Skip to content

Commit

Permalink
critical: fixed memory leak from spamming toggle
Browse files Browse the repository at this point in the history
  • Loading branch information
@stowmyy
stowmyy committed Oct 24, 2023
1 parent 53cc3d9 commit 739d177
Show file tree
Hide file tree
Showing 2 changed files with 1,680 additions and 77 deletions.
170 changes: 93 additions & 77 deletions dropship/src/_WindowsFirewallUtil.h
View file
Original file line number Diff line number Diff line change
Expand Up @@ -1244,119 +1244,135 @@ class _WindowsFirewallUtil : public failable
return this->refetchNetworkStatus();
}

// TODO use _com_ptr_t?
// https://stackoverflow.com/a/60792713
// memory leaks

// NOTE - don't use the microsoft examples any more from the official site. they have memory leaks. ugh.
void syncFirewallEndpointState(std::vector<Endpoint>* endpoints, bool endpointDominant)
{
HRESULT hr;

HRESULT hr = S_OK;
// Retrieve INetFwPolicy2
/*CComPtr<INetFwPolicy2> pNetFwPolicy2;
hr = pNetFwPolicy2.CoCreateInstance(__uuidof(NetFwPolicy2));
if (FAILED(hr))
{
wprintf(L"CoCreateInstance failed: 0x%08lx\n", hr);
return;
}
ULONG cFetched = 0;
CComVariant var;
// Retrieve INetFwRules
CComPtr<INetFwRules> pFwRules;
hr = pNetFwPolicy2->get_Rules(&pFwRules);
if (FAILED(hr))
{
wprintf(L"get_Rules failed: 0x%08lx\n", hr);
return;
}
IUnknown* pEnumerator;
IEnumVARIANT* pVariant = NULL;
// Obtain the number of Firewall rules
long fwRuleCount;
hr = pFwRules->get_Count(&fwRuleCount);
if (FAILED(hr))
{
wprintf(L"get_Count failed: 0x%08lx\n", hr);
return;
}
INetFwRule* pFwRule = NULL;
wprintf(L"The number of rules in the Windows Firewall are %d\n", fwRuleCount);
*/

// Iterate through all of the rules in pFwRules
pFwRules->get__NewEnum(&pEnumerator);

if (pEnumerator)
CComPtr<IUnknown> pEnumerator;
hr = pFwRules->get__NewEnum(&pEnumerator);
if (FAILED(hr))
{
hr = pEnumerator->QueryInterface(__uuidof(IEnumVARIANT), (void**) &pVariant);
wprintf(L"get__NewEnum failed: 0x%08lx\n", hr);
return;
}

while (SUCCEEDED(hr) && hr != S_FALSE)
CComPtr<IEnumVARIANT> pVariant;
hr = pEnumerator.QueryInterface(&pVariant);
if (FAILED(hr))
{
var.Clear();
hr = pVariant->Next(1, &var, &cFetched);
wprintf(L"get__NewEnum failed to produce IEnumVariant: 0x%08lx\n", hr);
return;
}

if (S_FALSE != hr)
ULONG cFetched = 0;
for (CComVariant var; pVariant->Next(1, &var, &cFetched) == S_OK; var.Clear())
{
CComPtr<INetFwRule> pFwRule;
if (SUCCEEDED(var.ChangeType(VT_DISPATCH)) &&
SUCCEEDED(V_DISPATCH(&var)->QueryInterface(IID_PPV_ARGS(&pFwRule))))
{
if (SUCCEEDED(hr))
{
hr = var.ChangeType(VT_DISPATCH);
}
if (SUCCEEDED(hr))
{
hr = (V_DISPATCH(&var))->QueryInterface(__uuidof(INetFwRule), reinterpret_cast<void**> (&pFwRule));
}
// Output the properties of this rule
// DumpFWRulesInCollection(pFwRule);

if (SUCCEEDED(hr))
CComBSTR groupName;
if (SUCCEEDED(pFwRule->get_Grouping(&groupName)) && groupName)
{
BSTR groupName;
BSTR ruleName;

if (FAILED(pFwRule->get_Grouping(&groupName)))
continue;

if (FAILED(pFwRule->get_Name(&ruleName)))
continue;

if (groupName == NULL)
continue;

const std::string s_groupName (_bstr_t(groupName, true));
const std::string s_ruleName (_bstr_t(ruleName, true));
const std::string s_groupName(_bstr_t(groupName, true));

if (this->_group_name == s_groupName)
{
VARIANT_BOOL __enabled;

bool ruleEnabled;
CComBSTR ruleName;

if (SUCCEEDED(pFwRule->get_Name(&ruleName)) && ruleName)
{
const std::string s_ruleName(_bstr_t(ruleName, true));

if (FAILED(pFwRule->get_Enabled(&__enabled)))
continue;

ruleEnabled = (__enabled != VARIANT_FALSE);
VARIANT_BOOL __enabled;
if (FAILED(pFwRule->get_Enabled(&__enabled)))
continue;

for (auto &e : *endpoints)
{
bool ruleEnabled;
ruleEnabled = (__enabled != VARIANT_FALSE);

if (e.title == s_ruleName)
for (auto& e : *endpoints)
{
if (!e.selected != ruleEnabled)
{

// if endpointDominant, set firewall to mirror endpoint state
if (endpointDominant)
if (e.title == s_ruleName)
{
if (!e.selected != ruleEnabled)
{

std::string s_ruleEnabled = ruleEnabled ? "block" : "allow";
printf(std::format("({0}) firewall: {1}, ui: {2} . Setting firewall rule to match UI state\n", s_ruleName, ruleEnabled ? "block" : "allow", e.selected ? "selected" : "not selected").c_str());
if (FAILED(pFwRule->put_Enabled(e.selected ? VARIANT_FALSE : VARIANT_TRUE)))
continue;

// e.unsynced = false;

}
// if not, set endpoint state to mirror firewall state
else

{
printf(std::format("({0}) firewall: {1}, ui: {2}. Setting UI state to match firewall state\n", s_ruleName, ruleEnabled ? "block" : "allow", e.selected ? "selected" : "not selected").c_str());
e.selected = !ruleEnabled;
// e.unsynced = false;
// if endpointDominant, set firewall to mirror endpoint state
if (endpointDominant)
{

printf(std::format("({0}) firewall: {1}, ui: {2} . Setting firewall rule to match UI state\n", s_ruleName, ruleEnabled ? "block" : "allow", e.selected ? "selected" : "not selected").c_str());
if (FAILED(pFwRule->put_Enabled(e.selected ? VARIANT_FALSE : VARIANT_TRUE)))
{
SysFreeString(groupName);
SysFreeString(ruleName);
continue;
}

// e.unsynced = false;

}
// if not, set endpoint state to mirror firewall state
else

{
printf(std::format("({0}) firewall: {1}, ui: {2}. Setting UI state to match firewall state\n", s_ruleName, ruleEnabled ? "block" : "allow", e.selected ? "selected" : "not selected").c_str());
e.selected = !ruleEnabled;
// e.unsynced = false;
}
}
e.unsynced = false;
}
e.unsynced = false;
}
}

}

}
}
}

Cleanup:

// Release pFwRule
if (pFwRule != NULL)
{
pFwRule->Release();
}
}


};

//std::wstring to_wstring(const std::string& stringToConvert)
Expand Down
Loading

0 comments on commit 739d177

Please sign in to comment.