers/wdm/queries/IllegalFieldAccess2/driver_snippet.c b/src/qlpack/src/drivers/wdm/queries/IllegalFieldAccess2/driver_snippet.c similarity index 100% rename from src/drivers/wdm/queries/IllegalFieldAccess2/driver_snippet.c rename to src/qlpack/src/drivers/wdm/queries/IllegalFieldAccess2/driver_snippet.c diff --git a/src/drivers/wdm/queries/IllegalFieldWrite/IllegalFieldWrite.qhelp b/src/qlpack/src/drivers/wdm/queries/IllegalFieldWrite/IllegalFieldWrite.qhelp similarity index 100% rename from src/drivers/wdm/queries/IllegalFieldWrite/IllegalFieldWrite.qhelp rename to src/qlpack/src/drivers/wdm/queries/IllegalFieldWrite/IllegalFieldWrite.qhelp diff --git a/src/drivers/wdm/queries/IllegalFieldWrite/IllegalFieldWrite.ql b/src/qlpack/src/drivers/wdm/queries/IllegalFieldWrite/IllegalFieldWrite.ql similarity index 100% rename from src/drivers/wdm/queries/IllegalFieldWrite/IllegalFieldWrite.ql rename to src/qlpack/src/drivers/wdm/queries/IllegalFieldWrite/IllegalFieldWrite.ql diff --git a/src/drivers/wdm/queries/IllegalFieldWrite/IllegalFieldWrite.sarif b/src/qlpack/src/drivers/wdm/queries/IllegalFieldWrite/IllegalFieldWrite.sarif similarity index 100% rename from src/drivers/wdm/queries/IllegalFieldWrite/IllegalFieldWrite.sarif rename to src/qlpack/src/drivers/wdm/queries/IllegalFieldWrite/IllegalFieldWrite.sarif diff --git a/src/drivers/wdm/queries/IllegalFieldWrite/driver_snippet.c b/src/qlpack/src/drivers/wdm/queries/IllegalFieldWrite/driver_snippet.c similarity index 100% rename from src/drivers/wdm/queries/IllegalFieldWrite/driver_snippet.c rename to src/qlpack/src/drivers/wdm/queries/IllegalFieldWrite/driver_snippet.c diff --git a/src/drivers/wdm/queries/InconsistentDispatchAnnotations.ql b/src/qlpack/src/drivers/wdm/queries/InconsistentDispatchAnnotations.ql similarity index 100% rename from src/drivers/wdm/queries/InconsistentDispatchAnnotations.ql rename to src/qlpack/src/drivers/wdm/queries/InconsistentDispatchAnnotations.ql diff --git a/src/drivers/wdm/queries/InitNotCleared/InitNotCleared.qhelp b/src/qlpack/src/drivers/wdm/queries/InitNotCleared/InitNotCleared.qhelp similarity index 100% rename from src/drivers/wdm/queries/InitNotCleared/InitNotCleared.qhelp rename to src/qlpack/src/drivers/wdm/queries/InitNotCleared/InitNotCleared.qhelp diff --git a/src/drivers/wdm/queries/InitNotCleared/InitNotCleared.ql b/src/qlpack/src/drivers/wdm/queries/InitNotCleared/InitNotCleared.ql similarity index 100% rename from src/drivers/wdm/queries/InitNotCleared/InitNotCleared.ql rename to src/qlpack/src/drivers/wdm/queries/InitNotCleared/InitNotCleared.ql diff --git a/src/drivers/wdm/queries/InitNotCleared/InitNotCleared.sarif b/src/qlpack/src/drivers/wdm/queries/InitNotCleared/InitNotCleared.sarif similarity index 100% rename from src/drivers/wdm/queries/InitNotCleared/InitNotCleared.sarif rename to src/qlpack/src/drivers/wdm/queries/InitNotCleared/InitNotCleared.sarif diff --git a/src/drivers/wdm/queries/InitNotCleared/driver_snippet.c b/src/qlpack/src/drivers/wdm/queries/InitNotCleared/driver_snippet.c similarity index 100% rename from src/drivers/wdm/queries/InitNotCleared/driver_snippet.c rename to src/qlpack/src/drivers/wdm/queries/InitNotCleared/driver_snippet.c diff --git a/src/drivers/wdm/queries/KeWaitLocal/KeWaitLocal.qhelp b/src/qlpack/src/drivers/wdm/queries/KeWaitLocal/KeWaitLocal.qhelp similarity index 100% rename from src/drivers/wdm/queries/KeWaitLocal/KeWaitLocal.qhelp rename to src/qlpack/src/drivers/wdm/queries/KeWaitLocal/KeWaitLocal.qhelp diff --git a/src/drivers/wdm/queries/KeWaitLocal/KeWaitLocal.ql b/src/qlpack/src/drivers/wdm/queries/KeWaitLocal/KeWaitLocal.ql similarity index 97% rename from src/drivers/wdm/queries/KeWaitLocal/KeWaitLocal.ql rename to src/qlpack/src/drivers/wdm/queries/KeWaitLocal/KeWaitLocal.ql index 7e27b0b5..ff228aa6 100644 --- a/src/drivers/wdm/queries/KeWaitLocal/KeWaitLocal.ql +++ b/src/qlpack/src/drivers/wdm/queries/KeWaitLocal/KeWaitLocal.ql @@ -1,32 +1,32 @@ -// Copyright (c) Microsoft Corporation. -// Licensed under the MIT license. -/** - * @id cpp/drivers/kewaitlocal-requires-kernel-mode - * @name Use of local variable and UserMode in call to KeWaitSingleObject - * @description When the first argument to KeWaitForSingleObject is a local variable, the Mode parameter must be KernelMode. - * @platform Desktop - * @security.severity Low - * @feature.area Multiple - * @impact Exploitable Design - * @repro.text The following code locations contain a call to KeWaitForSingleObject while waiting for a local kernel-mode object, but the Mode parameter has not been set to KernelMode. - * @owner.email sdat@microsoft.com - * @opaqueid CQLD-C28135 - * @kind problem - * @problem.severity warning - * @precision high - * @tags correctness - * ca_ported - * wddst - * @scope domainspecific - * @query-version v2 - */ - -import cpp - -from FunctionCall call, VariableAccess va -where - call.getTarget().getName() = "KeWaitForSingleObject" and - call.getArgument(2).getValue().toInt() != 0 and - call.getArgument(0).(AddressOfExpr).getOperand() = va and - va.getTarget() instanceof StackVariable +// Copyright (c) Microsoft Corporation. +// Licensed under the MIT license. +/** + * @id cpp/drivers/kewaitlocal-requires-kernel-mode + * @name Use of local variable and UserMode in call to KeWaitSingleObject + * @description When the first argument to KeWaitForSingleObject is a local variable, the Mode parameter must be KernelMode. + * @platform Desktop + * @security.severity Low + * @feature.area Multiple + * @impact Exploitable Design + * @repro.text The following code locations contain a call to KeWaitForSingleObject while waiting for a local kernel-mode object, but the Mode parameter has not been set to KernelMode. + * @owner.email sdat@microsoft.com + * @opaqueid CQLD-C28135 + * @kind problem + * @problem.severity warning + * @precision high + * @tags correctness + * ca_ported + * wddst + * @scope domainspecific + * @query-version v2 + */ + +import cpp + +from FunctionCall call, VariableAccess va +where + call.getTarget().getName() = "KeWaitForSingleObject" and + call.getArgument(2).getValue().toInt() != 0 and + call.getArgument(0).(AddressOfExpr).getOperand() = va and + va.getTarget() instanceof StackVariable select call, "$@: KeWaitForSingleObject should have a KernelMode AccessMode when the $@ is local", call.getControlFlowScope(), call.getControlFlowScope().getQualifiedName(), va.getTarget(), "first argument" \ No newline at end of file diff --git a/src/drivers/wdm/queries/KeWaitLocal/KeWaitLocal.sarif b/src/qlpack/src/drivers/wdm/queries/KeWaitLocal/KeWaitLocal.sarif similarity index 96% rename from src/drivers/wdm/queries/KeWaitLocal/KeWaitLocal.sarif rename to src/qlpack/src/drivers/wdm/queries/KeWaitLocal/KeWaitLocal.sarif index b8c9ff70..db70a582 100644 --- a/src/drivers/wdm/queries/KeWaitLocal/KeWaitLocal.sarif +++ b/src/qlpack/src/drivers/wdm/queries/KeWaitLocal/KeWaitLocal.sarif @@ -1,236 +1,236 @@ -{ - "$schema" : "https://json.schemastore.org/sarif-2.1.0.json", - "version" : "2.1.0", - "runs" : [ { - "tool" : { - "driver" : { - "name" : "CodeQL", - "organization" : "GitHub", - "semanticVersion" : "2.15.1", - "notifications" : [ { - "id" : "cpp/baseline/expected-extracted-files", - "name" : "cpp/baseline/expected-extracted-files", - "shortDescription" : { - "text" : "Expected extracted files" - }, - "fullDescription" : { - "text" : "Files appearing in the source archive that are expected to be extracted." - }, - "defaultConfiguration" : { - "enabled" : true - }, - "properties" : { - "tags" : [ "expected-extracted-files", "telemetry" ] - } - } ], - "rules" : [ { - "id" : "cpp/drivers/kewaitlocal-requires-kernel-mode", - "name" : "cpp/drivers/kewaitlocal-requires-kernel-mode", - "shortDescription" : { - "text" : "Use of local variable and UserMode in call to KeWaitSingleObject" - }, - "fullDescription" : { - "text" : "When the first argument to KeWaitForSingleObject is a local variable, the Mode parameter must be KernelMode." - }, - "defaultConfiguration" : { - "enabled" : true, - "level" : "warning" - }, - "properties" : { - "tags" : [ "correctness", "wddst" ], - "description" : "When the first argument to KeWaitForSingleObject is a local variable, the Mode parameter must be KernelMode.", - "feature.area" : "Multiple", - "id" : "cpp/drivers/kewaitlocal-requires-kernel-mode", - "impact" : "Exploitable Design", - "kind" : "problem", - "name" : "Use of local variable and UserMode in call to KeWaitSingleObject", - "opaqueid" : "CQLD-C28135", - "owner.email" : "sdat@microsoft.com", - "platform" : "Desktop", - "precision" : "high", - "problem.severity" : "warning", - "query-version" : "v2", - "repro.text" : "The following code locations contain a call to KeWaitForSingleObject while waiting for a local kernel-mode object, but the Mode parameter has not been set to KernelMode.", - "scope" : "domainspecific", - "security.severity" : "Low" - } - } ] - }, - "extensions" : [ { - "name" : "microsoft/windows-drivers", - "semanticVersion" : "0.2.0+143fe74d66f4093412a7b21390672217b557bba2", - "locations" : [ { - "uri" : "file:///C:/codeql-home/Windows-Driver-Developer-Supplemental-Tools/src/", - "description" : { - "text" : "The QL pack root directory." - } - }, { - "uri" : "file:///C:/codeql-home/Windows-Driver-Developer-Supplemental-Tools/src/qlpack.yml", - "description" : { - "text" : "The QL pack definition file." - } - } ] - } ] - }, - "invocations" : [ { - "toolExecutionNotifications" : [ { - "locations" : [ { - "physicalLocation" : { - "artifactLocation" : { - "uri" : "driver/driver_snippet.c", - "uriBaseId" : "%SRCROOT%", - "index" : 0 - } - } - } ], - "message" : { - "text" : "" - }, - "level" : "none", - "descriptor" : { - "id" : "cpp/baseline/expected-extracted-files", - "index" : 0 - }, - "properties" : { - "formattedMessage" : { - "text" : "" - } - } - }, { - "locations" : [ { - "physicalLocation" : { - "artifactLocation" : { - "uri" : "driver/fail_driver1.c", - "uriBaseId" : "%SRCROOT%", - "index" : 1 - } - } - } ], - "message" : { - "text" : "" - }, - "level" : "none", - "descriptor" : { - "id" : "cpp/baseline/expected-extracted-files", - "index" : 0 - }, - "properties" : { - "formattedMessage" : { - "text" : "" - } - } - }, { - "locations" : [ { - "physicalLocation" : { - "artifactLocation" : { - "uri" : "driver/fail_driver1.h", - "uriBaseId" : "%SRCROOT%", - "index" : 2 - } - } - } ], - "message" : { - "text" : "" - }, - "level" : "none", - "descriptor" : { - "id" : "cpp/baseline/expected-extracted-files", - "index" : 0 - }, - "properties" : { - "formattedMessage" : { - "text" : "" - } - } - } ], - "executionSuccessful" : true - } ], - "artifacts" : [ { - "location" : { - "uri" : "driver/driver_snippet.c", - "uriBaseId" : "%SRCROOT%", - "index" : 0 - } - }, { - "location" : { - "uri" : "driver/fail_driver1.c", - "uriBaseId" : "%SRCROOT%", - "index" : 1 - } - }, { - "location" : { - "uri" : "driver/fail_driver1.h", - "uriBaseId" : "%SRCROOT%", - "index" : 2 - } - } ], - "results" : [ { - "ruleId" : "cpp/drivers/kewaitlocal-requires-kernel-mode", - "ruleIndex" : 0, - "rule" : { - "id" : "cpp/drivers/kewaitlocal-requires-kernel-mode", - "index" : 0 - }, - "message" : { - "text" : "[good_use](1): KeWaitForSingleObject should have a KernelMode AccessMode when the [first argument](2) is local" - }, - "locations" : [ { - "physicalLocation" : { - "artifactLocation" : { - "uri" : "driver/driver_snippet.c", - "uriBaseId" : "%SRCROOT%", - "index" : 0 - }, - "region" : { - "startLine" : 10, - "startColumn" : 5, - "endColumn" : 26 - } - } - } ], - "partialFingerprints" : { - "primaryLocationLineHash" : "61bc3c7079348327:1", - "primaryLocationStartColumnFingerprint" : "0" - }, - "relatedLocations" : [ { - "id" : 1, - "physicalLocation" : { - "artifactLocation" : { - "uri" : "driver/driver_snippet.c", - "uriBaseId" : "%SRCROOT%", - "index" : 0 - }, - "region" : { - "startLine" : 7, - "startColumn" : 6, - "endColumn" : 14 - } - }, - "message" : { - "text" : "good_use" - } - }, { - "id" : 2, - "physicalLocation" : { - "artifactLocation" : { - "uri" : "driver/driver_snippet.c", - "uriBaseId" : "%SRCROOT%", - "index" : 0 - }, - "region" : { - "startLine" : 9, - "startColumn" : 12, - "endColumn" : 19 - } - }, - "message" : { - "text" : "first argument" - } - } ] - } ], - "columnKind" : "utf16CodeUnits", - "properties" : { - "semmle.formatSpecifier" : "sarifv2.1.0" - } - } ] +{ + "$schema" : "https://json.schemastore.org/sarif-2.1.0.json", + "version" : "2.1.0", + "runs" : [ { + "tool" : { + "driver" : { + "name" : "CodeQL", + "organization" : "GitHub", + "semanticVersion" : "2.15.1", + "notifications" : [ { + "id" : "cpp/baseline/expected-extracted-files", + "name" : "cpp/baseline/expected-extracted-files", + "shortDescription" : { + "text" : "Expected extracted files" + }, + "fullDescription" : { + "text" : "Files appearing in the source archive that are expected to be extracted." + }, + "defaultConfiguration" : { + "enabled" : true + }, + "properties" : { + "tags" : [ "expected-extracted-files", "telemetry" ] + } + } ], + "rules" : [ { + "id" : "cpp/drivers/kewaitlocal-requires-kernel-mode", + "name" : "cpp/drivers/kewaitlocal-requires-kernel-mode", + "shortDescription" : { + "text" : "Use of local variable and UserMode in call to KeWaitSingleObject" + }, + "fullDescription" : { + "text" : "When the first argument to KeWaitForSingleObject is a local variable, the Mode parameter must be KernelMode." + }, + "defaultConfiguration" : { + "enabled" : true, + "level" : "warning" + }, + "properties" : { + "tags" : [ "correctness", "wddst" ], + "description" : "When the first argument to KeWaitForSingleObject is a local variable, the Mode parameter must be KernelMode.", + "feature.area" : "Multiple", + "id" : "cpp/drivers/kewaitlocal-requires-kernel-mode", + "impact" : "Exploitable Design", + "kind" : "problem", + "name" : "Use of local variable and UserMode in call to KeWaitSingleObject", + "opaqueid" : "CQLD-C28135", + "owner.email" : "sdat@microsoft.com", + "platform" : "Desktop", + "precision" : "high", + "problem.severity" : "warning", + "query-version" : "v2", + "repro.text" : "The following code locations contain a call to KeWaitForSingleObject while waiting for a local kernel-mode object, but the Mode parameter has not been set to KernelMode.", + "scope" : "domainspecific", + "security.severity" : "Low" + } + } ] + }, + "extensions" : [ { + "name" : "microsoft/windows-drivers", + "semanticVersion" : "0.2.0+143fe74d66f4093412a7b21390672217b557bba2", + "locations" : [ { + "uri" : "file:///C:/codeql-home/Windows-Driver-Developer-Supplemental-Tools/src/", + "description" : { + "text" : "The QL pack root directory." + } + }, { + "uri" : "file:///C:/codeql-home/Windows-Driver-Developer-Supplemental-Tools/src/qlpack.yml", + "description" : { + "text" : "The QL pack definition file." + } + } ] + } ] + }, + "invocations" : [ { + "toolExecutionNotifications" : [ { + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "driver/driver_snippet.c", + "uriBaseId" : "%SRCROOT%", + "index" : 0 + } + } + } ], + "message" : { + "text" : "" + }, + "level" : "none", + "descriptor" : { + "id" : "cpp/baseline/expected-extracted-files", + "index" : 0 + }, + "properties" : { + "formattedMessage" : { + "text" : "" + } + } + }, { + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "driver/fail_driver1.c", + "uriBaseId" : "%SRCROOT%", + "index" : 1 + } + } + } ], + "message" : { + "text" : "" + }, + "level" : "none", + "descriptor" : { + "id" : "cpp/baseline/expected-extracted-files", + "index" : 0 + }, + "properties" : { + "formattedMessage" : { + "text" : "" + } + } + }, { + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "driver/fail_driver1.h", + "uriBaseId" : "%SRCROOT%", + "index" : 2 + } + } + } ], + "message" : { + "text" : "" + }, + "level" : "none", + "descriptor" : { + "id" : "cpp/baseline/expected-extracted-files", + "index" : 0 + }, + "properties" : { + "formattedMessage" : { + "text" : "" + } + } + } ], + "executionSuccessful" : true + } ], + "artifacts" : [ { + "location" : { + "uri" : "driver/driver_snippet.c", + "uriBaseId" : "%SRCROOT%", + "index" : 0 + } + }, { + "location" : { + "uri" : "driver/fail_driver1.c", + "uriBaseId" : "%SRCROOT%", + "index" : 1 + } + }, { + "location" : { + "uri" : "driver/fail_driver1.h", + "uriBaseId" : "%SRCROOT%", + "index" : 2 + } + } ], + "results" : [ { + "ruleId" : "cpp/drivers/kewaitlocal-requires-kernel-mode", + "ruleIndex" : 0, + "rule" : { + "id" : "cpp/drivers/kewaitlocal-requires-kernel-mode", + "index" : 0 + }, + "message" : { + "text" : "[good_use](1): KeWaitForSingleObject should have a KernelMode AccessMode when the [first argument](2) is local" + }, + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "driver/driver_snippet.c", + "uriBaseId" : "%SRCROOT%", + "index" : 0 + }, + "region" : { + "startLine" : 10, + "startColumn" : 5, + "endColumn" : 26 + } + } + } ], + "partialFingerprints" : { + "primaryLocationLineHash" : "61bc3c7079348327:1", + "primaryLocationStartColumnFingerprint" : "0" + }, + "relatedLocations" : [ { + "id" : 1, + "physicalLocation" : { + "artifactLocation" : { + "uri" : "driver/driver_snippet.c", + "uriBaseId" : "%SRCROOT%", + "index" : 0 + }, + "region" : { + "startLine" : 7, + "startColumn" : 6, + "endColumn" : 14 + } + }, + "message" : { + "text" : "good_use" + } + }, { + "id" : 2, + "physicalLocation" : { + "artifactLocation" : { + "uri" : "driver/driver_snippet.c", + "uriBaseId" : "%SRCROOT%", + "index" : 0 + }, + "region" : { + "startLine" : 9, + "startColumn" : 12, + "endColumn" : 19 + } + }, + "message" : { + "text" : "first argument" + } + } ] + } ], + "columnKind" : "utf16CodeUnits", + "properties" : { + "semmle.formatSpecifier" : "sarifv2.1.0" + } + } ] } \ No newline at end of file diff --git a/src/drivers/wdm/queries/KeWaitLocal/driver_snippet.c b/src/qlpack/src/drivers/wdm/queries/KeWaitLocal/driver_snippet.c similarity index 100% rename from src/drivers/wdm/queries/KeWaitLocal/driver_snippet.c rename to src/qlpack/src/drivers/wdm/queries/KeWaitLocal/driver_snippet.c diff --git a/src/drivers/wdm/queries/MultiplePagedCode/MultiplePagedCode.qhelp b/src/qlpack/src/drivers/wdm/queries/MultiplePagedCode/MultiplePagedCode.qhelp similarity index 97% rename from src/drivers/wdm/queries/MultiplePagedCode/MultiplePagedCode.qhelp rename to src/qlpack/src/drivers/wdm/queries/MultiplePagedCode/MultiplePagedCode.qhelp index 70fdef92..3d4c7862 100644 --- a/src/drivers/wdm/queries/MultiplePagedCode/MultiplePagedCode.qhelp +++ b/src/qlpack/src/drivers/wdm/queries/MultiplePagedCode/MultiplePagedCode.qhelp @@ -1,24 +1,24 @@ - - - -

- The function has more than one instance of PAGED_CODE or PAGED_CODE_LOCKED. - This warning indicates that there is more than one instance of the PAGED_CODE or PAGED_CODE_LOCKED macro in a function. This error is reported at the second or subsequent instances of the PAGED_CODE or PAGED_CODE_LOCKED macro. -

- - -

- Remove all but one PAGED_CODE OR PAGED_CODE_LOCKED macro. -

- - - - - -
  • - - C28171 warning - Windows Drivers - -
    • -     -     + + + +

    + The function has more than one instance of PAGED_CODE or PAGED_CODE_LOCKED. + This warning indicates that there is more than one instance of the PAGED_CODE or PAGED_CODE_LOCKED macro in a function. This error is reported at the second or subsequent instances of the PAGED_CODE or PAGED_CODE_LOCKED macro. +

    +     + +

    + Remove all but one PAGED_CODE OR PAGED_CODE_LOCKED macro. +

    +     + + + + +
  • + + C28171 warning - Windows Drivers + +
    • +     +     diff --git a/src/drivers/wdm/queries/MultiplePagedCode/MultiplePagedCode.ql b/src/qlpack/src/drivers/wdm/queries/MultiplePagedCode/MultiplePagedCode.ql similarity index 97% rename from src/drivers/wdm/queries/MultiplePagedCode/MultiplePagedCode.ql rename to src/qlpack/src/drivers/wdm/queries/MultiplePagedCode/MultiplePagedCode.ql index 202c4e3f..4a245dc6 100644 --- a/src/drivers/wdm/queries/MultiplePagedCode/MultiplePagedCode.ql +++ b/src/qlpack/src/drivers/wdm/queries/MultiplePagedCode/MultiplePagedCode.ql @@ -1,36 +1,36 @@ -// Copyright (c) Microsoft Corporation. -// Licensed under the MIT license. -/** - * @id cpp/drivers/multiple-paged-code - * @name Multiple instances of PAGED_CODE or PAGED_CODE_LOCKED - * @description The function has more than one instance of PAGED_CODE or PAGED_CODE_LOCKED. This can cause issues when debugging, using Code Analysis, or running on checked builds. - * @platform Desktop - * @security.severity Low - * @feature.area Multiple - * @impact Insecure Coding Practice - * @repro.text The following code locations are duplicate PAGED_CODE() calls within a function. - * @owner.email sdat@microsoft.com - * @opaqueid CQLD-C28171 - * @kind problem - * @problem.severity warning - * @precision high - * @tags correctness - * ca_ported - * wddst - * @scope domainspecific - * @query-version v1 - */ - -import cpp -import drivers.libraries.Page - -// Selects functions that have at least two instances of a PAGED_CODE macro. -from MacroInvocation mi, MacroInvocation mi2 -where - mi.getEnclosingFunction() = mi2.getEnclosingFunction() and - mi.getEnclosingFunction() instanceof PagedFunctionDeclaration and - mi.getMacroName() = ["PAGED_CODE", "PAGED_CODE_LOCKED"] and - mi2.getMacroName() = ["PAGED_CODE", "PAGED_CODE_LOCKED"] and - mi.getLocation().getStartLine() < mi2.getLocation().getStartLine() -select mi2, - "Functions in a paged section must have exactly one instance of the PAGED_CODE or PAGED_CODE_LOCKED macro" +// Copyright (c) Microsoft Corporation. +// Licensed under the MIT license. +/** + * @id cpp/drivers/multiple-paged-code + * @name Multiple instances of PAGED_CODE or PAGED_CODE_LOCKED + * @description The function has more than one instance of PAGED_CODE or PAGED_CODE_LOCKED. This can cause issues when debugging, using Code Analysis, or running on checked builds. + * @platform Desktop + * @security.severity Low + * @feature.area Multiple + * @impact Insecure Coding Practice + * @repro.text The following code locations are duplicate PAGED_CODE() calls within a function. + * @owner.email sdat@microsoft.com + * @opaqueid CQLD-C28171 + * @kind problem + * @problem.severity warning + * @precision high + * @tags correctness + * ca_ported + * wddst + * @scope domainspecific + * @query-version v1 + */ + +import cpp +import drivers.libraries.Page + +// Selects functions that have at least two instances of a PAGED_CODE macro. +from MacroInvocation mi, MacroInvocation mi2 +where + mi.getEnclosingFunction() = mi2.getEnclosingFunction() and + mi.getEnclosingFunction() instanceof PagedFunctionDeclaration and + mi.getMacroName() = ["PAGED_CODE", "PAGED_CODE_LOCKED"] and + mi2.getMacroName() = ["PAGED_CODE", "PAGED_CODE_LOCKED"] and + mi.getLocation().getStartLine() < mi2.getLocation().getStartLine() +select mi2, + "Functions in a paged section must have exactly one instance of the PAGED_CODE or PAGED_CODE_LOCKED macro" diff --git a/src/drivers/wdm/queries/MultiplePagedCode/MultiplePagedCode.sarif b/src/qlpack/src/drivers/wdm/queries/MultiplePagedCode/MultiplePagedCode.sarif similarity index 97% rename from src/drivers/wdm/queries/MultiplePagedCode/MultiplePagedCode.sarif rename to src/qlpack/src/drivers/wdm/queries/MultiplePagedCode/MultiplePagedCode.sarif index 41a84ed4..e8ebfd83 100644 --- a/src/drivers/wdm/queries/MultiplePagedCode/MultiplePagedCode.sarif +++ b/src/qlpack/src/drivers/wdm/queries/MultiplePagedCode/MultiplePagedCode.sarif @@ -1,114 +1,114 @@ -{ - "$schema" : "https://json.schemastore.org/sarif-2.1.0.json", - "version" : "2.1.0", - "runs" : [ { - "tool" : { - "driver" : { - "name" : "CodeQL", - "organization" : "GitHub", - "semanticVersion" : "2.11.5", - "rules" : [ { - "id" : "cpp/drivers/multiple-paged-code", - "name" : "cpp/drivers/multiple-paged-code", - "shortDescription" : { - "text" : "Multiple instances of PAGED_CODE or PAGED_CODE_LOCKED" - }, - "fullDescription" : { - "text" : "The function has more than one instance of PAGED_CODE or PAGED_CODE_LOCKED. This can cause issues when debugging, using Code Analysis, or running on checked builds." - }, - "defaultConfiguration" : { - "enabled" : true, - "level" : "warning" - }, - "properties" : { - "tags" : [ "correctness", "wddst" ], - "description" : "The function has more than one instance of PAGED_CODE or PAGED_CODE_LOCKED. This can cause issues when debugging, using Code Analysis, or running on checked builds.", - "feature.area" : "Multiple", - "id" : "cpp/drivers/multiple-paged-code", - "impact" : "Insecure Coding Practice", - "kind" : "problem", - "name" : "Multiple instances of PAGED_CODE or PAGED_CODE_LOCKED", - "opaqueid" : "CQLD-C28171", - "owner.email" : "sdat@microsoft.com", - "platform" : "Desktop", - "precision" : "high", - "problem.severity" : "warning", - "query-version" : "v1", - "repro.text" : "The following code locations are duplicate PAGED_CODE() calls within a function.", - "scope" : "domainspecific", - "security.severity" : "Low" - } - } ] - }, - "extensions" : [ { - "name" : "microsoft/windows-drivers", - "semanticVersion" : "0.1.0+933e876f096a70922173e4d5ad604d99d4481af4", - "locations" : [ { - "uri" : "file:///C:/codeql-home/Windows-Driver-Developer-Supplemental-Tools/src/", - "description" : { - "text" : "The QL pack root directory." - } - }, { - "uri" : "file:///C:/codeql-home/Windows-Driver-Developer-Supplemental-Tools/src/qlpack.yml", - "description" : { - "text" : "The QL pack definition file." - } - } ] - }, { - "name" : "legacy-upgrades", - "semanticVersion" : "0.0.0", - "locations" : [ { - "uri" : "file:///C:/codeql-home/codeql/legacy-upgrades/", - "description" : { - "text" : "The QL pack root directory." - } - }, { - "uri" : "file:///C:/codeql-home/codeql/legacy-upgrades/qlpack.yml", - "description" : { - "text" : "The QL pack definition file." - } - } ] - } ] - }, - "artifacts" : [ { - "location" : { - "uri" : "driver/driver_snippet.c", - "uriBaseId" : "%SRCROOT%", - "index" : 0 - } - } ], - "results" : [ { - "ruleId" : "cpp/drivers/multiple-paged-code", - "ruleIndex" : 0, - "rule" : { - "id" : "cpp/drivers/multiple-paged-code", - "index" : 0 - }, - "message" : { - "text" : "Functions in a paged section must have exactly one instance of the PAGED_CODE or PAGED_CODE_LOCKED macro" - }, - "locations" : [ { - "physicalLocation" : { - "artifactLocation" : { - "uri" : "driver/driver_snippet.c", - "uriBaseId" : "%SRCROOT%", - "index" : 0 - }, - "region" : { - "startLine" : 50, - "startColumn" : 5, - "endColumn" : 17 - } - } - } ], - "partialFingerprints" : { - "primaryLocationLineHash" : "c7556935fb8cd898:1", - "primaryLocationStartColumnFingerprint" : "0" - } - } ], - "columnKind" : "utf16CodeUnits", - "properties" : { - "semmle.formatSpecifier" : "sarifv2.1.0" - } - } ] +{ + "$schema" : "https://json.schemastore.org/sarif-2.1.0.json", + "version" : "2.1.0", + "runs" : [ { + "tool" : { + "driver" : { + "name" : "CodeQL", + "organization" : "GitHub", + "semanticVersion" : "2.11.5", + "rules" : [ { + "id" : "cpp/drivers/multiple-paged-code", + "name" : "cpp/drivers/multiple-paged-code", + "shortDescription" : { + "text" : "Multiple instances of PAGED_CODE or PAGED_CODE_LOCKED" + }, + "fullDescription" : { + "text" : "The function has more than one instance of PAGED_CODE or PAGED_CODE_LOCKED. This can cause issues when debugging, using Code Analysis, or running on checked builds." + }, + "defaultConfiguration" : { + "enabled" : true, + "level" : "warning" + }, + "properties" : { + "tags" : [ "correctness", "wddst" ], + "description" : "The function has more than one instance of PAGED_CODE or PAGED_CODE_LOCKED. This can cause issues when debugging, using Code Analysis, or running on checked builds.", + "feature.area" : "Multiple", + "id" : "cpp/drivers/multiple-paged-code", + "impact" : "Insecure Coding Practice", + "kind" : "problem", + "name" : "Multiple instances of PAGED_CODE or PAGED_CODE_LOCKED", + "opaqueid" : "CQLD-C28171", + "owner.email" : "sdat@microsoft.com", + "platform" : "Desktop", + "precision" : "high", + "problem.severity" : "warning", + "query-version" : "v1", + "repro.text" : "The following code locations are duplicate PAGED_CODE() calls within a function.", + "scope" : "domainspecific", + "security.severity" : "Low" + } + } ] + }, + "extensions" : [ { + "name" : "microsoft/windows-drivers", + "semanticVersion" : "0.1.0+933e876f096a70922173e4d5ad604d99d4481af4", + "locations" : [ { + "uri" : "file:///C:/codeql-home/Windows-Driver-Developer-Supplemental-Tools/src/", + "description" : { + "text" : "The QL pack root directory." + } + }, { + "uri" : "file:///C:/codeql-home/Windows-Driver-Developer-Supplemental-Tools/src/qlpack.yml", + "description" : { + "text" : "The QL pack definition file." + } + } ] + }, { + "name" : "legacy-upgrades", + "semanticVersion" : "0.0.0", + "locations" : [ { + "uri" : "file:///C:/codeql-home/codeql/legacy-upgrades/", + "description" : { + "text" : "The QL pack root directory." + } + }, { + "uri" : "file:///C:/codeql-home/codeql/legacy-upgrades/qlpack.yml", + "description" : { + "text" : "The QL pack definition file." + } + } ] + } ] + }, + "artifacts" : [ { + "location" : { + "uri" : "driver/driver_snippet.c", + "uriBaseId" : "%SRCROOT%", + "index" : 0 + } + } ], + "results" : [ { + "ruleId" : "cpp/drivers/multiple-paged-code", + "ruleIndex" : 0, + "rule" : { + "id" : "cpp/drivers/multiple-paged-code", + "index" : 0 + }, + "message" : { + "text" : "Functions in a paged section must have exactly one instance of the PAGED_CODE or PAGED_CODE_LOCKED macro" + }, + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "driver/driver_snippet.c", + "uriBaseId" : "%SRCROOT%", + "index" : 0 + }, + "region" : { + "startLine" : 50, + "startColumn" : 5, + "endColumn" : 17 + } + } + } ], + "partialFingerprints" : { + "primaryLocationLineHash" : "c7556935fb8cd898:1", + "primaryLocationStartColumnFingerprint" : "0" + } + } ], + "columnKind" : "utf16CodeUnits", + "properties" : { + "semmle.formatSpecifier" : "sarifv2.1.0" + } + } ] } \ No newline at end of file diff --git a/src/drivers/wdm/queries/MultiplePagedCode/driver_snippet.c b/src/qlpack/src/drivers/wdm/queries/MultiplePagedCode/driver_snippet.c similarity index 94% rename from src/drivers/wdm/queries/MultiplePagedCode/driver_snippet.c rename to src/qlpack/src/drivers/wdm/queries/MultiplePagedCode/driver_snippet.c index 4bc016a1..90c811d7 100644 --- a/src/drivers/wdm/queries/MultiplePagedCode/driver_snippet.c +++ b/src/qlpack/src/drivers/wdm/queries/MultiplePagedCode/driver_snippet.c @@ -1,58 +1,58 @@ -// Copyright (c) Microsoft Corporation. -// Licensed under the MIT license. - - -//Macros to enable or disable a code section that may or maynot conflict with this test. -#define SET_DISPATCH 1 -#define SET_PAGE_CODE 1 - - -_Dispatch_type_(IRP_MJ_CLEANUP) -DRIVER_DISPATCH DispatchCleanup; - -_Dispatch_type_(IRP_MJ_SHUTDOWN) -DRIVER_DISPATCH DispatchShutdown; - -#ifndef __cplusplus -#pragma alloc_text (PAGE, DispatchCleanup) -#pragma alloc_text (PAGE, DispatchShutdown) -#endif - - -//Template -void top_level_call(){ -} - -//Passes -NTSTATUS -DispatchCleanup ( - PDEVICE_OBJECT DriverObject, - PIRP Irp - ) -{ - UNREFERENCED_PARAMETER(DriverObject); - UNREFERENCED_PARAMETER(Irp); - PAGED_CODE(); - - return STATUS_SUCCESS; -} - -//Fails -NTSTATUS -DispatchShutdown ( - PDEVICE_OBJECT DriverObject, - PIRP Irp - ) -{ - UNREFERENCED_PARAMETER(DriverObject); - UNREFERENCED_PARAMETER(Irp); - PAGED_CODE(); - PAGED_CODE(); - - return STATUS_SUCCESS; -} - - - - - +// Copyright (c) Microsoft Corporation. +// Licensed under the MIT license. + + +//Macros to enable or disable a code section that may or maynot conflict with this test. +#define SET_DISPATCH 1 +#define SET_PAGE_CODE 1 + + +_Dispatch_type_(IRP_MJ_CLEANUP) +DRIVER_DISPATCH DispatchCleanup; + +_Dispatch_type_(IRP_MJ_SHUTDOWN) +DRIVER_DISPATCH DispatchShutdown; + +#ifndef __cplusplus +#pragma alloc_text (PAGE, DispatchCleanup) +#pragma alloc_text (PAGE, DispatchShutdown) +#endif + + +//Template +void top_level_call(){ +} + +//Passes +NTSTATUS +DispatchCleanup ( + PDEVICE_OBJECT DriverObject, + PIRP Irp + ) +{ + UNREFERENCED_PARAMETER(DriverObject); + UNREFERENCED_PARAMETER(Irp); + PAGED_CODE(); + + return STATUS_SUCCESS; +} + +//Fails +NTSTATUS +DispatchShutdown ( + PDEVICE_OBJECT DriverObject, + PIRP Irp + ) +{ + UNREFERENCED_PARAMETER(DriverObject); + UNREFERENCED_PARAMETER(Irp); + PAGED_CODE(); + PAGED_CODE(); + + return STATUS_SUCCESS; +} + + + + + diff --git a/src/drivers/wdm/queries/NoPagedCode/NoPagedCode.qhelp b/src/qlpack/src/drivers/wdm/queries/NoPagedCode/NoPagedCode.qhelp similarity index 96% rename from src/drivers/wdm/queries/NoPagedCode/NoPagedCode.qhelp rename to src/qlpack/src/drivers/wdm/queries/NoPagedCode/NoPagedCode.qhelp index 30f24036..c5f9abc1 100644 --- a/src/drivers/wdm/queries/NoPagedCode/NoPagedCode.qhelp +++ b/src/qlpack/src/drivers/wdm/queries/NoPagedCode/NoPagedCode.qhelp @@ -1,25 +1,25 @@ - - - -

    - The function has been declared to be in a paged segment, but neither PAGED_CODE nor PAGED_CODE_LOCKED was found. -

    -     - -

    - The functions in pageable code must contain a PAGED_CODE or PAGED_CODE_LOCKED macro at the beginning of the function. - - The PAGED_CODE macro ensures that the calling thread is running at an IRQL that is low enough to permit paging. -

    -     - - - - -
  • - - C28170 warning - Windows Drivers - -
    • -     -     + + + +

    + The function has been declared to be in a paged segment, but neither PAGED_CODE nor PAGED_CODE_LOCKED was found. +

    +     + +

    + The functions in pageable code must contain a PAGED_CODE or PAGED_CODE_LOCKED macro at the beginning of the function. + + The PAGED_CODE macro ensures that the calling thread is running at an IRQL that is low enough to permit paging. +

    +     + + + + +
  • + + C28170 warning - Windows Drivers + +
    • +     +     diff --git a/src/drivers/wdm/queries/NoPagedCode/NoPagedCode.ql b/src/qlpack/src/drivers/wdm/queries/NoPagedCode/NoPagedCode.ql similarity index 97% rename from src/drivers/wdm/queries/NoPagedCode/NoPagedCode.ql rename to src/qlpack/src/drivers/wdm/queries/NoPagedCode/NoPagedCode.ql index 3fec43bd..1b96c5a5 100644 --- a/src/drivers/wdm/queries/NoPagedCode/NoPagedCode.ql +++ b/src/qlpack/src/drivers/wdm/queries/NoPagedCode/NoPagedCode.ql @@ -1,32 +1,32 @@ -// Copyright (c) Microsoft Corporation. -// Licensed under the MIT license. -/** - * @id cpp/drivers/no-paged-code - * @name No PAGED_CODE invocation - * @description The function has been declared to be in a paged segment, but neither PAGED_CODE nor PAGED_CODE_LOCKED was found. This can cause issues when debugging, using Code Analysis, or running on checked builds. - * @platform Desktop - * @security.severity Low - * @feature.area Multiple - * @impact Insecure Coding Practice - * @repro.text The following code locations are duplicate PAGED_CODE() calls within a function. - * @owner.email sdat@microsoft.com - * @opaqueid CQLD-C28170 - * @kind problem - * @problem.severity warning - * @precision low - * @tags correctness - * ca_ported - * wddst - * @scope domainspecific - * @query-version v1 - */ - -import cpp -import drivers.libraries.Page - -from PagedFunctionDeclaration f -where - f.getEntryPoint() instanceof BlockStmt and - not f instanceof PagedFunc -select f, - "The function has been declared to be in a paged segment, but neither PAGED_CODE nor PAGED_CODE_LOCKED was found." +// Copyright (c) Microsoft Corporation. +// Licensed under the MIT license. +/** + * @id cpp/drivers/no-paged-code + * @name No PAGED_CODE invocation + * @description The function has been declared to be in a paged segment, but neither PAGED_CODE nor PAGED_CODE_LOCKED was found. This can cause issues when debugging, using Code Analysis, or running on checked builds. + * @platform Desktop + * @security.severity Low + * @feature.area Multiple + * @impact Insecure Coding Practice + * @repro.text The following code locations are duplicate PAGED_CODE() calls within a function. + * @owner.email sdat@microsoft.com + * @opaqueid CQLD-C28170 + * @kind problem + * @problem.severity warning + * @precision low + * @tags correctness + * ca_ported + * wddst + * @scope domainspecific + * @query-version v1 + */ + +import cpp +import drivers.libraries.Page + +from PagedFunctionDeclaration f +where + f.getEntryPoint() instanceof BlockStmt and + not f instanceof PagedFunc +select f, + "The function has been declared to be in a paged segment, but neither PAGED_CODE nor PAGED_CODE_LOCKED was found." diff --git a/src/drivers/wdm/queries/NoPagedCode/NoPagedCode.sarif b/src/qlpack/src/drivers/wdm/queries/NoPagedCode/NoPagedCode.sarif similarity index 97% rename from src/drivers/wdm/queries/NoPagedCode/NoPagedCode.sarif rename to src/qlpack/src/drivers/wdm/queries/NoPagedCode/NoPagedCode.sarif index 33fc00ac..978b9fa1 100644 --- a/src/drivers/wdm/queries/NoPagedCode/NoPagedCode.sarif +++ b/src/qlpack/src/drivers/wdm/queries/NoPagedCode/NoPagedCode.sarif @@ -1,169 +1,169 @@ -{ - "$schema" : "https://json.schemastore.org/sarif-2.1.0.json", - "version" : "2.1.0", - "runs" : [ { - "tool" : { - "driver" : { - "name" : "CodeQL", - "organization" : "GitHub", - "semanticVersion" : "2.11.5", - "rules" : [ { - "id" : "cpp/drivers/no-paged-code", - "name" : "cpp/drivers/no-paged-code", - "shortDescription" : { - "text" : "No PAGED_CODE invocation" - }, - "fullDescription" : { - "text" : "The function has been declared to be in a paged segment, but neither PAGED_CODE nor PAGED_CODE_LOCKED was found. This can cause issues when debugging, using Code Analysis, or running on checked builds." - }, - "defaultConfiguration" : { - "enabled" : true, - "level" : "warning" - }, - "properties" : { - "tags" : [ "correctness", "wddst" ], - "description" : "The function has been declared to be in a paged segment, but neither PAGED_CODE nor PAGED_CODE_LOCKED was found. This can cause issues when debugging, using Code Analysis, or running on checked builds.", - "feature.area" : "Multiple", - "id" : "cpp/drivers/no-paged-code", - "impact" : "Insecure Coding Practice", - "kind" : "problem", - "name" : "No PAGED_CODE invocation", - "opaqueid" : "CQLD-C28170", - "owner.email" : "sdat@microsoft.com", - "platform" : "Desktop", - "precision" : "low", - "problem.severity" : "warning", - "query-version" : "v1", - "repro.text" : "The following code locations are duplicate PAGED_CODE() calls within a function.", - "scope" : "domainspecific", - "security.severity" : "Low" - } - } ] - }, - "extensions" : [ { - "name" : "microsoft/windows-drivers", - "semanticVersion" : "0.1.0+933e876f096a70922173e4d5ad604d99d4481af4", - "locations" : [ { - "uri" : "file:///C:/codeql-home/Windows-Driver-Developer-Supplemental-Tools/src/", - "description" : { - "text" : "The QL pack root directory." - } - }, { - "uri" : "file:///C:/codeql-home/Windows-Driver-Developer-Supplemental-Tools/src/qlpack.yml", - "description" : { - "text" : "The QL pack definition file." - } - } ] - }, { - "name" : "legacy-upgrades", - "semanticVersion" : "0.0.0", - "locations" : [ { - "uri" : "file:///C:/codeql-home/codeql/legacy-upgrades/", - "description" : { - "text" : "The QL pack root directory." - } - }, { - "uri" : "file:///C:/codeql-home/codeql/legacy-upgrades/qlpack.yml", - "description" : { - "text" : "The QL pack definition file." - } - } ] - } ] - }, - "artifacts" : [ { - "location" : { - "uri" : "driver/driver_snippet.c", - "uriBaseId" : "%SRCROOT%", - "index" : 0 - } - } ], - "results" : [ { - "ruleId" : "cpp/drivers/no-paged-code", - "ruleIndex" : 0, - "rule" : { - "id" : "cpp/drivers/no-paged-code", - "index" : 0 - }, - "message" : { - "text" : "The function has been declared to be in a paged segment, but neither PAGED_CODE nor PAGED_CODE_LOCKED was found." - }, - "locations" : [ { - "physicalLocation" : { - "artifactLocation" : { - "uri" : "driver/driver_snippet.c", - "uriBaseId" : "%SRCROOT%", - "index" : 0 - }, - "region" : { - "startLine" : 72, - "startColumn" : 10, - "endColumn" : 15 - } - } - } ], - "partialFingerprints" : { - "primaryLocationLineHash" : "94d36694269ab444:1", - "primaryLocationStartColumnFingerprint" : "9" - } - }, { - "ruleId" : "cpp/drivers/no-paged-code", - "ruleIndex" : 0, - "rule" : { - "id" : "cpp/drivers/no-paged-code", - "index" : 0 - }, - "message" : { - "text" : "The function has been declared to be in a paged segment, but neither PAGED_CODE nor PAGED_CODE_LOCKED was found." - }, - "locations" : [ { - "physicalLocation" : { - "artifactLocation" : { - "uri" : "driver/driver_snippet.c", - "uriBaseId" : "%SRCROOT%", - "index" : 0 - }, - "region" : { - "startLine" : 56, - "startColumn" : 10, - "endColumn" : 15 - } - } - } ], - "partialFingerprints" : { - "primaryLocationLineHash" : "abeb76d8090a66a7:1", - "primaryLocationStartColumnFingerprint" : "9" - } - }, { - "ruleId" : "cpp/drivers/no-paged-code", - "ruleIndex" : 0, - "rule" : { - "id" : "cpp/drivers/no-paged-code", - "index" : 0 - }, - "message" : { - "text" : "The function has been declared to be in a paged segment, but neither PAGED_CODE nor PAGED_CODE_LOCKED was found." - }, - "locations" : [ { - "physicalLocation" : { - "artifactLocation" : { - "uri" : "driver/driver_snippet.c", - "uriBaseId" : "%SRCROOT%", - "index" : 0 - }, - "region" : { - "startLine" : 42, - "endColumn" : 17 - } - } - } ], - "partialFingerprints" : { - "primaryLocationLineHash" : "2b677663d4f4eaae:1", - "primaryLocationStartColumnFingerprint" : "0" - } - } ], - "columnKind" : "utf16CodeUnits", - "properties" : { - "semmle.formatSpecifier" : "sarifv2.1.0" - } - } ] +{ + "$schema" : "https://json.schemastore.org/sarif-2.1.0.json", + "version" : "2.1.0", + "runs" : [ { + "tool" : { + "driver" : { + "name" : "CodeQL", + "organization" : "GitHub", + "semanticVersion" : "2.11.5", + "rules" : [ { + "id" : "cpp/drivers/no-paged-code", + "name" : "cpp/drivers/no-paged-code", + "shortDescription" : { + "text" : "No PAGED_CODE invocation" + }, + "fullDescription" : { + "text" : "The function has been declared to be in a paged segment, but neither PAGED_CODE nor PAGED_CODE_LOCKED was found. This can cause issues when debugging, using Code Analysis, or running on checked builds." + }, + "defaultConfiguration" : { + "enabled" : true, + "level" : "warning" + }, + "properties" : { + "tags" : [ "correctness", "wddst" ], + "description" : "The function has been declared to be in a paged segment, but neither PAGED_CODE nor PAGED_CODE_LOCKED was found. This can cause issues when debugging, using Code Analysis, or running on checked builds.", + "feature.area" : "Multiple", + "id" : "cpp/drivers/no-paged-code", + "impact" : "Insecure Coding Practice", + "kind" : "problem", + "name" : "No PAGED_CODE invocation", + "opaqueid" : "CQLD-C28170", + "owner.email" : "sdat@microsoft.com", + "platform" : "Desktop", + "precision" : "low", + "problem.severity" : "warning", + "query-version" : "v1", + "repro.text" : "The following code locations are duplicate PAGED_CODE() calls within a function.", + "scope" : "domainspecific", + "security.severity" : "Low" + } + } ] + }, + "extensions" : [ { + "name" : "microsoft/windows-drivers", + "semanticVersion" : "0.1.0+933e876f096a70922173e4d5ad604d99d4481af4", + "locations" : [ { + "uri" : "file:///C:/codeql-home/Windows-Driver-Developer-Supplemental-Tools/src/", + "description" : { + "text" : "The QL pack root directory." + } + }, { + "uri" : "file:///C:/codeql-home/Windows-Driver-Developer-Supplemental-Tools/src/qlpack.yml", + "description" : { + "text" : "The QL pack definition file." + } + } ] + }, { + "name" : "legacy-upgrades", + "semanticVersion" : "0.0.0", + "locations" : [ { + "uri" : "file:///C:/codeql-home/codeql/legacy-upgrades/", + "description" : { + "text" : "The QL pack root directory." + } + }, { + "uri" : "file:///C:/codeql-home/codeql/legacy-upgrades/qlpack.yml", + "description" : { + "text" : "The QL pack definition file." + } + } ] + } ] + }, + "artifacts" : [ { + "location" : { + "uri" : "driver/driver_snippet.c", + "uriBaseId" : "%SRCROOT%", + "index" : 0 + } + } ], + "results" : [ { + "ruleId" : "cpp/drivers/no-paged-code", + "ruleIndex" : 0, + "rule" : { + "id" : "cpp/drivers/no-paged-code", + "index" : 0 + }, + "message" : { + "text" : "The function has been declared to be in a paged segment, but neither PAGED_CODE nor PAGED_CODE_LOCKED was found." + }, + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "driver/driver_snippet.c", + "uriBaseId" : "%SRCROOT%", + "index" : 0 + }, + "region" : { + "startLine" : 72, + "startColumn" : 10, + "endColumn" : 15 + } + } + } ], + "partialFingerprints" : { + "primaryLocationLineHash" : "94d36694269ab444:1", + "primaryLocationStartColumnFingerprint" : "9" + } + }, { + "ruleId" : "cpp/drivers/no-paged-code", + "ruleIndex" : 0, + "rule" : { + "id" : "cpp/drivers/no-paged-code", + "index" : 0 + }, + "message" : { + "text" : "The function has been declared to be in a paged segment, but neither PAGED_CODE nor PAGED_CODE_LOCKED was found." + }, + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "driver/driver_snippet.c", + "uriBaseId" : "%SRCROOT%", + "index" : 0 + }, + "region" : { + "startLine" : 56, + "startColumn" : 10, + "endColumn" : 15 + } + } + } ], + "partialFingerprints" : { + "primaryLocationLineHash" : "abeb76d8090a66a7:1", + "primaryLocationStartColumnFingerprint" : "9" + } + }, { + "ruleId" : "cpp/drivers/no-paged-code", + "ruleIndex" : 0, + "rule" : { + "id" : "cpp/drivers/no-paged-code", + "index" : 0 + }, + "message" : { + "text" : "The function has been declared to be in a paged segment, but neither PAGED_CODE nor PAGED_CODE_LOCKED was found." + }, + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "driver/driver_snippet.c", + "uriBaseId" : "%SRCROOT%", + "index" : 0 + }, + "region" : { + "startLine" : 42, + "endColumn" : 17 + } + } + } ], + "partialFingerprints" : { + "primaryLocationLineHash" : "2b677663d4f4eaae:1", + "primaryLocationStartColumnFingerprint" : "0" + } + } ], + "columnKind" : "utf16CodeUnits", + "properties" : { + "semmle.formatSpecifier" : "sarifv2.1.0" + } + } ] } \ No newline at end of file diff --git a/src/drivers/wdm/queries/NoPagedCode/driver_snippet.c b/src/qlpack/src/drivers/wdm/queries/NoPagedCode/driver_snippet.c similarity index 94% rename from src/drivers/wdm/queries/NoPagedCode/driver_snippet.c rename to src/qlpack/src/drivers/wdm/queries/NoPagedCode/driver_snippet.c index 903c70ab..b324a297 100644 --- a/src/drivers/wdm/queries/NoPagedCode/driver_snippet.c +++ b/src/qlpack/src/drivers/wdm/queries/NoPagedCode/driver_snippet.c @@ -1,74 +1,74 @@ -// Copyright (c) Microsoft Corporation. -// Licensed under the MIT license. - - -//Macros to enable or disable a code section that may or maynot conflict with this test. -#define SET_DISPATCH 1 -#define SET_PAGE_CODE 1 - - -_Dispatch_type_(IRP_MJ_CLEANUP) -DRIVER_DISPATCH DispatchCleanup; - -_Dispatch_type_(IRP_MJ_SHUTDOWN) -DRIVER_DISPATCH DispatchShutdown; - -#ifndef __cplusplus -#pragma alloc_text (PAGE, DispatchCleanup) -#pragma alloc_text (PAGE, DispatchShutdown) -#endif - - -//Template -void top_level_call(){ -} - -//Passes -NTSTATUS -DispatchCleanup ( - PDEVICE_OBJECT DriverObject, - PIRP Irp - ) -{ - UNREFERENCED_PARAMETER(DriverObject); - UNREFERENCED_PARAMETER(Irp); - PAGED_CODE(); - - return STATUS_SUCCESS; -} - -//Fails -NTSTATUS -DispatchShutdown ( - PDEVICE_OBJECT DriverObject, - PIRP Irp - ) -{ - UNREFERENCED_PARAMETER(DriverObject); - UNREFERENCED_PARAMETER(Irp); - - return STATUS_SUCCESS; -} - - -#pragma code_seg("PAGE") -//Fails -NTSTATUS func1(){ - if(TRUE){ - - } - return STATUS_SUCCESS; -} -#pragma code_seg() - -//Passes -NTSTATUS func2(){ - return STATUS_SUCCESS; -} - -#define PAGED_CODE_SEG __declspec(code_seg("PAGE")) -//Fails -PAGED_CODE_SEG -NTSTATUS func3(){ - return STATUS_SUCCESS; +// Copyright (c) Microsoft Corporation. +// Licensed under the MIT license. + + +//Macros to enable or disable a code section that may or maynot conflict with this test. +#define SET_DISPATCH 1 +#define SET_PAGE_CODE 1 + + +_Dispatch_type_(IRP_MJ_CLEANUP) +DRIVER_DISPATCH DispatchCleanup; + +_Dispatch_type_(IRP_MJ_SHUTDOWN) +DRIVER_DISPATCH DispatchShutdown; + +#ifndef __cplusplus +#pragma alloc_text (PAGE, DispatchCleanup) +#pragma alloc_text (PAGE, DispatchShutdown) +#endif + + +//Template +void top_level_call(){ +} + +//Passes +NTSTATUS +DispatchCleanup ( + PDEVICE_OBJECT DriverObject, + PIRP Irp + ) +{ + UNREFERENCED_PARAMETER(DriverObject); + UNREFERENCED_PARAMETER(Irp); + PAGED_CODE(); + + return STATUS_SUCCESS; +} + +//Fails +NTSTATUS +DispatchShutdown ( + PDEVICE_OBJECT DriverObject, + PIRP Irp + ) +{ + UNREFERENCED_PARAMETER(DriverObject); + UNREFERENCED_PARAMETER(Irp); + + return STATUS_SUCCESS; +} + + +#pragma code_seg("PAGE") +//Fails +NTSTATUS func1(){ + if(TRUE){ + + } + return STATUS_SUCCESS; +} +#pragma code_seg() + +//Passes +NTSTATUS func2(){ + return STATUS_SUCCESS; +} + +#define PAGED_CODE_SEG __declspec(code_seg("PAGE")) +//Fails +PAGED_CODE_SEG +NTSTATUS func3(){ + return STATUS_SUCCESS; } \ No newline at end of file diff --git a/src/drivers/wdm/queries/NoPagingSegment/NoPagingSegment.qhelp b/src/qlpack/src/drivers/wdm/queries/NoPagingSegment/NoPagingSegment.qhelp similarity index 97% rename from src/drivers/wdm/queries/NoPagingSegment/NoPagingSegment.qhelp rename to src/qlpack/src/drivers/wdm/queries/NoPagingSegment/NoPagingSegment.qhelp index e3b825e7..685ad550 100644 --- a/src/drivers/wdm/queries/NoPagingSegment/NoPagingSegment.qhelp +++ b/src/qlpack/src/drivers/wdm/queries/NoPagingSegment/NoPagingSegment.qhelp @@ -1,24 +1,24 @@ - - - -

    - The function has PAGED_CODE or PAGED_CODE_LOCKED but is not declared to be in a paged segment. - A function that contains a PAGED_CODE or PAGED_CODE_LOCKED macro has not been placed in paged memory by using #pragma alloc_text or #pragma code_seg. -

    -     - -

    - Put a function/routine that calls PAGED_CODE in a paged section using #pragma alloc_text or #pragma code_seg. -

    -     - - - - -
  • - - C28172 warning - Windows Drivers - -
    • -     -     + + + +

    + The function has PAGED_CODE or PAGED_CODE_LOCKED but is not declared to be in a paged segment. + A function that contains a PAGED_CODE or PAGED_CODE_LOCKED macro has not been placed in paged memory by using #pragma alloc_text or #pragma code_seg. +

    +     + +

    + Put a function/routine that calls PAGED_CODE in a paged section using #pragma alloc_text or #pragma code_seg. +

    +     + + + + +
  • + + C28172 warning - Windows Drivers + +
    • +     +     diff --git a/src/drivers/wdm/queries/NoPagingSegment/NoPagingSegment.ql b/src/qlpack/src/drivers/wdm/queries/NoPagingSegment/NoPagingSegment.ql similarity index 97% rename from src/drivers/wdm/queries/NoPagingSegment/NoPagingSegment.ql rename to src/qlpack/src/drivers/wdm/queries/NoPagingSegment/NoPagingSegment.ql index 566b110b..4a1fa0a5 100644 --- a/src/drivers/wdm/queries/NoPagingSegment/NoPagingSegment.ql +++ b/src/qlpack/src/drivers/wdm/queries/NoPagingSegment/NoPagingSegment.ql @@ -1,34 +1,34 @@ -// Copyright (c) Microsoft Corporation. -// Licensed under the MIT license. -/** - * @id cpp/drivers/no-paged-code - * @name No paging segment for PAGED_CODE macro invocation - * @description The function has PAGED_CODE or PAGED_CODE_LOCKED but is not declared to be in a paged segment. This can cause issues when debugging, using Code Analysis, or running on checked builds. - * @platform Desktop - * @security.severity Low - * @feature.area Multiple - * @impact Insecure Coding Practice - * @repro.text The following code locations have PAGED_CODE() or PAGED_CODE_LOCKED() calls but they were not put in paged segments. - * @owner.email sdat@microsoft.com - * @opaqueid CQLD-C28172 - * @kind problem - * @problem.severity warning - * @precision low - * @tags correctness - * ca_ported - * wddst - * @scope domainspecific - * @query-version v1 - */ - -import cpp -import drivers.libraries.Page - -from PagedFunc pf -where - not pf instanceof FunctionWithPageSet and - not isPagedSegSetWithMacroAbove(pf) and - not isAllocUsedToLocatePagedFunc(pf) -select pf, - "The function has PAGED_CODE or PAGED_CODE_LOCKED but is not declared to be in a paged segment" +// Copyright (c) Microsoft Corporation. +// Licensed under the MIT license. +/** + * @id cpp/drivers/no-paged-code + * @name No paging segment for PAGED_CODE macro invocation + * @description The function has PAGED_CODE or PAGED_CODE_LOCKED but is not declared to be in a paged segment. This can cause issues when debugging, using Code Analysis, or running on checked builds. + * @platform Desktop + * @security.severity Low + * @feature.area Multiple + * @impact Insecure Coding Practice + * @repro.text The following code locations have PAGED_CODE() or PAGED_CODE_LOCKED() calls but they were not put in paged segments. + * @owner.email sdat@microsoft.com + * @opaqueid CQLD-C28172 + * @kind problem + * @problem.severity warning + * @precision low + * @tags correctness + * ca_ported + * wddst + * @scope domainspecific + * @query-version v1 + */ + +import cpp +import drivers.libraries.Page + +from PagedFunc pf +where + not pf instanceof FunctionWithPageSet and + not isPagedSegSetWithMacroAbove(pf) and + not isAllocUsedToLocatePagedFunc(pf) +select pf, + "The function has PAGED_CODE or PAGED_CODE_LOCKED but is not declared to be in a paged segment" \ No newline at end of file diff --git a/src/drivers/wdm/queries/NoPagingSegment/NoPagingSegment.sarif b/src/qlpack/src/drivers/wdm/queries/NoPagingSegment/NoPagingSegment.sarif similarity index 97% rename from src/drivers/wdm/queries/NoPagingSegment/NoPagingSegment.sarif rename to src/qlpack/src/drivers/wdm/queries/NoPagingSegment/NoPagingSegment.sarif index acd7317f..348d3499 100644 --- a/src/drivers/wdm/queries/NoPagingSegment/NoPagingSegment.sarif +++ b/src/qlpack/src/drivers/wdm/queries/NoPagingSegment/NoPagingSegment.sarif @@ -1,141 +1,141 @@ -{ - "$schema" : "https://json.schemastore.org/sarif-2.1.0.json", - "version" : "2.1.0", - "runs" : [ { - "tool" : { - "driver" : { - "name" : "CodeQL", - "organization" : "GitHub", - "semanticVersion" : "2.11.5", - "rules" : [ { - "id" : "cpp/drivers/no-paged-code", - "name" : "cpp/drivers/no-paged-code", - "shortDescription" : { - "text" : "No paging segment for PAGED_CODE macro invocation" - }, - "fullDescription" : { - "text" : "The function has PAGED_CODE or PAGED_CODE_LOCKED but is not declared to be in a paged segment. This can cause issues when debugging, using Code Analysis, or running on checked builds." - }, - "defaultConfiguration" : { - "enabled" : true, - "level" : "warning" - }, - "properties" : { - "tags" : [ "correctness", "wddst" ], - "description" : "The function has PAGED_CODE or PAGED_CODE_LOCKED but is not declared to be in a paged segment. This can cause issues when debugging, using Code Analysis, or running on checked builds.", - "feature.area" : "Multiple", - "id" : "cpp/drivers/no-paged-code", - "impact" : "Insecure Coding Practice", - "kind" : "problem", - "name" : "No paging segment for PAGED_CODE macro invocation", - "opaqueid" : "CQLD-C28172", - "owner.email" : "sdat@microsoft.com", - "platform" : "Desktop", - "precision" : "low", - "problem.severity" : "warning", - "query-version" : "v1", - "repro.text" : "The following code locations have PAGED_CODE() or PAGED_CODE_LOCKED() calls but they were not put in paged segments.", - "scope" : "domainspecific", - "security.severity" : "Low" - } - } ] - }, - "extensions" : [ { - "name" : "microsoft/windows-drivers", - "semanticVersion" : "0.1.0+933e876f096a70922173e4d5ad604d99d4481af4", - "locations" : [ { - "uri" : "file:///C:/codeql-home/Windows-Driver-Developer-Supplemental-Tools/src/", - "description" : { - "text" : "The QL pack root directory." - } - }, { - "uri" : "file:///C:/codeql-home/Windows-Driver-Developer-Supplemental-Tools/src/qlpack.yml", - "description" : { - "text" : "The QL pack definition file." - } - } ] - }, { - "name" : "legacy-upgrades", - "semanticVersion" : "0.0.0", - "locations" : [ { - "uri" : "file:///C:/codeql-home/codeql/legacy-upgrades/", - "description" : { - "text" : "The QL pack root directory." - } - }, { - "uri" : "file:///C:/codeql-home/codeql/legacy-upgrades/qlpack.yml", - "description" : { - "text" : "The QL pack definition file." - } - } ] - } ] - }, - "artifacts" : [ { - "location" : { - "uri" : "driver/driver_snippet.c", - "uriBaseId" : "%SRCROOT%", - "index" : 0 - } - } ], - "results" : [ { - "ruleId" : "cpp/drivers/no-paged-code", - "ruleIndex" : 0, - "rule" : { - "id" : "cpp/drivers/no-paged-code", - "index" : 0 - }, - "message" : { - "text" : "The function has PAGED_CODE or PAGED_CODE_LOCKED but is not declared to be in a paged segment" - }, - "locations" : [ { - "physicalLocation" : { - "artifactLocation" : { - "uri" : "driver/driver_snippet.c", - "uriBaseId" : "%SRCROOT%", - "index" : 0 - }, - "region" : { - "startLine" : 65, - "startColumn" : 10, - "endColumn" : 15 - } - } - } ], - "partialFingerprints" : { - "primaryLocationLineHash" : "98adc396925ec049:1", - "primaryLocationStartColumnFingerprint" : "9" - } - }, { - "ruleId" : "cpp/drivers/no-paged-code", - "ruleIndex" : 0, - "rule" : { - "id" : "cpp/drivers/no-paged-code", - "index" : 0 - }, - "message" : { - "text" : "The function has PAGED_CODE or PAGED_CODE_LOCKED but is not declared to be in a paged segment" - }, - "locations" : [ { - "physicalLocation" : { - "artifactLocation" : { - "uri" : "driver/driver_snippet.c", - "uriBaseId" : "%SRCROOT%", - "index" : 0 - }, - "region" : { - "startLine" : 41, - "endColumn" : 17 - } - } - } ], - "partialFingerprints" : { - "primaryLocationLineHash" : "2b677663d4f4eaae:1", - "primaryLocationStartColumnFingerprint" : "0" - } - } ], - "columnKind" : "utf16CodeUnits", - "properties" : { - "semmle.formatSpecifier" : "sarifv2.1.0" - } - } ] +{ + "$schema" : "https://json.schemastore.org/sarif-2.1.0.json", + "version" : "2.1.0", + "runs" : [ { + "tool" : { + "driver" : { + "name" : "CodeQL", + "organization" : "GitHub", + "semanticVersion" : "2.11.5", + "rules" : [ { + "id" : "cpp/drivers/no-paged-code", + "name" : "cpp/drivers/no-paged-code", + "shortDescription" : { + "text" : "No paging segment for PAGED_CODE macro invocation" + }, + "fullDescription" : { + "text" : "The function has PAGED_CODE or PAGED_CODE_LOCKED but is not declared to be in a paged segment. This can cause issues when debugging, using Code Analysis, or running on checked builds." + }, + "defaultConfiguration" : { + "enabled" : true, + "level" : "warning" + }, + "properties" : { + "tags" : [ "correctness", "wddst" ], + "description" : "The function has PAGED_CODE or PAGED_CODE_LOCKED but is not declared to be in a paged segment. This can cause issues when debugging, using Code Analysis, or running on checked builds.", + "feature.area" : "Multiple", + "id" : "cpp/drivers/no-paged-code", + "impact" : "Insecure Coding Practice", + "kind" : "problem", + "name" : "No paging segment for PAGED_CODE macro invocation", + "opaqueid" : "CQLD-C28172", + "owner.email" : "sdat@microsoft.com", + "platform" : "Desktop", + "precision" : "low", + "problem.severity" : "warning", + "query-version" : "v1", + "repro.text" : "The following code locations have PAGED_CODE() or PAGED_CODE_LOCKED() calls but they were not put in paged segments.", + "scope" : "domainspecific", + "security.severity" : "Low" + } + } ] + }, + "extensions" : [ { + "name" : "microsoft/windows-drivers", + "semanticVersion" : "0.1.0+933e876f096a70922173e4d5ad604d99d4481af4", + "locations" : [ { + "uri" : "file:///C:/codeql-home/Windows-Driver-Developer-Supplemental-Tools/src/", + "description" : { + "text" : "The QL pack root directory." + } + }, { + "uri" : "file:///C:/codeql-home/Windows-Driver-Developer-Supplemental-Tools/src/qlpack.yml", + "description" : { + "text" : "The QL pack definition file." + } + } ] + }, { + "name" : "legacy-upgrades", + "semanticVersion" : "0.0.0", + "locations" : [ { + "uri" : "file:///C:/codeql-home/codeql/legacy-upgrades/", + "description" : { + "text" : "The QL pack root directory." + } + }, { + "uri" : "file:///C:/codeql-home/codeql/legacy-upgrades/qlpack.yml", + "description" : { + "text" : "The QL pack definition file." + } + } ] + } ] + }, + "artifacts" : [ { + "location" : { + "uri" : "driver/driver_snippet.c", + "uriBaseId" : "%SRCROOT%", + "index" : 0 + } + } ], + "results" : [ { + "ruleId" : "cpp/drivers/no-paged-code", + "ruleIndex" : 0, + "rule" : { + "id" : "cpp/drivers/no-paged-code", + "index" : 0 + }, + "message" : { + "text" : "The function has PAGED_CODE or PAGED_CODE_LOCKED but is not declared to be in a paged segment" + }, + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "driver/driver_snippet.c", + "uriBaseId" : "%SRCROOT%", + "index" : 0 + }, + "region" : { + "startLine" : 65, + "startColumn" : 10, + "endColumn" : 15 + } + } + } ], + "partialFingerprints" : { + "primaryLocationLineHash" : "98adc396925ec049:1", + "primaryLocationStartColumnFingerprint" : "9" + } + }, { + "ruleId" : "cpp/drivers/no-paged-code", + "ruleIndex" : 0, + "rule" : { + "id" : "cpp/drivers/no-paged-code", + "index" : 0 + }, + "message" : { + "text" : "The function has PAGED_CODE or PAGED_CODE_LOCKED but is not declared to be in a paged segment" + }, + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "driver/driver_snippet.c", + "uriBaseId" : "%SRCROOT%", + "index" : 0 + }, + "region" : { + "startLine" : 41, + "endColumn" : 17 + } + } + } ], + "partialFingerprints" : { + "primaryLocationLineHash" : "2b677663d4f4eaae:1", + "primaryLocationStartColumnFingerprint" : "0" + } + } ], + "columnKind" : "utf16CodeUnits", + "properties" : { + "semmle.formatSpecifier" : "sarifv2.1.0" + } + } ] } \ No newline at end of file diff --git a/src/drivers/wdm/queries/NoPagingSegment/driver_snippet.c b/src/qlpack/src/drivers/wdm/queries/NoPagingSegment/driver_snippet.c similarity index 94% rename from src/drivers/wdm/queries/NoPagingSegment/driver_snippet.c rename to src/qlpack/src/drivers/wdm/queries/NoPagingSegment/driver_snippet.c index d7ceb0cb..682d6b95 100644 --- a/src/drivers/wdm/queries/NoPagingSegment/driver_snippet.c +++ b/src/qlpack/src/drivers/wdm/queries/NoPagingSegment/driver_snippet.c @@ -1,76 +1,76 @@ -// Copyright (c) Microsoft Corporation. -// Licensed under the MIT license. - - -//Macros to enable or disable a code section that may or maynot conflict with this test. -#define SET_DISPATCH 1 -#define SET_PAGE_CODE 1 - - -_Dispatch_type_(IRP_MJ_CLEANUP) -DRIVER_DISPATCH DispatchCleanup; - -_Dispatch_type_(IRP_MJ_SHUTDOWN) -DRIVER_DISPATCH DispatchShutdown; - -#ifndef __cplusplus -#pragma alloc_text (PAGE, DispatchCleanup) -#endif - - -//Template -void top_level_call(){ -} - -//Passes -NTSTATUS -DispatchCleanup ( - PDEVICE_OBJECT DriverObject, - PIRP Irp - ) -{ - UNREFERENCED_PARAMETER(DriverObject); - UNREFERENCED_PARAMETER(Irp); - PAGED_CODE(); - - return STATUS_SUCCESS; -} - -//Fails -NTSTATUS -DispatchShutdown ( - PDEVICE_OBJECT DriverObject, - PIRP Irp - ) -{ - UNREFERENCED_PARAMETER(DriverObject); - UNREFERENCED_PARAMETER(Irp); - PAGED_CODE(); - - return STATUS_SUCCESS; -} - - -#pragma code_seg("PAGE") -//Passes -NTSTATUS func1(){ - PAGED_CODE(); - if(TRUE){ - } - return STATUS_SUCCESS; -} -#pragma code_seg() - -//Fails -NTSTATUS func2(){ - PAGED_CODE(); - return STATUS_SUCCESS; -} - -#define PAGED_CODE_SEG __declspec(code_seg("PAGE")) -//Passes -PAGED_CODE_SEG -NTSTATUS func3(){ - PAGED_CODE(); - return STATUS_SUCCESS; +// Copyright (c) Microsoft Corporation. +// Licensed under the MIT license. + + +//Macros to enable or disable a code section that may or maynot conflict with this test. +#define SET_DISPATCH 1 +#define SET_PAGE_CODE 1 + + +_Dispatch_type_(IRP_MJ_CLEANUP) +DRIVER_DISPATCH DispatchCleanup; + +_Dispatch_type_(IRP_MJ_SHUTDOWN) +DRIVER_DISPATCH DispatchShutdown; + +#ifndef __cplusplus +#pragma alloc_text (PAGE, DispatchCleanup) +#endif + + +//Template +void top_level_call(){ +} + +//Passes +NTSTATUS +DispatchCleanup ( + PDEVICE_OBJECT DriverObject, + PIRP Irp + ) +{ + UNREFERENCED_PARAMETER(DriverObject); + UNREFERENCED_PARAMETER(Irp); + PAGED_CODE(); + + return STATUS_SUCCESS; +} + +//Fails +NTSTATUS +DispatchShutdown ( + PDEVICE_OBJECT DriverObject, + PIRP Irp + ) +{ + UNREFERENCED_PARAMETER(DriverObject); + UNREFERENCED_PARAMETER(Irp); + PAGED_CODE(); + + return STATUS_SUCCESS; +} + + +#pragma code_seg("PAGE") +//Passes +NTSTATUS func1(){ + PAGED_CODE(); + if(TRUE){ + } + return STATUS_SUCCESS; +} +#pragma code_seg() + +//Fails +NTSTATUS func2(){ + PAGED_CODE(); + return STATUS_SUCCESS; +} + +#define PAGED_CODE_SEG __declspec(code_seg("PAGE")) +//Passes +PAGED_CODE_SEG +NTSTATUS func3(){ + PAGED_CODE(); + return STATUS_SUCCESS; } \ No newline at end of file diff --git a/src/drivers/wdm/queries/ObReferenceMode/ObReferenceMode.qhelp b/src/qlpack/src/drivers/wdm/queries/ObReferenceMode/ObReferenceMode.qhelp similarity index 100% rename from src/drivers/wdm/queries/ObReferenceMode/ObReferenceMode.qhelp rename to src/qlpack/src/drivers/wdm/queries/ObReferenceMode/ObReferenceMode.qhelp diff --git a/src/drivers/wdm/queries/ObReferenceMode/ObReferenceMode.ql b/src/qlpack/src/drivers/wdm/queries/ObReferenceMode/ObReferenceMode.ql similarity index 100% rename from src/drivers/wdm/queries/ObReferenceMode/ObReferenceMode.ql rename to src/qlpack/src/drivers/wdm/queries/ObReferenceMode/ObReferenceMode.ql diff --git a/src/drivers/wdm/queries/ObReferenceMode/ObReferenceMode.sarif b/src/qlpack/src/drivers/wdm/queries/ObReferenceMode/ObReferenceMode.sarif similarity index 100% rename from src/drivers/wdm/queries/ObReferenceMode/ObReferenceMode.sarif rename to src/qlpack/src/drivers/wdm/queries/ObReferenceMode/ObReferenceMode.sarif diff --git a/src/drivers/wdm/queries/ObReferenceMode/driver_snippet.c b/src/qlpack/src/drivers/wdm/queries/ObReferenceMode/driver_snippet.c similarity index 100% rename from src/drivers/wdm/queries/ObReferenceMode/driver_snippet.c rename to src/qlpack/src/drivers/wdm/queries/ObReferenceMode/driver_snippet.c diff --git a/src/drivers/wdm/queries/OpaqueMdlUse/OpaqueMdlUse.qhelp b/src/qlpack/src/drivers/wdm/queries/OpaqueMdlUse/OpaqueMdlUse.qhelp similarity index 100% rename from src/drivers/wdm/queries/OpaqueMdlUse/OpaqueMdlUse.qhelp rename to src/qlpack/src/drivers/wdm/queries/OpaqueMdlUse/OpaqueMdlUse.qhelp diff --git a/src/drivers/wdm/queries/OpaqueMdlUse/OpaqueMdlUse.ql b/src/qlpack/src/drivers/wdm/queries/OpaqueMdlUse/OpaqueMdlUse.ql similarity index 100% rename from src/drivers/wdm/queries/OpaqueMdlUse/OpaqueMdlUse.ql rename to src/qlpack/src/drivers/wdm/queries/OpaqueMdlUse/OpaqueMdlUse.ql diff --git a/src/drivers/wdm/queries/OpaqueMdlUse/OpaqueMdlUse.sarif b/src/qlpack/src/drivers/wdm/queries/OpaqueMdlUse/OpaqueMdlUse.sarif similarity index 100% rename from src/drivers/wdm/queries/OpaqueMdlUse/OpaqueMdlUse.sarif rename to src/qlpack/src/drivers/wdm/queries/OpaqueMdlUse/OpaqueMdlUse.sarif diff --git a/src/drivers/wdm/queries/OpaqueMdlUse/driver_snippet.c b/src/qlpack/src/drivers/wdm/queries/OpaqueMdlUse/driver_snippet.c similarity index 100% rename from src/drivers/wdm/queries/OpaqueMdlUse/driver_snippet.c rename to src/qlpack/src/drivers/wdm/queries/OpaqueMdlUse/driver_snippet.c diff --git a/src/drivers/wdm/queries/OpaqueMdlWrite/OpaqueMdlWrite.qhelp b/src/qlpack/src/drivers/wdm/queries/OpaqueMdlWrite/OpaqueMdlWrite.qhelp similarity index 100% rename from src/drivers/wdm/queries/OpaqueMdlWrite/OpaqueMdlWrite.qhelp rename to src/qlpack/src/drivers/wdm/queries/OpaqueMdlWrite/OpaqueMdlWrite.qhelp diff --git a/src/drivers/wdm/queries/OpaqueMdlWrite/OpaqueMdlWrite.ql b/src/qlpack/src/drivers/wdm/queries/OpaqueMdlWrite/OpaqueMdlWrite.ql similarity index 100% rename from src/drivers/wdm/queries/OpaqueMdlWrite/OpaqueMdlWrite.ql rename to src/qlpack/src/drivers/wdm/queries/OpaqueMdlWrite/OpaqueMdlWrite.ql diff --git a/src/drivers/wdm/queries/OpaqueMdlWrite/OpaqueMdlWrite.sarif b/src/qlpack/src/drivers/wdm/queries/OpaqueMdlWrite/OpaqueMdlWrite.sarif similarity index 100% rename from src/drivers/wdm/queries/OpaqueMdlWrite/OpaqueMdlWrite.sarif rename to src/qlpack/src/drivers/wdm/queries/OpaqueMdlWrite/OpaqueMdlWrite.sarif diff --git a/src/drivers/wdm/queries/OpaqueMdlWrite/driver_snippet.c b/src/qlpack/src/drivers/wdm/queries/OpaqueMdlWrite/driver_snippet.c similarity index 100% rename from src/drivers/wdm/queries/OpaqueMdlWrite/driver_snippet.c rename to src/qlpack/src/drivers/wdm/queries/OpaqueMdlWrite/driver_snippet.c diff --git a/src/drivers/wdm/queries/PendingStatusError/PendingStatusError.qhelp b/src/qlpack/src/drivers/wdm/queries/PendingStatusError/PendingStatusError.qhelp similarity index 100% rename from src/drivers/wdm/queries/PendingStatusError/PendingStatusError.qhelp rename to src/qlpack/src/drivers/wdm/queries/PendingStatusError/PendingStatusError.qhelp diff --git a/src/drivers/wdm/queries/PendingStatusError/PendingStatusError.ql b/src/qlpack/src/drivers/wdm/queries/PendingStatusError/PendingStatusError.ql similarity index 97% rename from src/drivers/wdm/queries/PendingStatusError/PendingStatusError.ql rename to src/qlpack/src/drivers/wdm/queries/PendingStatusError/PendingStatusError.ql index 457f98d8..1ab52dbd 100644 --- a/src/drivers/wdm/queries/PendingStatusError/PendingStatusError.ql +++ b/src/qlpack/src/drivers/wdm/queries/PendingStatusError/PendingStatusError.ql @@ -1,73 +1,73 @@ -// Copyright (c) Microsoft Corporation. -// Licensed under the MIT license. -/** - * @id cpp/drivers/pending-status-error - * @name Did not return STATUS_PENDING after IoMarkIrpPending call - * @description A dispatch routine that calls IoMarkIrpPending includes at least one path in which the driver returns a value other than STATUS_PENDING. The IoMarkIrpPending routine marks the specified IRP, indicating that a driver's dispatch routine subsequently returned STATUS_PENDING because further processing is required by other driver routines. For more information please refer C28143 Code Analysis rule. - * @platform Desktop - * @security.severity Low - * @feature.area Multiple - * @impact Insecure Coding Practice - * @repro.text The following code locations potentially contain IoMarkIrpPending calls that do not return STATUS_PENDING - * @owner.email sdat@microsoft.com - * @opaqueid CQLD-C28143 - * @kind problem - * @problem.severity warning - * @precision Low - * @tags correctness - * ca_ported - * wddst - * @scope domainspecific - * @query-version v1 - */ - -import cpp -import drivers.wdm.libraries.WdmDrivers - -//Represents elements with IO_COMPLETION_ROUTINE type -class IORoutineTypedef extends TypedefType { - IORoutineTypedef() { this.getName().matches("IO_COMPLETION_ROUTINE") } -} - -//Evaluates to true for IO_COMPLETION_ROUTINE type routines. -predicate isIOCompletionRoutine(Function f) { - exists(FunctionDeclarationEntry fde | - fde.getFunction() = f and - fde.getTypedefType() instanceof IORoutineTypedef - ) -} - -predicate returnsStatusPending(FunctionCall call) { - exists(ReturnStmt rs | - //259 is the integer representaion for STATUS_PENDING - ( - rs.getExpr().(Literal).getValue().toInt() = 259 and - call.getASuccessor*() = rs - or - exists(VariableAccess va1, AssignExpr ae, VariableAccess va2 | - ( - //STATUS_PENDING assignment can occur before or after the function call. - call.getEnclosingFunction() = ae.getEnclosingFunction() and - ( - call.getAPredecessor*() = ae - or - call.getASuccessor*() = ae - ) - ) and - ae.getRValue().(Literal).getValue().toInt() = 259 and - ae.getLValue() = va1 and - ae.getASuccessor*() = rs and - va2.getParent() = rs and - va2.getTarget().getName() = va1.getTarget().getName() - ) - ) - ) -} - -from FunctionCall call -where - call.getTarget().getName() = "IoMarkIrpPending" and - call.getEnclosingFunction() instanceof WdmDispatchRoutine and - not returnsStatusPending(call) and - not isIOCompletionRoutine(call.getEnclosingFunction()) -select call, "The return type should be STATUS_PENDING when making IoMarkIrpPending calls" +// Copyright (c) Microsoft Corporation. +// Licensed under the MIT license. +/** + * @id cpp/drivers/pending-status-error + * @name Did not return STATUS_PENDING after IoMarkIrpPending call + * @description A dispatch routine that calls IoMarkIrpPending includes at least one path in which the driver returns a value other than STATUS_PENDING. The IoMarkIrpPending routine marks the specified IRP, indicating that a driver's dispatch routine subsequently returned STATUS_PENDING because further processing is required by other driver routines. For more information please refer C28143 Code Analysis rule. + * @platform Desktop + * @security.severity Low + * @feature.area Multiple + * @impact Insecure Coding Practice + * @repro.text The following code locations potentially contain IoMarkIrpPending calls that do not return STATUS_PENDING + * @owner.email sdat@microsoft.com + * @opaqueid CQLD-C28143 + * @kind problem + * @problem.severity warning + * @precision Low + * @tags correctness + * ca_ported + * wddst + * @scope domainspecific + * @query-version v1 + */ + +import cpp +import drivers.wdm.libraries.WdmDrivers + +//Represents elements with IO_COMPLETION_ROUTINE type +class IORoutineTypedef extends TypedefType { + IORoutineTypedef() { this.getName().matches("IO_COMPLETION_ROUTINE") } +} + +//Evaluates to true for IO_COMPLETION_ROUTINE type routines. +predicate isIOCompletionRoutine(Function f) { + exists(FunctionDeclarationEntry fde | + fde.getFunction() = f and + fde.getTypedefType() instanceof IORoutineTypedef + ) +} + +predicate returnsStatusPending(FunctionCall call) { + exists(ReturnStmt rs | + //259 is the integer representaion for STATUS_PENDING + ( + rs.getExpr().(Literal).getValue().toInt() = 259 and + call.getASuccessor*() = rs + or + exists(VariableAccess va1, AssignExpr ae, VariableAccess va2 | + ( + //STATUS_PENDING assignment can occur before or after the function call. + call.getEnclosingFunction() = ae.getEnclosingFunction() and + ( + call.getAPredecessor*() = ae + or + call.getASuccessor*() = ae + ) + ) and + ae.getRValue().(Literal).getValue().toInt() = 259 and + ae.getLValue() = va1 and + ae.getASuccessor*() = rs and + va2.getParent() = rs and + va2.getTarget().getName() = va1.getTarget().getName() + ) + ) + ) +} + +from FunctionCall call +where + call.getTarget().getName() = "IoMarkIrpPending" and + call.getEnclosingFunction() instanceof WdmDispatchRoutine and + not returnsStatusPending(call) and + not isIOCompletionRoutine(call.getEnclosingFunction()) +select call, "The return type should be STATUS_PENDING when making IoMarkIrpPending calls" diff --git a/src/drivers/wdm/queries/PendingStatusError/PendingStatusError.sarif b/src/qlpack/src/drivers/wdm/queries/PendingStatusError/PendingStatusError.sarif similarity index 97% rename from src/drivers/wdm/queries/PendingStatusError/PendingStatusError.sarif rename to src/qlpack/src/drivers/wdm/queries/PendingStatusError/PendingStatusError.sarif index 3c9fac0a..3a78df51 100644 --- a/src/drivers/wdm/queries/PendingStatusError/PendingStatusError.sarif +++ b/src/qlpack/src/drivers/wdm/queries/PendingStatusError/PendingStatusError.sarif @@ -1,114 +1,114 @@ -{ - "$schema" : "https://json.schemastore.org/sarif-2.1.0.json", - "version" : "2.1.0", - "runs" : [ { - "tool" : { - "driver" : { - "name" : "CodeQL", - "organization" : "GitHub", - "semanticVersion" : "2.11.5", - "rules" : [ { - "id" : "cpp/drivers/pending-status-error", - "name" : "cpp/drivers/pending-status-error", - "shortDescription" : { - "text" : "Did not return STATUS_PENDING after IoMarkIrpPending call" - }, - "fullDescription" : { - "text" : "A dispatch routine that calls IoMarkIrpPending includes at least one path in which the driver returns a value other than STATUS_PENDING. The IoMarkIrpPending routine marks the specified IRP, indicating that a driver's dispatch routine subsequently returned STATUS_PENDING because further processing is required by other driver routines. For more information please refer C28143 Code Analysis rule." - }, - "defaultConfiguration" : { - "enabled" : true, - "level" : "warning" - }, - "properties" : { - "tags" : [ "correctness", "wddst" ], - "description" : "A dispatch routine that calls IoMarkIrpPending includes at least one path in which the driver returns a value other than STATUS_PENDING. The IoMarkIrpPending routine marks the specified IRP, indicating that a driver's dispatch routine subsequently returned STATUS_PENDING because further processing is required by other driver routines. For more information please refer C28143 Code Analysis rule.", - "feature.area" : "Multiple", - "id" : "cpp/drivers/pending-status-error", - "impact" : "Insecure Coding Practice", - "kind" : "problem", - "name" : "Did not return STATUS_PENDING after IoMarkIrpPending call", - "opaqueid" : "CQLD-C28143", - "owner.email" : "sdat@microsoft.com", - "platform" : "Desktop", - "precision" : "Low", - "problem.severity" : "warning", - "query-version" : "v1", - "repro.text" : "The following code locations potentially contain IoMarkIrpPending calls that do not return STATUS_PENDING", - "scope" : "domainspecific", - "security.severity" : "Low" - } - } ] - }, - "extensions" : [ { - "name" : "microsoft/windows-drivers", - "semanticVersion" : "0.1.0+933e876f096a70922173e4d5ad604d99d4481af4", - "locations" : [ { - "uri" : "file:///C:/codeql-home/Windows-Driver-Developer-Supplemental-Tools/src/", - "description" : { - "text" : "The QL pack root directory." - } - }, { - "uri" : "file:///C:/codeql-home/Windows-Driver-Developer-Supplemental-Tools/src/qlpack.yml", - "description" : { - "text" : "The QL pack definition file." - } - } ] - }, { - "name" : "legacy-upgrades", - "semanticVersion" : "0.0.0", - "locations" : [ { - "uri" : "file:///C:/codeql-home/codeql/legacy-upgrades/", - "description" : { - "text" : "The QL pack root directory." - } - }, { - "uri" : "file:///C:/codeql-home/codeql/legacy-upgrades/qlpack.yml", - "description" : { - "text" : "The QL pack definition file." - } - } ] - } ] - }, - "artifacts" : [ { - "location" : { - "uri" : "driver/driver_snippet.c", - "uriBaseId" : "%SRCROOT%", - "index" : 0 - } - } ], - "results" : [ { - "ruleId" : "cpp/drivers/pending-status-error", - "ruleIndex" : 0, - "rule" : { - "id" : "cpp/drivers/pending-status-error", - "index" : 0 - }, - "message" : { - "text" : "The return type should be STATUS_PENDING when making IoMarkIrpPending calls" - }, - "locations" : [ { - "physicalLocation" : { - "artifactLocation" : { - "uri" : "driver/driver_snippet.c", - "uriBaseId" : "%SRCROOT%", - "index" : 0 - }, - "region" : { - "startLine" : 57, - "startColumn" : 9, - "endColumn" : 25 - } - } - } ], - "partialFingerprints" : { - "primaryLocationLineHash" : "53405033a4fa7dc4:1", - "primaryLocationStartColumnFingerprint" : "0" - } - } ], - "columnKind" : "utf16CodeUnits", - "properties" : { - "semmle.formatSpecifier" : "sarifv2.1.0" - } - } ] +{ + "$schema" : "https://json.schemastore.org/sarif-2.1.0.json", + "version" : "2.1.0", + "runs" : [ { + "tool" : { + "driver" : { + "name" : "CodeQL", + "organization" : "GitHub", + "semanticVersion" : "2.11.5", + "rules" : [ { + "id" : "cpp/drivers/pending-status-error", + "name" : "cpp/drivers/pending-status-error", + "shortDescription" : { + "text" : "Did not return STATUS_PENDING after IoMarkIrpPending call" + }, + "fullDescription" : { + "text" : "A dispatch routine that calls IoMarkIrpPending includes at least one path in which the driver returns a value other than STATUS_PENDING. The IoMarkIrpPending routine marks the specified IRP, indicating that a driver's dispatch routine subsequently returned STATUS_PENDING because further processing is required by other driver routines. For more information please refer C28143 Code Analysis rule." + }, + "defaultConfiguration" : { + "enabled" : true, + "level" : "warning" + }, + "properties" : { + "tags" : [ "correctness", "wddst" ], + "description" : "A dispatch routine that calls IoMarkIrpPending includes at least one path in which the driver returns a value other than STATUS_PENDING. The IoMarkIrpPending routine marks the specified IRP, indicating that a driver's dispatch routine subsequently returned STATUS_PENDING because further processing is required by other driver routines. For more information please refer C28143 Code Analysis rule.", + "feature.area" : "Multiple", + "id" : "cpp/drivers/pending-status-error", + "impact" : "Insecure Coding Practice", + "kind" : "problem", + "name" : "Did not return STATUS_PENDING after IoMarkIrpPending call", + "opaqueid" : "CQLD-C28143", + "owner.email" : "sdat@microsoft.com", + "platform" : "Desktop", + "precision" : "Low", + "problem.severity" : "warning", + "query-version" : "v1", + "repro.text" : "The following code locations potentially contain IoMarkIrpPending calls that do not return STATUS_PENDING", + "scope" : "domainspecific", + "security.severity" : "Low" + } + } ] + }, + "extensions" : [ { + "name" : "microsoft/windows-drivers", + "semanticVersion" : "0.1.0+933e876f096a70922173e4d5ad604d99d4481af4", + "locations" : [ { + "uri" : "file:///C:/codeql-home/Windows-Driver-Developer-Supplemental-Tools/src/", + "description" : { + "text" : "The QL pack root directory." + } + }, { + "uri" : "file:///C:/codeql-home/Windows-Driver-Developer-Supplemental-Tools/src/qlpack.yml", + "description" : { + "text" : "The QL pack definition file." + } + } ] + }, { + "name" : "legacy-upgrades", + "semanticVersion" : "0.0.0", + "locations" : [ { + "uri" : "file:///C:/codeql-home/codeql/legacy-upgrades/", + "description" : { + "text" : "The QL pack root directory." + } + }, { + "uri" : "file:///C:/codeql-home/codeql/legacy-upgrades/qlpack.yml", + "description" : { + "text" : "The QL pack definition file." + } + } ] + } ] + }, + "artifacts" : [ { + "location" : { + "uri" : "driver/driver_snippet.c", + "uriBaseId" : "%SRCROOT%", + "index" : 0 + } + } ], + "results" : [ { + "ruleId" : "cpp/drivers/pending-status-error", + "ruleIndex" : 0, + "rule" : { + "id" : "cpp/drivers/pending-status-error", + "index" : 0 + }, + "message" : { + "text" : "The return type should be STATUS_PENDING when making IoMarkIrpPending calls" + }, + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "driver/driver_snippet.c", + "uriBaseId" : "%SRCROOT%", + "index" : 0 + }, + "region" : { + "startLine" : 57, + "startColumn" : 9, + "endColumn" : 25 + } + } + } ], + "partialFingerprints" : { + "primaryLocationLineHash" : "53405033a4fa7dc4:1", + "primaryLocationStartColumnFingerprint" : "0" + } + } ], + "columnKind" : "utf16CodeUnits", + "properties" : { + "semmle.formatSpecifier" : "sarifv2.1.0" + } + } ] } \ No newline at end of file diff --git a/src/drivers/wdm/queries/PendingStatusError/driver_snippet.c b/src/qlpack/src/drivers/wdm/queries/PendingStatusError/driver_snippet.c similarity index 95% rename from src/drivers/wdm/queries/PendingStatusError/driver_snippet.c rename to src/qlpack/src/drivers/wdm/queries/PendingStatusError/driver_snippet.c index 3506deb4..12611512 100644 --- a/src/drivers/wdm/queries/PendingStatusError/driver_snippet.c +++ b/src/qlpack/src/drivers/wdm/queries/PendingStatusError/driver_snippet.c @@ -1,62 +1,62 @@ -// Copyright (c) Microsoft Corporation. -// Licensed under the MIT license. -// -// driver_snippet.c -// - -//Macros to enable or disable a code section that may or maynot conflict with this test. -#define SET_PENDING 1 -#define SET_DISPATCH 1 - - -//Template. Not called in this test. -void top_level_call(){} - - -//Passing Case -_Dispatch_type_(IRP_MJ_SYSTEM_WRITE) -DRIVER_DISPATCH DispatchWrite; - -_Use_decl_annotations_ -NTSTATUS -DispatchWrite ( - PDEVICE_OBJECT DeviceObject, - PIRP Irp - ) -{ - - UNREFERENCED_PARAMETER(DeviceObject); - PAGED_CODE(); - NTSTATUS status; - - status = STATUS_PENDING; - //The call below represents a passing case for PendingStatusError. - IoMarkIrpPending(Irp); - - IoCompleteRequest(Irp, IO_NO_INCREMENT); - return status; -} - -//Failing Case -_Dispatch_type_(IRP_MJ_SET_INFORMATION) -DRIVER_DISPATCH DispatchSetInformation; - -_Use_decl_annotations_ -NTSTATUS -DispatchSetInformation ( - PDEVICE_OBJECT DeviceObject, - PIRP Irp - ) -{ - - UNREFERENCED_PARAMETER(DeviceObject); - NTSTATUS status; - //The condition doesn't matter. It's for testing. - if(TRUE){ - //The call below represents a failing case for PendingStatusError. - IoMarkIrpPending(Irp); - } - status = STATUS_SUCCESS; - IoCompleteRequest(Irp, IO_NO_INCREMENT); - return status; -} +// Copyright (c) Microsoft Corporation. +// Licensed under the MIT license. +// +// driver_snippet.c +// + +//Macros to enable or disable a code section that may or maynot conflict with this test. +#define SET_PENDING 1 +#define SET_DISPATCH 1 + + +//Template. Not called in this test. +void top_level_call(){} + + +//Passing Case +_Dispatch_type_(IRP_MJ_SYSTEM_WRITE) +DRIVER_DISPATCH DispatchWrite; + +_Use_decl_annotations_ +NTSTATUS +DispatchWrite ( + PDEVICE_OBJECT DeviceObject, + PIRP Irp + ) +{ + + UNREFERENCED_PARAMETER(DeviceObject); + PAGED_CODE(); + NTSTATUS status; + + status = STATUS_PENDING; + //The call below represents a passing case for PendingStatusError. + IoMarkIrpPending(Irp); + + IoCompleteRequest(Irp, IO_NO_INCREMENT); + return status; +} + +//Failing Case +_Dispatch_type_(IRP_MJ_SET_INFORMATION) +DRIVER_DISPATCH DispatchSetInformation; + +_Use_decl_annotations_ +NTSTATUS +DispatchSetInformation ( + PDEVICE_OBJECT DeviceObject, + PIRP Irp + ) +{ + + UNREFERENCED_PARAMETER(DeviceObject); + NTSTATUS status; + //The condition doesn't matter. It's for testing. + if(TRUE){ + //The call below represents a failing case for PendingStatusError. + IoMarkIrpPending(Irp); + } + status = STATUS_SUCCESS; + IoCompleteRequest(Irp, IO_NO_INCREMENT); + return status; +} diff --git a/src/drivers/wdm/queries/README.md b/src/qlpack/src/drivers/wdm/queries/README.md similarity index 98% rename from src/drivers/wdm/queries/README.md rename to src/qlpack/src/drivers/wdm/queries/README.md index cf307d49..4a07205f 100644 --- a/src/drivers/wdm/queries/README.md +++ b/src/qlpack/src/drivers/wdm/queries/README.md @@ -1,7 +1,7 @@ -### The queries in general will have the following structure - -* PendingStatusError/ - - PendingStatusError.sarif -> Expected result of running PendingStatusError.ql on the sample database - - PendingStatusError.ql -> The query - - PendingStatusError.qhelp -> Query documentation using CodeQL styles +### The queries in general will have the following structure + +* PendingStatusError/ + - PendingStatusError.sarif -> Expected result of running PendingStatusError.ql on the sample database + - PendingStatusError.ql -> The query + - PendingStatusError.qhelp -> Query documentation using CodeQL styles - driver_snippet.c -> A test file containing passing and failing cases. \ No newline at end of file diff --git a/src/drivers/wdm/queries/WrongDispatchTableAssignment/WrongDispatchTableAssignment.qhelp b/src/qlpack/src/drivers/wdm/queries/WrongDispatchTableAssignment/WrongDispatchTableAssignment.qhelp similarity index 97% rename from src/drivers/wdm/queries/WrongDispatchTableAssignment/WrongDispatchTableAssignment.qhelp rename to src/qlpack/src/drivers/wdm/queries/WrongDispatchTableAssignment/WrongDispatchTableAssignment.qhelp index 39d692fa..70f1b6af 100644 --- a/src/drivers/wdm/queries/WrongDispatchTableAssignment/WrongDispatchTableAssignment.qhelp +++ b/src/qlpack/src/drivers/wdm/queries/WrongDispatchTableAssignment/WrongDispatchTableAssignment.qhelp @@ -1,44 +1,44 @@ - - - -

    - The dispatch table assignment satisfies any of these 3 scenarios: 1) The dispatch table assignment has a function whose type is not DRIVER_DISPATCH, or 2) The dispatch table assignment has a DRIVER_DISPATCH function at its right-hand side but the function doesn't have a driver dispatch type annotation, or 3) The dispatch function satisfies both of the above conditions but its dispatch type doesn't match the expected type for the dispatch table entry.

    -     - -

    - This defect can be corrected either using a DRIVER_DISPATCH type function or by adding a _Dispatch_type_ annotation to the function or correcting the dispatch table entry being used. -

    -     - -

    - In this example, the driver has a DRIVER_DISPATCH routine that is not annotated with the type(s) of IRP it handles. -

    - MajorFunction[IRP_MJ_CREATE] = SampleCreate; - ]]> - -

    - The driver should instead annotate its dispatch routines appropriately. -

    - MajorFunction[IRP_MJ_CREATE] = SampleCreate;... - ]]> - -     - -
  • - - C28168 warning - Windows Drivers - -
    • -
  • - - C28169 warning - Windows Drivers - -
    • -     -     + + + +

    + The dispatch table assignment satisfies any of these 3 scenarios: 1) The dispatch table assignment has a function whose type is not DRIVER_DISPATCH, or 2) The dispatch table assignment has a DRIVER_DISPATCH function at its right-hand side but the function doesn't have a driver dispatch type annotation, or 3) The dispatch function satisfies both of the above conditions but its dispatch type doesn't match the expected type for the dispatch table entry.

    +     + +

    + This defect can be corrected either using a DRIVER_DISPATCH type function or by adding a _Dispatch_type_ annotation to the function or correcting the dispatch table entry being used. +

    +     + +

    + In this example, the driver has a DRIVER_DISPATCH routine that is not annotated with the type(s) of IRP it handles. +

    + MajorFunction[IRP_MJ_CREATE] = SampleCreate; + ]]> + +

    + The driver should instead annotate its dispatch routines appropriately. +

    + MajorFunction[IRP_MJ_CREATE] = SampleCreate;... + ]]> + +     + +
  • + + C28168 warning - Windows Drivers + +
    • +
  • + + C28169 warning - Windows Drivers + +
    • +     +     diff --git a/src/drivers/wdm/queries/WrongDispatchTableAssignment/WrongDispatchTableAssignment.ql b/src/qlpack/src/drivers/wdm/queries/WrongDispatchTableAssignment/WrongDispatchTableAssignment.ql similarity index 97% rename from src/drivers/wdm/queries/WrongDispatchTableAssignment/WrongDispatchTableAssignment.ql rename to src/qlpack/src/drivers/wdm/queries/WrongDispatchTableAssignment/WrongDispatchTableAssignment.ql index e8204ba4..b91271c6 100644 --- a/src/drivers/wdm/queries/WrongDispatchTableAssignment/WrongDispatchTableAssignment.ql +++ b/src/qlpack/src/drivers/wdm/queries/WrongDispatchTableAssignment/WrongDispatchTableAssignment.ql @@ -1,95 +1,95 @@ -// Copyright (c) Microsoft Corporation. -// Licensed under the MIT license. -/** - * @id cpp/drivers/wrong-dispatch-table-assignment - * @name Incorrect dispatch table assignment - * @description The dispatch table assignment satisfies either of these 3 scenarios: 1) The dispatch table assignment has a function whose type is not DRIVER_DISPATCH, or 2) The dispatch table assignment has a DRIVER_DISPATCH function at its right-hand side but the function doesn't have a driver dispatch type annotation, or 3) The dispatch function satisfies both of the above conditions but its dispatch type doesn't match the expected type for the dispatch table entry. - * @platform Desktop - * @security.severity Low - * @feature.area Multiple - * @impact Exploitable design - * @repro.text The following lines of code may potentially contain incorrect assignment to dispatch table entry. - * @owner.email sdat@microsoft.com - * @opaqueid CQLD-D0003 - * @kind problem - * @problem.severity recommendation - * @precision Low - * @tags correctness - * wddst - * @scope domainspecific - * @query-version v1 - */ - -import cpp -import drivers.wdm.libraries.WdmDrivers -import drivers.libraries.SAL - -//Evaluates to true for AssignExpr for whom the right hand side evaluates to a FunctionAccess whose target is -//a WdmDispatchRoutine but its dispatch type annotation doesn't match the dispatch table entry -predicate dispatchAnnotationMismatched(AssignExpr ae) { - exists(DispatchTypeDefinition dmi, WdmDispatchRoutine wdr, FunctionAccess faa | - ae.getRValue().(FunctionAccess) = faa and - faa.getTarget() = wdr and - dmi.getDeclarationEntry() = wdr.getADeclarationEntry() and - not wdr.matchesAnnotation(dmi) - ) -} - -//Evaluates to true if a given assignment, recursively, has a WdmDispatchRoutine callback routine as the right hand side -predicate dispatchRoutineExists(AssignExpr ae) { - exists(FunctionAccess fa | - ae.getRValue() = fa and - fa.getTarget() instanceof WdmDispatchRoutine - ) - or - ae.getRValue() instanceof AssignExpr and - dispatchRoutineExists(ae.getRValue().(AssignExpr)) -} - -//Represents dispatch table AssignExpr whose right hand side is not a funtion of type DRIVER_DISPATCH -class NonDispatchFunction extends AssignExpr { - NonDispatchFunction() { - exists( - ArrayExpr dispatchTable, PointerFieldAccess fieldAccess, VariableAccess driverObjectAccess - | - this.getLValue() = dispatchTable and - not dispatchRoutineExists(this) and - dispatchTable.getArrayBase() = fieldAccess and - fieldAccess.getQualifier() = driverObjectAccess and - driverObjectAccess.getTarget().getType().getName().matches("PDRIVER_OBJECT") and - this.getEnclosingFunction() instanceof WdmDriverEntry - ) - } -} - -//Evaluates to true for a dispatch table assignment where the dispatch function doesn't have annotation matching "this" dispatch table entry. -predicate dispatchAnnotationMissing(AssignExpr ae) { - exists(CallbackRoutineAssignment cra, WdmDispatchRoutine dr | - ae = cra and - cra.getTarget() = dr and - not exists(DispatchTypeDefinition dmi | dmi.getDeclarationEntry() = dr.getADeclarationEntry()) - ) -} - -//Represents AssignExpr that satisfy either of the three scenarios given below -class WrongDispatchFunctionAssignments extends AssignExpr { - string message; - - WrongDispatchFunctionAssignments() { - this instanceof NonDispatchFunction and - message = - "Dispatch table assignment should have a DRIVER_DISPATCH type routine as its right-hand side value." - or - dispatchAnnotationMissing(this) and - message = "The dispatch function does not have a dispatch type annotation." - or - dispatchAnnotationMismatched(this) and - message = - "The dispatch function does not have a dispatch type annotation matching this dispatch table entry." - } - - string getMessage() { result = message } -} - -from WrongDispatchFunctionAssignments wdfa -select wdfa, wdfa.getMessage() +// Copyright (c) Microsoft Corporation. +// Licensed under the MIT license. +/** + * @id cpp/drivers/wrong-dispatch-table-assignment + * @name Incorrect dispatch table assignment + * @description The dispatch table assignment satisfies either of these 3 scenarios: 1) The dispatch table assignment has a function whose type is not DRIVER_DISPATCH, or 2) The dispatch table assignment has a DRIVER_DISPATCH function at its right-hand side but the function doesn't have a driver dispatch type annotation, or 3) The dispatch function satisfies both of the above conditions but its dispatch type doesn't match the expected type for the dispatch table entry. + * @platform Desktop + * @security.severity Low + * @feature.area Multiple + * @impact Exploitable design + * @repro.text The following lines of code may potentially contain incorrect assignment to dispatch table entry. + * @owner.email sdat@microsoft.com + * @opaqueid CQLD-D0003 + * @kind problem + * @problem.severity recommendation + * @precision Low + * @tags correctness + * wddst + * @scope domainspecific + * @query-version v1 + */ + +import cpp +import drivers.wdm.libraries.WdmDrivers +import drivers.libraries.SAL + +//Evaluates to true for AssignExpr for whom the right hand side evaluates to a FunctionAccess whose target is +//a WdmDispatchRoutine but its dispatch type annotation doesn't match the dispatch table entry +predicate dispatchAnnotationMismatched(AssignExpr ae) { + exists(DispatchTypeDefinition dmi, WdmDispatchRoutine wdr, FunctionAccess faa | + ae.getRValue().(FunctionAccess) = faa and + faa.getTarget() = wdr and + dmi.getDeclarationEntry() = wdr.getADeclarationEntry() and + not wdr.matchesAnnotation(dmi) + ) +} + +//Evaluates to true if a given assignment, recursively, has a WdmDispatchRoutine callback routine as the right hand side +predicate dispatchRoutineExists(AssignExpr ae) { + exists(FunctionAccess fa | + ae.getRValue() = fa and + fa.getTarget() instanceof WdmDispatchRoutine + ) + or + ae.getRValue() instanceof AssignExpr and + dispatchRoutineExists(ae.getRValue().(AssignExpr)) +} + +//Represents dispatch table AssignExpr whose right hand side is not a funtion of type DRIVER_DISPATCH +class NonDispatchFunction extends AssignExpr { + NonDispatchFunction() { + exists( + ArrayExpr dispatchTable, PointerFieldAccess fieldAccess, VariableAccess driverObjectAccess + | + this.getLValue() = dispatchTable and + not dispatchRoutineExists(this) and + dispatchTable.getArrayBase() = fieldAccess and + fieldAccess.getQualifier() = driverObjectAccess and + driverObjectAccess.getTarget().getType().getName().matches("PDRIVER_OBJECT") and + this.getEnclosingFunction() instanceof WdmDriverEntry + ) + } +} + +//Evaluates to true for a dispatch table assignment where the dispatch function doesn't have annotation matching "this" dispatch table entry. +predicate dispatchAnnotationMissing(AssignExpr ae) { + exists(CallbackRoutineAssignment cra, WdmDispatchRoutine dr | + ae = cra and + cra.getTarget() = dr and + not exists(DispatchTypeDefinition dmi | dmi.getDeclarationEntry() = dr.getADeclarationEntry()) + ) +} + +//Represents AssignExpr that satisfy either of the three scenarios given below +class WrongDispatchFunctionAssignments extends AssignExpr { + string message; + + WrongDispatchFunctionAssignments() { + this instanceof NonDispatchFunction and + message = + "Dispatch table assignment should have a DRIVER_DISPATCH type routine as its right-hand side value." + or + dispatchAnnotationMissing(this) and + message = "The dispatch function does not have a dispatch type annotation." + or + dispatchAnnotationMismatched(this) and + message = + "The dispatch function does not have a dispatch type annotation matching this dispatch table entry." + } + + string getMessage() { result = message } +} + +from WrongDispatchFunctionAssignments wdfa +select wdfa, wdfa.getMessage() diff --git a/src/drivers/wdm/queries/WrongDispatchTableAssignment/WrongDispatchTableAssignment.sarif b/src/qlpack/src/drivers/wdm/queries/WrongDispatchTableAssignment/WrongDispatchTableAssignment.sarif similarity index 97% rename from src/drivers/wdm/queries/WrongDispatchTableAssignment/WrongDispatchTableAssignment.sarif rename to src/qlpack/src/drivers/wdm/queries/WrongDispatchTableAssignment/WrongDispatchTableAssignment.sarif index b354bf5d..28227ab4 100644 --- a/src/drivers/wdm/queries/WrongDispatchTableAssignment/WrongDispatchTableAssignment.sarif +++ b/src/qlpack/src/drivers/wdm/queries/WrongDispatchTableAssignment/WrongDispatchTableAssignment.sarif @@ -1,170 +1,170 @@ -{ - "$schema" : "https://json.schemastore.org/sarif-2.1.0.json", - "version" : "2.1.0", - "runs" : [ { - "tool" : { - "driver" : { - "name" : "CodeQL", - "organization" : "GitHub", - "semanticVersion" : "2.11.5", - "rules" : [ { - "id" : "cpp/drivers/wrong-dispatch-table-assignment", - "name" : "cpp/drivers/wrong-dispatch-table-assignment", - "shortDescription" : { - "text" : "Incorrect dispatch table assignment" - }, - "fullDescription" : { - "text" : "The dispatch table assignment satisfies either of these 3 scenarios: 1) The dispatch table assignment has a function whose type is not DRIVER_DISPATCH, or 2) The dispatch table assignment has a DRIVER_DISPATCH function at its right-hand side but the function doesn't have a driver dispatch type annotation, or 3) The dispatch function satisfies both of the above conditions but its dispatch type doesn't match the expected type for the dispatch table entry." - }, - "defaultConfiguration" : { - "enabled" : true, - "level" : "warning" - }, - "properties" : { - "tags" : [ "correctness", "wddst" ], - "description" : "The dispatch table assignment satisfies either of these 3 scenarios: 1) The dispatch table assignment has a function whose type is not DRIVER_DISPATCH, or 2) The dispatch table assignment has a DRIVER_DISPATCH function at its right-hand side but the function doesn't have a driver dispatch type annotation, or 3) The dispatch function satisfies both of the above conditions but its dispatch type doesn't match the expected type for the dispatch table entry.", - "feature.area" : "Multiple", - "id" : "cpp/drivers/wrong-dispatch-table-assignment", - "impact" : "Exploitable design", - "kind" : "problem", - "name" : "Incorrect dispatch table assignment", - "opaqueid" : "CQLD-D0003", - "owner.email" : "sdat@microsoft.com", - "platform" : "Desktop", - "precision" : "Low", - "problem.severity" : "warning", - "query-version" : "v1", - "repro.text" : "The following lines of code may potentially contain incorrect assignment to dispatch table entry.", - "scope" : "domainspecific", - "security.severity" : "Low" - } - } ] - }, - "extensions" : [ { - "name" : "microsoft/windows-drivers", - "semanticVersion" : "0.1.0+933e876f096a70922173e4d5ad604d99d4481af4", - "locations" : [ { - "uri" : "file:///C:/codeql-home/Windows-Driver-Developer-Supplemental-Tools/src/", - "description" : { - "text" : "The QL pack root directory." - } - }, { - "uri" : "file:///C:/codeql-home/Windows-Driver-Developer-Supplemental-Tools/src/qlpack.yml", - "description" : { - "text" : "The QL pack definition file." - } - } ] - }, { - "name" : "legacy-upgrades", - "semanticVersion" : "0.0.0", - "locations" : [ { - "uri" : "file:///C:/codeql-home/codeql/legacy-upgrades/", - "description" : { - "text" : "The QL pack root directory." - } - }, { - "uri" : "file:///C:/codeql-home/codeql/legacy-upgrades/qlpack.yml", - "description" : { - "text" : "The QL pack definition file." - } - } ] - } ] - }, - "artifacts" : [ { - "location" : { - "uri" : "driver/fail_driver1.c", - "uriBaseId" : "%SRCROOT%", - "index" : 0 - } - } ], - "results" : [ { - "ruleId" : "cpp/drivers/wrong-dispatch-table-assignment", - "ruleIndex" : 0, - "rule" : { - "id" : "cpp/drivers/wrong-dispatch-table-assignment", - "index" : 0 - }, - "message" : { - "text" : "The dispatch function does not have a dispatch type annotation matching this dispatch table entry." - }, - "locations" : [ { - "physicalLocation" : { - "artifactLocation" : { - "uri" : "driver/fail_driver1.c", - "uriBaseId" : "%SRCROOT%", - "index" : 0 - }, - "region" : { - "startLine" : 63, - "startColumn" : 5, - "endColumn" : 92 - } - } - } ], - "partialFingerprints" : { - "primaryLocationLineHash" : "2fec3da094885e8a:1", - "primaryLocationStartColumnFingerprint" : "0" - } - }, { - "ruleId" : "cpp/drivers/wrong-dispatch-table-assignment", - "ruleIndex" : 0, - "rule" : { - "id" : "cpp/drivers/wrong-dispatch-table-assignment", - "index" : 0 - }, - "message" : { - "text" : "Dispatch table assignment should have a DRIVER_DISPATCH type routine as its right-hand side value." - }, - "locations" : [ { - "physicalLocation" : { - "artifactLocation" : { - "uri" : "driver/fail_driver1.c", - "uriBaseId" : "%SRCROOT%", - "index" : 0 - }, - "region" : { - "startLine" : 64, - "startColumn" : 5, - "endColumn" : 90 - } - } - } ], - "partialFingerprints" : { - "primaryLocationLineHash" : "8b6f17daca28a190:1", - "primaryLocationStartColumnFingerprint" : "0" - } - }, { - "ruleId" : "cpp/drivers/wrong-dispatch-table-assignment", - "ruleIndex" : 0, - "rule" : { - "id" : "cpp/drivers/wrong-dispatch-table-assignment", - "index" : 0 - }, - "message" : { - "text" : "The dispatch function does not have a dispatch type annotation." - }, - "locations" : [ { - "physicalLocation" : { - "artifactLocation" : { - "uri" : "driver/fail_driver1.c", - "uriBaseId" : "%SRCROOT%", - "index" : 0 - }, - "region" : { - "startLine" : 67, - "startColumn" : 5, - "endColumn" : 89 - } - } - } ], - "partialFingerprints" : { - "primaryLocationLineHash" : "aa91e7d0d2a92d50:1", - "primaryLocationStartColumnFingerprint" : "0" - } - } ], - "columnKind" : "utf16CodeUnits", - "properties" : { - "semmle.formatSpecifier" : "sarifv2.1.0" - } - } ] +{ + "$schema" : "https://json.schemastore.org/sarif-2.1.0.json", + "version" : "2.1.0", + "runs" : [ { + "tool" : { + "driver" : { + "name" : "CodeQL", + "organization" : "GitHub", + "semanticVersion" : "2.11.5", + "rules" : [ { + "id" : "cpp/drivers/wrong-dispatch-table-assignment", + "name" : "cpp/drivers/wrong-dispatch-table-assignment", + "shortDescription" : { + "text" : "Incorrect dispatch table assignment" + }, + "fullDescription" : { + "text" : "The dispatch table assignment satisfies either of these 3 scenarios: 1) The dispatch table assignment has a function whose type is not DRIVER_DISPATCH, or 2) The dispatch table assignment has a DRIVER_DISPATCH function at its right-hand side but the function doesn't have a driver dispatch type annotation, or 3) The dispatch function satisfies both of the above conditions but its dispatch type doesn't match the expected type for the dispatch table entry." + }, + "defaultConfiguration" : { + "enabled" : true, + "level" : "warning" + }, + "properties" : { + "tags" : [ "correctness", "wddst" ], + "description" : "The dispatch table assignment satisfies either of these 3 scenarios: 1) The dispatch table assignment has a function whose type is not DRIVER_DISPATCH, or 2) The dispatch table assignment has a DRIVER_DISPATCH function at its right-hand side but the function doesn't have a driver dispatch type annotation, or 3) The dispatch function satisfies both of the above conditions but its dispatch type doesn't match the expected type for the dispatch table entry.", + "feature.area" : "Multiple", + "id" : "cpp/drivers/wrong-dispatch-table-assignment", + "impact" : "Exploitable design", + "kind" : "problem", + "name" : "Incorrect dispatch table assignment", + "opaqueid" : "CQLD-D0003", + "owner.email" : "sdat@microsoft.com", + "platform" : "Desktop", + "precision" : "Low", + "problem.severity" : "warning", + "query-version" : "v1", + "repro.text" : "The following lines of code may potentially contain incorrect assignment to dispatch table entry.", + "scope" : "domainspecific", + "security.severity" : "Low" + } + } ] + }, + "extensions" : [ { + "name" : "microsoft/windows-drivers", + "semanticVersion" : "0.1.0+933e876f096a70922173e4d5ad604d99d4481af4", + "locations" : [ { + "uri" : "file:///C:/codeql-home/Windows-Driver-Developer-Supplemental-Tools/src/", + "description" : { + "text" : "The QL pack root directory." + } + }, { + "uri" : "file:///C:/codeql-home/Windows-Driver-Developer-Supplemental-Tools/src/qlpack.yml", + "description" : { + "text" : "The QL pack definition file." + } + } ] + }, { + "name" : "legacy-upgrades", + "semanticVersion" : "0.0.0", + "locations" : [ { + "uri" : "file:///C:/codeql-home/codeql/legacy-upgrades/", + "description" : { + "text" : "The QL pack root directory." + } + }, { + "uri" : "file:///C:/codeql-home/codeql/legacy-upgrades/qlpack.yml", + "description" : { + "text" : "The QL pack definition file." + } + } ] + } ] + }, + "artifacts" : [ { + "location" : { + "uri" : "driver/fail_driver1.c", + "uriBaseId" : "%SRCROOT%", + "index" : 0 + } + } ], + "results" : [ { + "ruleId" : "cpp/drivers/wrong-dispatch-table-assignment", + "ruleIndex" : 0, + "rule" : { + "id" : "cpp/drivers/wrong-dispatch-table-assignment", + "index" : 0 + }, + "message" : { + "text" : "The dispatch function does not have a dispatch type annotation matching this dispatch table entry." + }, + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "driver/fail_driver1.c", + "uriBaseId" : "%SRCROOT%", + "index" : 0 + }, + "region" : { + "startLine" : 63, + "startColumn" : 5, + "endColumn" : 92 + } + } + } ], + "partialFingerprints" : { + "primaryLocationLineHash" : "2fec3da094885e8a:1", + "primaryLocationStartColumnFingerprint" : "0" + } + }, { + "ruleId" : "cpp/drivers/wrong-dispatch-table-assignment", + "ruleIndex" : 0, + "rule" : { + "id" : "cpp/drivers/wrong-dispatch-table-assignment", + "index" : 0 + }, + "message" : { + "text" : "Dispatch table assignment should have a DRIVER_DISPATCH type routine as its right-hand side value." + }, + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "driver/fail_driver1.c", + "uriBaseId" : "%SRCROOT%", + "index" : 0 + }, + "region" : { + "startLine" : 64, + "startColumn" : 5, + "endColumn" : 90 + } + } + } ], + "partialFingerprints" : { + "primaryLocationLineHash" : "8b6f17daca28a190:1", + "primaryLocationStartColumnFingerprint" : "0" + } + }, { + "ruleId" : "cpp/drivers/wrong-dispatch-table-assignment", + "ruleIndex" : 0, + "rule" : { + "id" : "cpp/drivers/wrong-dispatch-table-assignment", + "index" : 0 + }, + "message" : { + "text" : "The dispatch function does not have a dispatch type annotation." + }, + "locations" : [ { + "physicalLocation" : { + "artifactLocation" : { + "uri" : "driver/fail_driver1.c", + "uriBaseId" : "%SRCROOT%", + "index" : 0 + }, + "region" : { + "startLine" : 67, + "startColumn" : 5, + "endColumn" : 89 + } + } + } ], + "partialFingerprints" : { + "primaryLocationLineHash" : "aa91e7d0d2a92d50:1", + "primaryLocationStartColumnFingerprint" : "0" + } + } ], + "columnKind" : "utf16CodeUnits", + "properties" : { + "semmle.formatSpecifier" : "sarifv2.1.0" + } + } ] } \ No newline at end of file diff --git a/src/drivers/wdm/queries/WrongDispatchTableAssignment/driver_snippet.c b/src/qlpack/src/drivers/wdm/queries/WrongDispatchTableAssignment/driver_snippet.c similarity index 95% rename from src/drivers/wdm/queries/WrongDispatchTableAssignment/driver_snippet.c rename to src/qlpack/src/drivers/wdm/queries/WrongDispatchTableAssignment/driver_snippet.c index 320f17ba..bcdd37fe 100644 --- a/src/drivers/wdm/queries/WrongDispatchTableAssignment/driver_snippet.c +++ b/src/qlpack/src/drivers/wdm/queries/WrongDispatchTableAssignment/driver_snippet.c @@ -1,26 +1,26 @@ -// Copyright (c) Microsoft Corporation. -// Licensed under the MIT license. - - -//Fails: missing SAL annotation -DRIVER_DISPATCH DispatchPnp; - -//Fails: annotation mismatch -_Dispatch_type_(IRP_MJ_CLOSE) -DRIVER_DISPATCH DispatchCreate; - -//Fails: since the expected SAL annotation for IRP_% types is _Dispatch_type_ -_Function_class_(IRP_MJ_READ) -_Function_class_(DRIVER_DISPATCH) -NTSTATUS -DispatchRead ( - _In_ PDEVICE_OBJECT DeviceObject, - _Inout_ PIRP Irp - ); - -//Passs -_Dispatch_type_(IRP_MN_CANCEL_REMOVE_DEVICE) -_Dispatch_type_(IRP_MN_CANCEL_STOP_DEVICE) -DRIVER_DISPATCH DispatchCancel; - -void top_level_call(){} +// Copyright (c) Microsoft Corporation. +// Licensed under the MIT license. + + +//Fails: missing SAL annotation +DRIVER_DISPATCH DispatchPnp; + +//Fails: annotation mismatch +_Dispatch_type_(IRP_MJ_CLOSE) +DRIVER_DISPATCH DispatchCreate; + +//Fails: since the expected SAL annotation for IRP_% types is _Dispatch_type_ +_Function_class_(IRP_MJ_READ) +_Function_class_(DRIVER_DISPATCH) +NTSTATUS +DispatchRead ( + _In_ PDEVICE_OBJECT DeviceObject, + _Inout_ PIRP Irp + ); + +//Passs +_Dispatch_type_(IRP_MN_CANCEL_REMOVE_DEVICE) +_Dispatch_type_(IRP_MN_CANCEL_STOP_DEVICE) +DRIVER_DISPATCH DispatchCancel; + +void top_level_call(){} diff --git a/src/microsoft/Likely Bugs/Boundary Violations/PaddingByteInformationDisclosure.qhelp b/src/qlpack/src/microsoft/Likely Bugs/Boundary Violations/PaddingByteInformationDisclosure.qhelp similarity index 100% rename from src/microsoft/Likely Bugs/Boundary Violations/PaddingByteInformationDisclosure.qhelp rename to src/qlpack/src/microsoft/Likely Bugs/Boundary Violations/PaddingByteInformationDisclosure.qhelp diff --git a/src/microsoft/Likely Bugs/Boundary Violations/PaddingByteInformationDisclosure.ql b/src/qlpack/src/microsoft/Likely Bugs/Boundary Violations/PaddingByteInformationDisclosure.ql similarity index 100% rename from src/microsoft/Likely Bugs/Boundary Violations/PaddingByteInformationDisclosure.ql rename to src/qlpack/src/microsoft/Likely Bugs/Boundary Violations/PaddingByteInformationDisclosure.ql diff --git a/src/microsoft/Likely Bugs/Boundary Violations/PaddingByteInformationDisclosureBadCode.c b/src/qlpack/src/microsoft/Likely Bugs/Boundary Violations/PaddingByteInformationDisclosureBadCode.c similarity index 100% rename from src/microsoft/Likely Bugs/Boundary Violations/PaddingByteInformationDisclosureBadCode.c rename to src/qlpack/src/microsoft/Likely Bugs/Boundary Violations/PaddingByteInformationDisclosureBadCode.c diff --git a/src/microsoft/Likely Bugs/Boundary Violations/PaddingByteInformationDisclosureGoodCode.c b/src/qlpack/src/microsoft/Likely Bugs/Boundary Violations/PaddingByteInformationDisclosureGoodCode.c similarity index 100% rename from src/microsoft/Likely Bugs/Boundary Violations/PaddingByteInformationDisclosureGoodCode.c rename to src/qlpack/src/microsoft/Likely Bugs/Boundary Violations/PaddingByteInformationDisclosureGoodCode.c diff --git a/src/microsoft/Likely Bugs/Conversion/BadOverflowGuard.qhelp b/src/qlpack/src/microsoft/Likely Bugs/Conversion/BadOverflowGuard.qhelp similarity index 100% rename from src/microsoft/Likely Bugs/Conversion/BadOverflowGuard.qhelp rename to src/qlpack/src/microsoft/Likely Bugs/Conversion/BadOverflowGuard.qhelp diff --git a/src/microsoft/Likely Bugs/Conversion/BadOverflowGuard.ql b/src/qlpack/src/microsoft/Likely Bugs/Conversion/BadOverflowGuard.ql similarity index 100% rename from src/microsoft/Likely Bugs/Conversion/BadOverflowGuard.ql rename to src/qlpack/src/microsoft/Likely Bugs/Conversion/BadOverflowGuard.ql diff --git a/src/microsoft/Likely Bugs/Conversion/BadOverflowGuardBadCode.c b/src/qlpack/src/microsoft/Likely Bugs/Conversion/BadOverflowGuardBadCode.c similarity index 100% rename from src/microsoft/Likely Bugs/Conversion/BadOverflowGuardBadCode.c rename to src/qlpack/src/microsoft/Likely Bugs/Conversion/BadOverflowGuardBadCode.c diff --git a/src/microsoft/Likely Bugs/Conversion/BadOverflowGuardGoodCode.c b/src/qlpack/src/microsoft/Likely Bugs/Conversion/BadOverflowGuardGoodCode.c similarity index 100% rename from src/microsoft/Likely Bugs/Conversion/BadOverflowGuardGoodCode.c rename to src/qlpack/src/microsoft/Likely Bugs/Conversion/BadOverflowGuardGoodCode.c diff --git a/src/microsoft/Likely Bugs/Conversion/InfiniteLoop.qhelp b/src/qlpack/src/microsoft/Likely Bugs/Conversion/InfiniteLoop.qhelp similarity index 100% rename from src/microsoft/Likely Bugs/Conversion/InfiniteLoop.qhelp rename to src/qlpack/src/microsoft/Likely Bugs/Conversion/InfiniteLoop.qhelp diff --git a/src/microsoft/Likely Bugs/Conversion/InfiniteLoop.ql b/src/qlpack/src/microsoft/Likely Bugs/Conversion/InfiniteLoop.ql similarity index 100% rename from src/microsoft/Likely Bugs/Conversion/InfiniteLoop.ql rename to src/qlpack/src/microsoft/Likely Bugs/Conversion/InfiniteLoop.ql diff --git a/src/microsoft/Likely Bugs/Conversion/InfiniteLoopBadCode.c b/src/qlpack/src/microsoft/Likely Bugs/Conversion/InfiniteLoopBadCode.c similarity index 100% rename from src/microsoft/Likely Bugs/Conversion/InfiniteLoopBadCode.c rename to src/qlpack/src/microsoft/Likely Bugs/Conversion/InfiniteLoopBadCode.c diff --git a/src/microsoft/Likely Bugs/Conversion/InfiniteLoopGoodCode.c b/src/qlpack/src/microsoft/Likely Bugs/Conversion/InfiniteLoopGoodCode.c similarity index 100% rename from src/microsoft/Likely Bugs/Conversion/InfiniteLoopGoodCode.c rename to src/qlpack/src/microsoft/Likely Bugs/Conversion/InfiniteLoopGoodCode.c diff --git a/src/microsoft/Likely Bugs/Memory Management/UseAfterFree/ProbableUseAfterFree.qhelp b/src/qlpack/src/microsoft/Likely Bugs/Memory Management/UseAfterFree/ProbableUseAfterFree.qhelp similarity index 100% rename from src/microsoft/Likely Bugs/Memory Management/UseAfterFree/ProbableUseAfterFree.qhelp rename to src/qlpack/src/microsoft/Likely Bugs/Memory Management/UseAfterFree/ProbableUseAfterFree.qhelp diff --git a/src/microsoft/Likely Bugs/Memory Management/UseAfterFree/ProbableUseAfterFree.ql b/src/qlpack/src/microsoft/Likely Bugs/Memory Management/UseAfterFree/ProbableUseAfterFree.ql similarity index 100% rename from src/microsoft/Likely Bugs/Memory Management/UseAfterFree/ProbableUseAfterFree.ql rename to src/qlpack/src/microsoft/Likely Bugs/Memory Management/UseAfterFree/ProbableUseAfterFree.ql diff --git a/src/microsoft/Likely Bugs/Memory Management/UseAfterFree/UseAfterFree.qhelp b/src/qlpack/src/microsoft/Likely Bugs/Memory Management/UseAfterFree/UseAfterFree.qhelp similarity index 100% rename from src/microsoft/Likely Bugs/Memory Management/UseAfterFree/UseAfterFree.qhelp rename to src/qlpack/src/microsoft/Likely Bugs/Memory Management/UseAfterFree/UseAfterFree.qhelp diff --git a/src/microsoft/Likely Bugs/Memory Management/UseAfterFree/UseAfterFree.ql b/src/qlpack/src/microsoft/Likely Bugs/Memory Management/UseAfterFree/UseAfterFree.ql similarity index 100% rename from src/microsoft/Likely Bugs/Memory Management/UseAfterFree/UseAfterFree.ql rename to src/qlpack/src/microsoft/Likely Bugs/Memory Management/UseAfterFree/UseAfterFree.ql diff --git a/src/microsoft/Likely Bugs/Memory Management/UseAfterFree/UseAfterFreeLib.qhelp b/src/qlpack/src/microsoft/Likely Bugs/Memory Management/UseAfterFree/UseAfterFreeLib.qhelp similarity index 100% rename from src/microsoft/Likely Bugs/Memory Management/UseAfterFree/UseAfterFreeLib.qhelp rename to src/qlpack/src/microsoft/Likely Bugs/Memory Management/UseAfterFree/UseAfterFreeLib.qhelp diff --git a/src/microsoft/Likely Bugs/Memory Management/UseAfterFree/UseAfterFreeLib.qll b/src/qlpack/src/microsoft/Likely Bugs/Memory Management/UseAfterFree/UseAfterFreeLib.qll similarity index 100% rename from src/microsoft/Likely Bugs/Memory Management/UseAfterFree/UseAfterFreeLib.qll rename to src/qlpack/src/microsoft/Likely Bugs/Memory Management/UseAfterFree/UseAfterFreeLib.qll diff --git a/src/microsoft/Likely Bugs/Memory Management/UseAfterFree/UseAfterFree_bad.c b/src/qlpack/src/microsoft/Likely Bugs/Memory Management/UseAfterFree/UseAfterFree_bad.c similarity index 100% rename from src/microsoft/Likely Bugs/Memory Management/UseAfterFree/UseAfterFree_bad.c rename to src/qlpack/src/microsoft/Likely Bugs/Memory Management/UseAfterFree/UseAfterFree_bad.c diff --git a/src/microsoft/Likely Bugs/Memory Management/UseAfterFree/UseAfterFree_good.c b/src/qlpack/src/microsoft/Likely Bugs/Memory Management/UseAfterFree/UseAfterFree_good.c similarity index 100% rename from src/microsoft/Likely Bugs/Memory Management/UseAfterFree/UseAfterFree_good.c rename to src/qlpack/src/microsoft/Likely Bugs/Memory Management/UseAfterFree/UseAfterFree_good.c diff --git a/src/microsoft/Likely Bugs/UninitializedPtrField.qhelp b/src/qlpack/src/microsoft/Likely Bugs/UninitializedPtrField.qhelp similarity index 100% rename from src/microsoft/Likely Bugs/UninitializedPtrField.qhelp rename to src/qlpack/src/microsoft/Likely Bugs/UninitializedPtrField.qhelp diff --git a/src/microsoft/Likely Bugs/UninitializedPtrField.ql b/src/qlpack/src/microsoft/Likely Bugs/UninitializedPtrField.ql similarity index 100% rename from src/microsoft/Likely Bugs/UninitializedPtrField.ql rename to src/qlpack/src/microsoft/Likely Bugs/UninitializedPtrField.ql diff --git a/src/microsoft/Likely Bugs/UninitializedPtrFieldBadCode.c b/src/qlpack/src/microsoft/Likely Bugs/UninitializedPtrFieldBadCode.c similarity index 100% rename from src/microsoft/Likely Bugs/UninitializedPtrFieldBadCode.c rename to src/qlpack/src/microsoft/Likely Bugs/UninitializedPtrFieldBadCode.c diff --git a/src/microsoft/Likely Bugs/UninitializedPtrFieldGoodCode.c b/src/qlpack/src/microsoft/Likely Bugs/UninitializedPtrFieldGoodCode.c similarity index 100% rename from src/microsoft/Likely Bugs/UninitializedPtrFieldGoodCode.c rename to src/qlpack/src/microsoft/Likely Bugs/UninitializedPtrFieldGoodCode.c diff --git a/src/microsoft/Security/CWE/CWE-704/WcharCharConversion.cpp b/src/qlpack/src/microsoft/Security/CWE/CWE-704/WcharCharConversion.cpp similarity index 100% rename from src/microsoft/Security/CWE/CWE-704/WcharCharConversion.cpp rename to src/qlpack/src/microsoft/Security/CWE/CWE-704/WcharCharConversion.cpp diff --git a/src/microsoft/Security/CWE/CWE-704/WcharCharConversionLimited.qhelp b/src/qlpack/src/microsoft/Security/CWE/CWE-704/WcharCharConversionLimited.qhelp similarity index 100% rename from src/microsoft/Security/CWE/CWE-704/WcharCharConversionLimited.qhelp rename to src/qlpack/src/microsoft/Security/CWE/CWE-704/WcharCharConversionLimited.qhelp diff --git a/src/microsoft/Security/CWE/CWE-704/WcharCharConversionLimited.ql b/src/qlpack/src/microsoft/Security/CWE/CWE-704/WcharCharConversionLimited.ql similarity index 100% rename from src/microsoft/Security/CWE/CWE-704/WcharCharConversionLimited.ql rename to src/qlpack/src/microsoft/Security/CWE/CWE-704/WcharCharConversionLimited.ql diff --git a/src/microsoft/Security/Crytpography/HardcodedIVCNG.qhelp b/src/qlpack/src/microsoft/Security/Crytpography/HardcodedIVCNG.qhelp similarity index 100% rename from src/microsoft/Security/Crytpography/HardcodedIVCNG.qhelp rename to src/qlpack/src/microsoft/Security/Crytpography/HardcodedIVCNG.qhelp diff --git a/src/microsoft/Security/Crytpography/HardcodedIVCNG.ql b/src/qlpack/src/microsoft/Security/Crytpography/HardcodedIVCNG.ql similarity index 100% rename from src/microsoft/Security/Crytpography/HardcodedIVCNG.ql rename to src/qlpack/src/microsoft/Security/Crytpography/HardcodedIVCNG.ql diff --git a/src/microsoft/commons/Literals.qll b/src/qlpack/src/microsoft/commons/Literals.qll similarity index 100% rename from src/microsoft/commons/Literals.qll rename to src/qlpack/src/microsoft/commons/Literals.qll diff --git a/src/microsoft/commons/MemoryAllocation.qll b/src/qlpack/src/microsoft/commons/MemoryAllocation.qll similarity index 100% rename from src/microsoft/commons/MemoryAllocation.qll rename to src/qlpack/src/microsoft/commons/MemoryAllocation.qll diff --git a/src/qlpack.yml b/src/qlpack/src/qlpack.yml similarity index 100% rename from src/qlpack.yml rename to src/qlpack/src/qlpack.yml diff --git a/src/windows-driver-suites/mustfix.qls b/src/qlpack/src/windows-driver-suites/mustfix.qls similarity index 100% rename from src/windows-driver-suites/mustfix.qls rename to src/qlpack/src/windows-driver-suites/mustfix.qls diff --git a/src/windows-driver-suites/mustrun.qls b/src/qlpack/src/windows-driver-suites/mustrun.qls similarity index 100% rename from src/windows-driver-suites/mustrun.qls rename to src/qlpack/src/windows-driver-suites/mustrun.qls diff --git a/src/windows-driver-suites/ported_driver_ca_checks.qls b/src/qlpack/src/windows-driver-suites/ported_driver_ca_checks.qls similarity index 100% rename from src/windows-driver-suites/ported_driver_ca_checks.qls rename to src/qlpack/src/windows-driver-suites/ported_driver_ca_checks.qls diff --git a/src/windows-driver-suites/recommended.qls b/src/qlpack/src/windows-driver-suites/recommended.qls similarity index 100% rename from src/windows-driver-suites/recommended.qls rename to src/qlpack/src/windows-driver-suites/recommended.qls diff --git a/src/tools/extensions/CodeQL.VisualStudio/CodeQL.VisualStudio.sln b/src/tools/extensions/CodeQL.VisualStudio/CodeQL.VisualStudio.sln new file mode 100644 index 00000000..fac43749 --- /dev/null +++ b/src/tools/extensions/CodeQL.VisualStudio/CodeQL.VisualStudio.sln @@ -0,0 +1,37 @@ + +Microsoft Visual Studio Solution File, Format Version 12.00 +# Visual Studio Version 17 +VisualStudioVersion = 17.14.36015.10 +MinimumVisualStudioVersion = 10.0.40219.1 +Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "CodeQL.VisualStudio", "CodeQL.VisualStudio\CodeQL.VisualStudio.csproj", "{A89159FF-1F39-4B8B-8F0F-4FD0C748EA99}" +EndProject +Global + GlobalSection(SolutionConfigurationPlatforms) = preSolution + Debug|Any CPU = Debug|Any CPU + Debug|arm64 = Debug|arm64 + Debug|x86 = Debug|x86 + Release|Any CPU = Release|Any CPU + Release|arm64 = Release|arm64 + Release|x86 = Release|x86 + EndGlobalSection + GlobalSection(ProjectConfigurationPlatforms) = postSolution + {A89159FF-1F39-4B8B-8F0F-4FD0C748EA99}.Debug|Any CPU.ActiveCfg = Debug|Any CPU + {A89159FF-1F39-4B8B-8F0F-4FD0C748EA99}.Debug|Any CPU.Build.0 = Debug|Any CPU + {A89159FF-1F39-4B8B-8F0F-4FD0C748EA99}.Debug|arm64.ActiveCfg = Debug|arm64 + {A89159FF-1F39-4B8B-8F0F-4FD0C748EA99}.Debug|arm64.Build.0 = Debug|arm64 + {A89159FF-1F39-4B8B-8F0F-4FD0C748EA99}.Debug|x86.ActiveCfg = Debug|x86 + {A89159FF-1F39-4B8B-8F0F-4FD0C748EA99}.Debug|x86.Build.0 = Debug|x86 + {A89159FF-1F39-4B8B-8F0F-4FD0C748EA99}.Release|Any CPU.ActiveCfg = Release|Any CPU + {A89159FF-1F39-4B8B-8F0F-4FD0C748EA99}.Release|Any CPU.Build.0 = Release|Any CPU + {A89159FF-1F39-4B8B-8F0F-4FD0C748EA99}.Release|arm64.ActiveCfg = Release|arm64 + {A89159FF-1F39-4B8B-8F0F-4FD0C748EA99}.Release|arm64.Build.0 = Release|arm64 + {A89159FF-1F39-4B8B-8F0F-4FD0C748EA99}.Release|x86.ActiveCfg = Release|x86 + {A89159FF-1F39-4B8B-8F0F-4FD0C748EA99}.Release|x86.Build.0 = Release|x86 + EndGlobalSection + GlobalSection(SolutionProperties) = preSolution + HideSolutionNode = FALSE + EndGlobalSection + GlobalSection(ExtensibilityGlobals) = postSolution + SolutionGuid = {B4799894-7787-4965-A9FD-A18C3CD61EB5} + EndGlobalSection +EndGlobal diff --git a/src/tools/extensions/CodeQL.VisualStudio/CodeQL.VisualStudio/App.config b/src/tools/extensions/CodeQL.VisualStudio/CodeQL.VisualStudio/App.config new file mode 100644 index 00000000..ce66bb4f --- /dev/null +++ b/src/tools/extensions/CodeQL.VisualStudio/CodeQL.VisualStudio/App.config @@ -0,0 +1,23 @@ + + + + + + + + + + + + + + + + + + + + + + + diff --git a/src/tools/extensions/CodeQL.VisualStudio/CodeQL.VisualStudio/BuildEvents.cs b/src/tools/extensions/CodeQL.VisualStudio/CodeQL.VisualStudio/BuildEvents.cs new file mode 100644 index 00000000..ae230368 --- /dev/null +++ b/src/tools/extensions/CodeQL.VisualStudio/CodeQL.VisualStudio/BuildEvents.cs @@ -0,0 +1,55 @@ +using Microsoft.CodeQL.Core; +using Microsoft.VisualStudio; +using Microsoft.VisualStudio.Shell; +using Microsoft.VisualStudio.Shell.Interop; +using System; +using System.Collections.Generic; +using System.Linq; +using System.Text; +using System.Threading.Tasks; + +namespace Microsoft.CodeQL +{ + public class MyBuildEventsHandler : IVsUpdateSolutionEvents + { + public int UpdateProjectCfg_Begin(IVsHierarchy pHierarchy, IVsCfg pCfg) + { + return VSConstants.E_NOTIMPL; + } + + public int UpdateSolution_Begin(ref int pfCancelUpdate) + { + return VSConstants.E_NOTIMPL; + } + + public int UpdateSolution_Done(int fSucceeded, int fModified, int fCancelCommand) + { + bool isProjDirty = true; + ThreadHelper.JoinableTaskFactory.Run(async () => isProjDirty = await ProjectHelper.IsProjectDirtyAsync()); + + if (isProjDirty) // update the buildguid if the code changed + { + Guid guid = Guid.NewGuid(); + CodeQLService.Instance.UpdateBuildInfo(guid.ToString()); + } + return VSConstants.S_OK; + } + + public int UpdateSolution_StartUpdate(ref int pfCancelUpdate) + { + return VSConstants.E_NOTIMPL; + } + + public int UpdateSolution_Cancel() + { + return VSConstants.E_NOTIMPL; + } + + public int OnActiveProjectCfgChange(IVsHierarchy pIVsHierarchy) + { + return VSConstants.E_NOTIMPL; + } + + // Implement other methods as needed (can return VSConstants.E_NOTIMPL if unused) + } +} \ No newline at end of file diff --git a/src/tools/extensions/CodeQL.VisualStudio/CodeQL.VisualStudio/CodeQL.VisualStudio.csproj b/src/tools/extensions/CodeQL.VisualStudio/CodeQL.VisualStudio/CodeQL.VisualStudio.csproj new file mode 100644 index 00000000..8d93ad73 --- /dev/null +++ b/src/tools/extensions/CodeQL.VisualStudio/CodeQL.VisualStudio/CodeQL.VisualStudio.csproj @@ -0,0 +1,207 @@ + + + + 17.0 + $(MSBuildExtensionsPath32)\Microsoft\VisualStudio\v$(VisualStudioVersion) + + + + + + Debug + AnyCPU + 2.0 + {82b43b9b-a64c-4715-b499-d71e9ca2bd60};{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC} + {A89159FF-1F39-4B8B-8F0F-4FD0C748EA99} + Library + Properties + CodeQL.VisualStudio + CodeQL.VisualStudio + v4.7.2 + true + true + true + true + true + true + true + Program + $(DevEnvDir)devenv.exe + /rootsuffix Exp + + + true + full + false + bin\Debug\ + DEBUG;TRACE + prompt + 4 + false + + + pdbonly + true + bin\Release\ + TRACE + prompt + 4 + + + + + + + + CodeQLGeneralOptionsControl.xaml + + + Component + + + CodeQLQuerySelectorPage.xaml + + + CodeQLInstallHelper.xaml + + + + + + + + InstallWindow.xaml + + + + + + + True + True + Resources.resx + + + + + + + + + + + + + + + + + + + + + + + 2.23.0 + + + + 17.7.79 + runtime; build; native; contentfiles; analyzers; buildtransitive + all + + + 17.14.40264 + + + 17.14.40264 + + + 17.14.40260 + + + 17.14.40264 + + + 17.14.40264 + + + + 13.0.3 + + + 4.5.4 + + + 3.0.115.5763 + + + + + + + + PublicResXFileCodeGenerator + Designer + Resources1.Designer.cs + + + Designer + + + + + Always + true + + + + + + + + Always + true + + + Menus.ctmenu + + + + + + + + VsixManifestGenerator + + + + + MSBuild:Compile + Designer + + + MSBuild:Compile + Designer + + + MSBuild:Compile + Designer + + + MSBuild:Compile + Designer + + + MSBuild:Compile + Designer + + + + \ No newline at end of file diff --git a/src/tools/extensions/CodeQL.VisualStudio/CodeQL.VisualStudio/CodeQLCommand.cs b/src/tools/extensions/CodeQL.VisualStudio/CodeQL.VisualStudio/CodeQLCommand.cs new file mode 100644 index 00000000..70efbfed --- /dev/null +++ b/src/tools/extensions/CodeQL.VisualStudio/CodeQL.VisualStudio/CodeQLCommand.cs @@ -0,0 +1,334 @@ +// Copyright (c) Microsoft. All rights reserved. +// Licensed under the MIT license. See LICENSE file in the project root for full license information. + +using Microsoft.CodeQL.Controls; +using Microsoft.CodeQL.Options; +using Microsoft.CodeQL.Views; +using Microsoft.Sarif.Viewer.Interop; +using Microsoft.VisualStudio.Shell; +using Microsoft.VisualStudio.Shell.Interop; +using Microsoft.VisualStudio.Threading; +using System; +using System.Collections; +using System.Collections.Generic; +using System.ComponentModel.Design; +using System.Diagnostics; +using System.Linq; +using System.Linq.Expressions; +using System.Reflection.Metadata; +using System.Runtime.InteropServices; +using System.Security.Policy; +using System.Threading.Tasks; +using System.Windows; + + +namespace Microsoft.CodeQL.Core +{ + internal class CodeQLCommand + { + /// + /// Command ID for CodeQL analyze. + /// + public const int CodeQLAnalyzeCommandId = 0x0100; + + /// + /// Command ID for CodeQL kill process. + /// + public const int CodeQLStopCommandId = 0x0110; + + /// + /// Command ID for CodeQL load queries. + /// + public const int CodeQLLoadQueriesCommandId = 0x0111; + + /// + /// Command ID for CodeQL install packs. + /// + public const int CodeQLInstallerCommandID = 0x0112; + + /// + /// Command ID for CodeQL database create. + /// + public const int CodeQLDatabaseCommandId = 0x133; + + /// + /// Command ID for CodeQL combo box. + /// + public const int CodeQLComboId = 0x155; + + /// + /// Command ID for CodeQL combo box get list. + /// + public const int ComboGetListId = 0x156; + + /// + /// Command menu group (command set GUID). + /// + public static readonly Guid CommandSet = new Guid("D62F3B56-93CF-4AC2-BCD7-ABDE6EF7FE25"); + + /// + /// VS Package that provides this command, not null. + /// + private readonly Package package; + + /// + /// Initializes a new instance of the class. + /// Adds our command handlers for menu (commands must exist in the command table file). + /// + /// Owner package, not null. + private CodeQLCommand(Package package) + { + this.package = package ?? throw new ArgumentNullException(nameof(package)); + + var commandService = this.ServiceProvider.GetService(typeof(IMenuCommandService)) as OleMenuCommandService; + if (commandService != null) + { + var oleCommand = new OleMenuCommand( + this.MenuItemCallback, + new CommandID(CommandSet, CodeQLAnalyzeCommandId)); + commandService.AddCommand(oleCommand); + + oleCommand = new OleMenuCommand( + this.MenuItemCallback, + new CommandID(CommandSet, CodeQLStopCommandId)); + commandService.AddCommand(oleCommand); + + oleCommand = new OleMenuCommand( + this.MenuItemCallback, + new CommandID(CommandSet, CodeQLLoadQueriesCommandId)); + commandService.AddCommand(oleCommand); + + oleCommand = new OleMenuCommand( + this.MenuItemCallback, + new CommandID(CommandSet, CodeQLInstallerCommandID)); + commandService.AddCommand(oleCommand); + + } + CodeQLService.CodeQLUpdateExePath(); + } + + /// + /// Gets the instance of the command. + /// + public static CodeQLCommand Instance + { + get; + private set; + } + + /// + /// Gets the service provider from the owner package. + /// + private IServiceProvider ServiceProvider => this.package; + + /// + /// Initializes the singleton instance of the command. + /// + /// Owner package, not null. + public static void Initialize(Package package) + { + Instance = new CodeQLCommand(package); + } + + private void MenuItemCallback(object sender, EventArgs e) + { + if (!CodeQLService.CodeQLIsInstalled()) + { + CodeQLInstallHelper codeQLInstallHelper = new CodeQLInstallHelper(); + codeQLInstallHelper.ShowDialog(); + } + + this.MenuItemCallbackAsync(sender, e).FileAndForget("Microsoft/SARIF/Viewer/CodeQL/Failed"); // FIXME + } + + /// + /// This function is the callback used to execute the command when the menu item is clicked. + /// See the constructor to see how the menu item is associated with this function using + /// OleMenuCommandService service and MenuCommand class. + /// + /// Event sender. + /// Event args. + private async System.Threading.Tasks.Task MenuItemCallbackAsync(object sender, EventArgs e) + { + + await ThreadHelper.JoinableTaskFactory.SwitchToMainThreadAsync(); + + var menuCommand = (OleMenuCommand)sender; + switch (menuCommand.CommandID.ID) + { + case CodeQLInstallerCommandID: + CodeQLInstallHelper codeQLInstallHelper = new CodeQLInstallHelper(); + codeQLInstallHelper.ShowDialog(); + break; + case CodeQLAnalyzeCommandId: + bool dbSuccessful = false; + + if (CodeQLService.Instance.IsCodeQLTaskRunning()) + { + throw new Exception("CodeQL already running"); // FIXME + } + if (string.IsNullOrEmpty(CodeQLService.Instance.SelectedQuery)) + { + CodeqlRefreshAvailableQueries(); + } + CodeQLService.Instance.InitTask(); + + Trace.WriteLine("Creating CodeQL database"); + try + { + dbSuccessful = await CodeQLService.Instance.GenerateCodeQLDatabaseAsync(); + } + catch (Exception ex) + { + CodeQLService.Instance.ClearTask(); + MessageBox.Show(ex.GetType().ToString()); + VsShellUtilities.ShowMessageBox(Microsoft.VisualStudio.Shell.ServiceProvider.GlobalProvider, + $"CodeQL database create failed. " + ex.Message + " See output for details.", + null, // title + OLEMSGICON.OLEMSGICON_CRITICAL, + OLEMSGBUTTON.OLEMSGBUTTON_OK, + OLEMSGDEFBUTTON.OLEMSGDEFBUTTON_FIRST); + } + + if (dbSuccessful + && CodeQLService.Instance.IsCodeQLTaskCompleted()) + { + CodeQLService.Instance.InitTask(); // init again since starting a new CodeQL process + Trace.WriteLine($"Starting CodeQL analysis using {CodeQLService.Instance.SelectedQuery}"); + try + { + var sarifResults = await CodeQLService.Instance.RunCodeQLQueryAsync(CodeQLService.Instance.SelectedQuery.Trim()); + var VsShell = Package.GetGlobalService(typeof(SVsShell)) as IVsShell; + + SarifViewerInterop sarifViewer = new SarifViewerInterop(Package.GetGlobalService(typeof(SVsShell)) as IVsShell); + Guid extensionGuid = SarifViewerInterop.ViewerExtensionGuid; + + int status = VsShell.IsPackageInstalled(ref extensionGuid, out int installed); + if (installed == 1) + { + if (!sarifViewer.IsViewerExtensionLoaded) + { + sarifViewer.LoadSariferExtension(); + } + await sarifViewer.OpenSarifLogAsync(sarifResults); + } + else + { + //TODO + //if (CodeQLGeneralOptions.Instance.AutomaticallyOpenResults) { } + Microsoft.VisualStudio.Shell.VsShellUtilities.OpenDocument(this.ServiceProvider, sarifResults); + } + + } + catch (Exception ex) + { + CodeQLService.Instance.ClearTask(); + VsShellUtilities.ShowMessageBox(Microsoft.VisualStudio.Shell.ServiceProvider.GlobalProvider, + $"CodeQL analysis failed with message: " + ex.Message, + null, // title + OLEMSGICON.OLEMSGICON_CRITICAL, + OLEMSGBUTTON.OLEMSGBUTTON_OK, + OLEMSGDEFBUTTON.OLEMSGDEFBUTTON_FIRST); + } + } + CodeQLService.Instance.ClearTask(); + + break; + case CodeQLStopCommandId: + CodeQLService.Instance.CancelIfRunningAsync().FileAndForget("Codeql.CancelIfRunning"); + break; + case CodeQLDatabaseCommandId: + try + { + if (!CodeQLService.Instance.IsCodeQLTaskCompleted()) + { + throw new Exception("CodeQL already running"); // FIXME + } + + CodeQLService.Instance.InitTask(); + _ = await CodeQLService.Instance.GenerateCodeQLDatabaseAsync(); + CodeQLService.Instance.ClearTask(); + } + catch (Exception ex) + { + CodeQLService.Instance.ClearTask(); + throw new Exception(ex.ToString()); // FIXME + } + + break; + case CodeQLLoadQueriesCommandId: + + CodeqlRefreshAvailableQueries(); + break; + case CodeQLComboId: + break; + case ComboGetListId: + break; + default: + break; + } + } + + public void CodeqlRefreshAvailableQueries() + { + CodeQLQuerySelectorPage codeQLQueryPackSelector = new CodeQLQuerySelectorPage(); + codeQLQueryPackSelector.ShowDialog(); + } + + private static InfoBar noCodeQLInfoBar = null; + + public static async System.Threading.Tasks.Task CheckForCodeQLAsync() + { + if (!CodeQLService.CodeQLIsInstalled() ) + { + if(noCodeQLInfoBar == null) + { + noCodeQLInfoBar = new InfoBar( + content: new[] + { + new InfoBarTextSpan("CodeQL not installed. "), + new InfoBarButton("Click Here To Install CodeQL"), + }, + (actionItem) => + { + CodeQLInstallHelper codeQLInstallHelper = new CodeQLInstallHelper(); + bool? success = codeQLInstallHelper.ShowDialog(); + if (success == true) + { + ThreadHelper.JoinableTaskFactory.Run(async () => { await noCodeQLInfoBar.CloseAsync(); noCodeQLInfoBar = null; }); + } + }, + null, + default); + } + } + else if ((await CodeQLService.Instance.FindAvailableQueriesAsync()).Count == 0 ) + { + if (noCodeQLInfoBar == null) + { + noCodeQLInfoBar = new InfoBar( + content: new[] + { + new InfoBarTextSpan("No CodeQL Packs Found. "), + new InfoBarButton("Click Here To Install CodeQL Packs"), + }, + (actionItem) => + { + CodeQLInstallHelper codeQLInstallHelper = new CodeQLInstallHelper(); + bool? success = codeQLInstallHelper.ShowDialog(); + if (success == true) + { + ThreadHelper.JoinableTaskFactory.Run(async () => { await noCodeQLInfoBar.CloseAsync(); noCodeQLInfoBar = null; }); + } + }, + null, + default); + } + } + if (noCodeQLInfoBar != null) + { + await noCodeQLInfoBar.ShowAsync(); + } + } + } +} diff --git a/src/tools/extensions/CodeQL.VisualStudio/CodeQL.VisualStudio/CodeQLExceptions.cs b/src/tools/extensions/CodeQL.VisualStudio/CodeQL.VisualStudio/CodeQLExceptions.cs new file mode 100644 index 00000000..07481068 --- /dev/null +++ b/src/tools/extensions/CodeQL.VisualStudio/CodeQL.VisualStudio/CodeQLExceptions.cs @@ -0,0 +1,95 @@ +// Copyright (c) Microsoft. All rights reserved. +// Licensed under the MIT license. See LICENSE file in the project root for full license information. + +using System; + +namespace Microsoft.VisualStudio.CodeAnalysis.CodeQL.Exceptions +{ + + public class CodeQLAlreadyRunningException : Exception + { + public CodeQLAlreadyRunningException() + { + } + + public CodeQLAlreadyRunningException(string message) + : base(message) + { + } + + public CodeQLAlreadyRunningException(string message, Exception inner) + : base(message, inner) + { + } + } + public class DatabaseNotFinalizedException : Exception + { + public DatabaseNotFinalizedException() + { + } + + public DatabaseNotFinalizedException(string message) + : base(message) + { + } + + public DatabaseNotFinalizedException(string message, Exception inner) + : base(message, inner) + { + } + } + public class CodeQLPacksNotFoundException : Exception + { + public CodeQLPacksNotFoundException() + { + } + + public CodeQLPacksNotFoundException(string message) + : base(message) + { + } + + public CodeQLPacksNotFoundException(string message, Exception inner) + : base(message, inner) + { + } + } + public class CodeQLExeNotFoundException : Exception + { + public CodeQLExeNotFoundException() + { + } + + public CodeQLExeNotFoundException(string message) + : base(message) + { + } + + public CodeQLExeNotFoundException(string message, Exception inner) + : base(message, inner) + { + } + } + public class CodeQLException : Exception + { + public CodeQLException() + { + } + + public CodeQLException(string message) + : base(message) + { + } + + public CodeQLException(string message, Exception inner) + : base(message, inner) + { + } + } + + public class CodeQLExceptionHandler + { + + + } +} diff --git a/src/tools/extensions/CodeQL.VisualStudio/CodeQL.VisualStudio/CodeQLGeneralOptions.cs b/src/tools/extensions/CodeQL.VisualStudio/CodeQL.VisualStudio/CodeQLGeneralOptions.cs new file mode 100644 index 00000000..1f266760 --- /dev/null +++ b/src/tools/extensions/CodeQL.VisualStudio/CodeQL.VisualStudio/CodeQLGeneralOptions.cs @@ -0,0 +1,78 @@ +// Copyright (c) Microsoft. All rights reserved. +// Licensed under the MIT license. See LICENSE file in the project root for full license information. + +using System; +using System.Collections.Generic; +using System.Windows.Controls; + +using Microsoft.VisualStudio.Shell; + +namespace Microsoft.CodeQL.Options +{ + internal class CodeQLGeneralOptions : ICodeQLGeneralOptions + { + private readonly string cliPathDefaultValue = "C:/codeql-home/codeql/"; + private readonly string additionalQueryLocationsDefaultValue = ""; + private readonly string memoryUsageDefaultValue = ""; + private readonly string threadsDefaultValue = "1"; + private readonly string customBuildCommandDefaultValue = ""; + private readonly AsyncPackage package; + + private readonly CodeQLGeneralOptionsPage optionPage; + + + /// + /// Initializes a new instance of the class. + /// Get visual studio option values. + /// + /// Owner package, not null. + private CodeQLGeneralOptions(AsyncPackage package) + { + this.package = package ?? throw new ArgumentNullException(nameof(package)); + this.optionPage = (CodeQLGeneralOptionsPage)this.package.GetDialogPage(typeof(CodeQLGeneralOptionsPage)); + } + + private CodeQLGeneralOptions() { } + public string CliPath => this.optionPage?.CliPathOption ?? cliPathDefaultValue; + public string AdditionalQueryLocations => this.optionPage?.QueryLocationsOption ?? additionalQueryLocationsDefaultValue; + public string MemoryUsage => this.optionPage?.MemoryOption ?? memoryUsageDefaultValue; + public string Threads => this.optionPage?.ThreadsOption ?? threadsDefaultValue; + public string CustomBuildCommand => this.optionPage?.BuildCmdOption ?? customBuildCommandDefaultValue; + + + public readonly Dictionary OptionStates; + + /// + /// Gets the instance of the command. + /// + public static CodeQLGeneralOptions Instance { get; private set; } + + /// + /// Initializes the singleton instance of the class. + /// + /// Owner package, not null. + /// A representing the asynchronous operation. + public static async System.Threading.Tasks.Task InitializeAsync(AsyncPackage package) + { + // Switch to the main thread + await ThreadHelper.JoinableTaskFactory.SwitchToMainThreadAsync(package.DisposalToken); + + Instance = new CodeQLGeneralOptions(package); + } + + public static void InitializeForUnitTests() + { + Instance = new CodeQLGeneralOptions(); + } + + public bool IsOptionEnabled(string optionName) + { + if (this.OptionStates.TryGetValue(optionName, out bool state)) + { + return state; + } + + return false; + } + } +} diff --git a/src/tools/extensions/CodeQL.VisualStudio/CodeQL.VisualStudio/CodeQLGeneralOptionsControl.xaml b/src/tools/extensions/CodeQL.VisualStudio/CodeQL.VisualStudio/CodeQLGeneralOptionsControl.xaml new file mode 100644 index 00000000..500dfaf3 --- /dev/null +++ b/src/tools/extensions/CodeQL.VisualStudio/CodeQL.VisualStudio/CodeQLGeneralOptionsControl.xaml @@ -0,0 +1,91 @@ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + diff --git a/src/tools/extensions/CodeQL.VisualStudio/CodeQL.VisualStudio/CodeQLGeneralOptionsControl.xaml.cs b/src/tools/extensions/CodeQL.VisualStudio/CodeQL.VisualStudio/CodeQLGeneralOptionsControl.xaml.cs new file mode 100644 index 00000000..2d421334 --- /dev/null +++ b/src/tools/extensions/CodeQL.VisualStudio/CodeQL.VisualStudio/CodeQLGeneralOptionsControl.xaml.cs @@ -0,0 +1,26 @@ +// Copyright (c) Microsoft. All rights reserved. +// Licensed under the MIT license. See LICENSE file in the project root for full license information. + +using System; +using System.Windows.Controls; + +namespace Microsoft.CodeQL.Options +{ + /// + /// Interaction logic for SarifGeneralOptionsControl.xaml. + /// + public partial class CodeQLGeneralOptionsControl : UserControl + { + /// + /// A handle to the options page instance that this control is bound to. + /// + private readonly CodeQLGeneralOptionsPage generalOptionsPage; + + public CodeQLGeneralOptionsControl(CodeQLGeneralOptionsPage page) + { + InitializeComponent(); + generalOptionsPage = page; + this.DataContext = generalOptionsPage; + } + } +} diff --git a/src/tools/extensions/CodeQL.VisualStudio/CodeQL.VisualStudio/CodeQLGeneralOptionsPage.cs b/src/tools/extensions/CodeQL.VisualStudio/CodeQL.VisualStudio/CodeQLGeneralOptionsPage.cs new file mode 100644 index 00000000..ff02ef34 --- /dev/null +++ b/src/tools/extensions/CodeQL.VisualStudio/CodeQL.VisualStudio/CodeQLGeneralOptionsPage.cs @@ -0,0 +1,67 @@ +// Copyright (c) Microsoft. All rights reserved. +// Licensed under the MIT license. See LICENSE file in the project root for full license information. + +using System; +using System.ComponentModel; +using System.Runtime.InteropServices; +using System.Windows; + +using Microsoft.VisualStudio.Shell; + +namespace Microsoft.CodeQL.Options +{ + [ComVisible(true)] + public class CodeQLGeneralOptionsPage : UIElementDialogPage + { + private readonly Lazy _codeqlViewerOptionsControl; + + public CodeQLGeneralOptionsPage() + { + _codeqlViewerOptionsControl = new Lazy(() => new CodeQLGeneralOptionsControl(this)); + } + + public string CliPathOption { get; set; } = ""; + public string QueryLocationsOption { get; set; } = ""; + public string MemoryOption { get; set; } = ""; + public string ThreadsOption { get; set; } = "1"; + public string BuildCmdOption { get; set; } = ""; + + /// + /// Gets the Windows Presentation Foundation (WPF) child element to be hosted inside the Options dialog page. + /// + /// The WPF child element. + protected override UIElement Child + { + get + { + return _codeqlViewerOptionsControl.Value; + } + } + + /// + /// This occurs when the User selecting 'Ok' and right before the dialog page UI closes entirely. + /// This override handles the case when the user types inside an editable combobox and + /// immediately hits enter causing the window to close without firing the combobox LostFocus event. + /// + /// Event arguments. + protected override void OnApply(PageApplyEventArgs e) + { + base.OnApply(e); // Saves the user's changes. + } + + /// + /// This page is called when VS wants to activate this page. + /// ie. when the user opens the tools options page. + /// + /// Cancellation event arguments. + protected override void OnActivate(CancelEventArgs e) + { + // The UI caches the settings even though the tools options page is closed. + // This load call ensures we display data that was saved. This is to handle + // the case when the user hits the cancel button and reloads the page. + LoadSettingsFromStorage(); + + base.OnActivate(e); + } + } +} diff --git a/src/tools/extensions/CodeQL.VisualStudio/CodeQL.VisualStudio/CodeQLInstallHelper.xaml b/src/tools/extensions/CodeQL.VisualStudio/CodeQL.VisualStudio/CodeQLInstallHelper.xaml new file mode 100644 index 00000000..8733b252 --- /dev/null +++ b/src/tools/extensions/CodeQL.VisualStudio/CodeQL.VisualStudio/CodeQLInstallHelper.xaml @@ -0,0 +1,87 @@ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + diff --git a/src/tools/extensions/CodeQL.VisualStudio/CodeQL.VisualStudio/CodeQLQuerySelectorPage.xaml b/src/tools/extensions/CodeQL.VisualStudio/CodeQL.VisualStudio/CodeQLQuerySelectorPage.xaml new file mode 100644 index 00000000..abf5b178 --- /dev/null +++ b/src/tools/extensions/CodeQL.VisualStudio/CodeQL.VisualStudio/CodeQLQuerySelectorPage.xaml @@ -0,0 +1,25 @@ + + + + + + + + +