C++: Add some more Windows specific memory copy models#20115
Merged
MathiasVP merged 3 commits intogithub:mainfrom Jul 23, 2025
Merged
C++: Add some more Windows specific memory copy models#20115MathiasVP merged 3 commits intogithub:mainfrom
MathiasVP merged 3 commits intogithub:mainfrom
Conversation
Contributor
There was a problem hiding this comment.
Pull Request Overview
This PR adds Windows-specific memory copy function models to improve dataflow analysis for Windows driver development. The changes extend support for additional memory copy operations found in the Windows Driver Model (WDM) headers.
- Adds external models for 8 new Windows memory functions (RtlCopy*, RtlMove*, RtlInitUnicodeString)
- Includes comprehensive test coverage with dataflow verification for all new functions
- Updates expected test results to reflect the new models
Reviewed Changes
Copilot reviewed 4 out of 4 changed files in this pull request and generated 1 comment.
| File | Description |
|---|---|
| windows.cpp | Adds function declarations and comprehensive tests for new Windows memory copy functions |
| Windows.model.yml | Defines dataflow models for RtlCopy*, RtlMove*, and RtlInitUnicodeString functions |
| validatemodels.expected | Updates expected validation results for new model specifications |
| flow.expected | Updates expected dataflow analysis results with new function models |
Comments suppressed due to low confidence (2)
cpp/ql/test/library-tests/dataflow/external-models/windows.cpp:496
- The parameter uses SIZE_T type but it's not defined. Consider using the already defined size_t type for consistency with other functions, or add a typedef for SIZE_T.
SIZE_T Length
cpp/ql/test/library-tests/dataflow/external-models/windows.cpp:532
- The NTSTATUS type is used but not defined. Consider adding a typedef for NTSTATUS or using a defined type.
NTSTATUS WdmlibRtlInitUnicodeStringEx(
MathiasVP
force-pushed
the
add-more-windows-memcpy-functions
branch
from
4c4090e to
cbe5561
Compare
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
A few more
memcpylike things found in thewdm.hheader for Windows driver development.