Merge pull request #994 from geoffw0/msalloc

CPP: Add lots more allocation functions to Alloc.qll
2026-04-29 18:55:14 +02:00 · 2019-02-26 11:59:45 -08:00
parent 5c2804d3ac c637bc5fcc
commit 84c7f195d6
2 changed files with 43 additions and 2 deletions
--- a/cpp/ql/src/semmle/code/cpp/commons/Alloc.qll
+++ b/cpp/ql/src/semmle/code/cpp/commons/Alloc.qll
@@ -15,7 +15,31 @@ predicate allocationFunction(Function f)
      name = "wcsdup" or
      name = "_strdup" or
      name = "_wcsdup" or
-      name = "_mbsdup"
+      name = "_mbsdup" or
+      name = "ExAllocatePool" or
+      name = "ExAllocatePoolWithTag" or
+      name = "ExAllocatePoolWithTagPriority" or
+      name = "ExAllocatePoolWithQuota" or
+      name = "ExAllocatePoolWithQuotaTag" or
+      name = "ExAllocateFromLookasideListEx" or
+      name = "ExAllocateFromPagedLookasideList" or
+      name = "ExAllocateFromNPagedLookasideList" or
+      name = "ExAllocateTimer" or
+      name = "IoAllocateMdl" or
+      name = "IoAllocateWorkItem" or
+      name = "IoAllocateErrorLogEntry" or
+      name = "MmAllocateContiguousMemory" or
+      name = "MmAllocateContiguousNodeMemory" or
+      name = "MmAllocateContiguousMemorySpecifyCache" or
+      name = "MmAllocateContiguousMemorySpecifyCacheNode" or
+      name = "MmAllocateNonCachedMemory" or
+      name = "MmAllocateMappingAddress" or
+      name = "MmAllocatePagesForMdl" or
+      name = "MmAllocatePagesForMdlEx" or
+      name = "MmAllocateNodePagesForMdlEx" or
+      name = "MmMapLockedPagesWithReservedMapping" or
+      name = "MmMapLockedPages" or
+      name = "MmMapLockedPagesSpecifyCache"
    )
  )
 }
@@ -42,7 +66,22 @@ predicate freeFunction(Function f, int argNum)
    f.hasQualifiedName(name) and
    (
      (name = "free" and argNum = 0) or
-      (name = "realloc" and argNum = 0)
+      (name = "realloc" and argNum = 0) or
+      (name = "ExFreePoolWithTag" and argNum = 0) or
+      (name = "ExFreeToLookasideListEx" and argNum = 1) or
+      (name = "ExFreeToPagedLookasideList" and argNum = 1) or
+      (name = "ExFreeToNPagedLookasideList" and argNum = 1) or
+      (name = "ExDeleteTimer" and argNum = 0) or
+      (name = "IoFreeMdl" and argNum = 0) or
+      (name = "IoFreeWorkItem" and argNum = 0) or
+      (name = "IoFreeErrorLogEntry" and argNum = 0) or
+      (name = "MmFreeContiguousMemory" and argNum = 0) or
+      (name = "MmFreeContiguousMemorySpecifyCache" and argNum = 0) or
+      (name = "MmFreeNonCachedMemory" and argNum = 0) or
+      (name = "MmFreeMappingAddress" and argNum = 0) or
+      (name = "MmFreePagesFromMdl" and argNum = 0) or
+      (name = "MmUnmapReservedMapping" and argNum = 0) or
+      (name = "MmUnmapLockedPages" and argNum = 0)
    )
  )
 }