[CFB::Driver] Fix null input data bug (#30)

* restored old behavior for data capture * fix str <-> wstr issue in utils * added screenshot to readme
hugsy · Mar 26, 2024 · 42b7a92 · 42b7a92
1 parent 792252f
commit 42b7a92
Show file tree

Hide file tree

Showing 7 changed files with 189 additions and 181 deletions.
diff --git a/Broker/Source/Connectors/JsonQueue.cpp b/Broker/Source/Connectors/JsonQueue.cpp
@@ -24,19 +24,20 @@ JsonQueue::Name() const
 Result<u32>
 JsonQueue::IrpCallback(CFB::Comms::CapturedIrp const& Irp)
 {
+    std::scoped_lock(m_Lock);
     m_Queue.push(std::make_unique<CFB::Comms::CapturedIrp>(Irp));
     return Ok(0);
 }
 
 std::unique_ptr<CFB::Comms::CapturedIrp>
 JsonQueue::Pop()
 {
+    std::scoped_lock(m_Lock);
     if ( m_Queue.empty() )
     {
         return nullptr;
     }
 
-    std::scoped_lock(m_Lock);
     auto Irp = std::move(m_Queue.front());
     m_Queue.pop();
 

diff --git a/Broker/Source/DriverManager.cpp b/Broker/Source/DriverManager.cpp
@@ -304,15 +304,15 @@ DriverManager::ExecuteCommand(json const& Request)
         break;
     }
 
-    if ( RequestId != CFB::Comms::RequestId::GetPendingIrp )
+    // if ( RequestId != CFB::Comms::RequestId::GetPendingIrp )
     {
         info(
             "Request[%llu] %s => %s",
             m_RequestNumber,
             CFB::Utils::ToString(RequestId).c_str(),
             boolstr(Response["success"]));
 
-        dbg("Request[%llu] => %s", m_RequestNumber, Response.dump().c_str());
+        info("Request[%llu] => %s", m_RequestNumber, Response.dump().c_str());
     }
 
     return Ok(Response);

diff --git a/Common/Source/Utils.cpp b/Common/Source/Utils.cpp
@@ -173,40 +173,40 @@ IrqlToString(u32 type)
 #ifdef CFB_KERNEL_DRIVER
 #else
 std::string
-ToString(std::wstring const& WideString)
+ToString(std::wstring const& wide_string)
 {
-    // auto converter = std::wstring_convert<std::codecvt_utf8<wchar_t> >();
-    // return converter.to_bytes(input);
+    int size_needed =
+        ::WideCharToMultiByte(CP_UTF8, 0, wide_string.data(), (int)wide_string.size(), nullptr, 0, nullptr, nullptr);
 
-    // HACK improve
-    std::string s;
-    std::for_each(
-        WideString.cbegin(),
-        WideString.cend(),
-        [&s](auto c)
-        {
-            s += (char)c;
-        });
-    return s;
+    std::string str(size_needed, 0);
+
+    if ( 0 == ::WideCharToMultiByte(
+                  CP_UTF8,
+                  0,
+                  wide_string.data(),
+                  (int)wide_string.size(),
+                  str.data(),
+                  (int)str.size(),
+                  nullptr,
+                  nullptr) )
+    {
+        str.clear();
+    }
+    return str;
 }
 
 std::wstring
-ToWideString(std::string const& String)
+ToWideString(std::string const& str)
 {
-    // auto converter = std::wstring_convert<std::codecvt_utf8<wchar_t> >();
-    // return converter.from_bytes(input);
+    int size_needed = ::MultiByteToWideChar(CP_UTF8, 0, str.data(), (int)str.size(), nullptr, 0);
 
-    // HACK improve
+    std::wstring wstr(size_needed, 0);
 
-    std::wstring s;
-    std::for_each(
-        String.cbegin(),
-        String.cend(),
-        [&s](auto c)
-        {
-            s += (wchar_t)c;
-        });
-    return s;
+    if ( 0 == ::MultiByteToWideChar(CP_UTF8, 0, str.data(), (int)str.size(), wstr.data(), (int)wstr.size()) )
+    {
+        wstr.clear();
+    }
+    return wstr;
 }
 
 std::string

diff --git a/Driver/Headers/Context.hpp b/Driver/Headers/Context.hpp
@@ -1,96 +1,96 @@
-#pragma once
-
-// clang-format off
-#include "Common.hpp"
-#include "DriverUtils.hpp"
-#include "Log.hpp"
-
-#include "CapturedIrpManager.hpp"
-#include "HookedDriverManager.hpp"
-// clang-format on
-
-
-#define CFB_MAX_HEXDUMP_BYTE 128
-
-namespace Driver = CFB::Driver;
-namespace Utils  = CFB::Driver::Utils;
-
-struct GlobalContext
-{
-    ///
-    /// @brief Any critical read/write operation to the global context structure must acquire this lock.
-    ///
-    Utils::KQueuedSpinLock ContextLock;
-
-    ///
-    /// @brief A pointer to the device object
-    ///
-    PDRIVER_OBJECT DriverObject;
-
-    ///
-    /// @brief A pointer to the device object
-    ///
-    PDEVICE_OBJECT DeviceObject;
-
-    ///
-    /// @brief A pointer to the EPROCESS of the broker. Not more than one handle to the
-    /// device is allowed.
-    ///
-    PEPROCESS Owner;
-
-    ///
-    /// @brief Incremental session ID number.
-    ///
-    ULONG SessionId;
-
-    ///
-    /// @brief Manages the hooked drivers
-    ///
-    Driver::HookedDriverManager DriverManager;
-
-    ///
-    /// @brief Where all the intercepted IRPs are stored
-    ///
-    Driver::CapturedIrpManager IrpManager;
-
-
-    GlobalContext() : DriverObject {nullptr}, DeviceObject {nullptr}, Owner {nullptr}, ContextLock {}, SessionId(-1)
-    {
-        dbg("Creating GlobalContext");
-    }
-
-
-    ~GlobalContext()
-    {
-        dbg("Destroying GlobalContext");
-        DriverObject = nullptr;
-        DeviceObject = nullptr;
-        Owner        = nullptr;
-    }
-
-    static void*
-    operator new(usize sz)
-    {
-        void* Memory = ::ExAllocatePoolWithTag(NonPagedPoolNx, sz, CFB_DEVICE_TAG);
-        if ( Memory )
-        {
-            dbg("Allocated GlobalContext at %p", Memory);
-            ::RtlSecureZeroMemory(Memory, sz);
-        }
-        return Memory;
-    }
-
-    static void
-    operator delete(void* m)
-    {
-        dbg("Deallocating GlobalContext");
-        ::ExFreePoolWithTag(m, CFB_DEVICE_TAG);
-        m = nullptr;
-        return;
-    }
-};
-
-///
-/// @brief Reference to the global driver context.
-///
-extern struct GlobalContext* Globals;
+#pragma once
+
+// clang-format off
+#include "Common.hpp"
+#include "DriverUtils.hpp"
+#include "Log.hpp"
+
+#include "CapturedIrpManager.hpp"
+#include "HookedDriverManager.hpp"
+// clang-format on
+
+
+#define CFB_MAX_HEXDUMP_BYTE 64
+
+namespace Driver = CFB::Driver;
+namespace Utils  = CFB::Driver::Utils;
+
+struct GlobalContext
+{
+    ///
+    /// @brief Any critical read/write operation to the global context structure must acquire this lock.
+    ///
+    Utils::KQueuedSpinLock ContextLock;
+
+    ///
+    /// @brief A pointer to the device object
+    ///
+    PDRIVER_OBJECT DriverObject;
+
+    ///
+    /// @brief A pointer to the device object
+    ///
+    PDEVICE_OBJECT DeviceObject;
+
+    ///
+    /// @brief A pointer to the EPROCESS of the broker. Not more than one handle to the
+    /// device is allowed.
+    ///
+    PEPROCESS Owner;
+
+    ///
+    /// @brief Incremental session ID number.
+    ///
+    ULONG SessionId;
+
+    ///
+    /// @brief Manages the hooked drivers
+    ///
+    Driver::HookedDriverManager DriverManager;
+
+    ///
+    /// @brief Where all the intercepted IRPs are stored
+    ///
+    Driver::CapturedIrpManager IrpManager;
+
+
+    GlobalContext() : DriverObject {nullptr}, DeviceObject {nullptr}, Owner {nullptr}, ContextLock {}, SessionId(-1)
+    {
+        dbg("Creating GlobalContext");
+    }
+
+
+    ~GlobalContext()
+    {
+        dbg("Destroying GlobalContext");
+        DriverObject = nullptr;
+        DeviceObject = nullptr;
+        Owner        = nullptr;
+    }
+
+    static void*
+    operator new(usize sz)
+    {
+        void* Memory = ::ExAllocatePoolWithTag(NonPagedPoolNx, sz, CFB_DEVICE_TAG);
+        if ( Memory )
+        {
+            dbg("Allocated GlobalContext at %p", Memory);
+            ::RtlSecureZeroMemory(Memory, sz);
+        }
+        return Memory;
+    }
+
+    static void
+    operator delete(void* m)
+    {
+        dbg("Deallocating GlobalContext");
+        ::ExFreePoolWithTag(m, CFB_DEVICE_TAG);
+        m = nullptr;
+        return;
+    }
+};
+
+///
+/// @brief Reference to the global driver context.
+///
+extern struct GlobalContext* Globals;