Hello,
Thanks for sharing your project.
While building your code from commit 0d82265 static analyser I use picked up several potential issues. So I decided to report them.
Release/x64
irpmonconsole/main.cpp
A different number of actual arguments is expected while calling 'printf' function. Expected: 2. Present: 3. main.cpp 770
printf("ERROR: Unable to unhook the 0x%p driver\n", *it, err);
kmshared/utils.c _GetDriversInDirectory
The 'TmpDriverArray' pointer was utilized before it was verified against nullptr. Check lines: 243, 245. utils.c 243
RtlCopyMemory(Tmp, TmpDriverArray, TmpDriverCount * sizeof(PDRIVER_OBJECT));
where TmpDriverArray declared as
PDRIVER_OBJECT *TmpDriverArray = NULL;
and never assigned before use in IF branch.
kmshared/utils.c _GetLowerUpperDevices
same issue as above
kmshared/utils.c _GetDeviceAddress
Status variable assigned twice successively. Perhaps it is a mistake.
libregman/key-reg.c KeyRecordOnQuery
The 'keyInfo' pointer was utilized before it was verified against nullptr. Check lines: 621, 628. key-record.c 621
This one is tricky, I'm not sure if this can occur because it need more conditions.
keyInfo can be NULL if status >= 0 and Info->Length == 0 plus following ZwQueryKey fail with appreciate status code. Perhaps you could move keyInfo null validation code out of IF statement at line 578.
libtranslate/libtranslate-hash.table.c
HashTableLockShared & HashTableLockExclusive identical routines with different names
HashTableUnlockShared & HashTableUnlockExclusive identical routines with different names