From ad572defff6fb98040b5efda896f164e968e7852 Mon Sep 17 00:00:00 2001
From: Dart Vanya <dartvanya@gmail.com>
Date: Fri, 9 Aug 2024 06:27:56 +0300
Subject: [PATCH 1/6] Fixed set handle attributes feature (#2148)

* Fixed set handle attributes feature

Tested on Win11 23H2

* Removed unusable code
---
 SystemInformer/actions.c  |  2 +-
 SystemInformer/prpghndl.c | 11 -----------
 2 files changed, 1 insertion(+), 12 deletions(-)

diff --git a/SystemInformer/actions.c b/SystemInformer/actions.c
index fa8cadf8b621..9316d4a19de3 100644
--- a/SystemInformer/actions.c
+++ b/SystemInformer/actions.c
@@ -5942,7 +5942,7 @@ BOOLEAN PhUiSetAttributesHandle(
 
     if (NT_SUCCESS(status = PhOpenProcess(
         &processHandle,
-        PROCESS_QUERY_LIMITED_INFORMATION,
+        PROCESS_SET_INFORMATION,
         ProcessId
         )))
     {
diff --git a/SystemInformer/prpghndl.c b/SystemInformer/prpghndl.c
index d1682152ae09..fd9e97fde0fb 100644
--- a/SystemInformer/prpghndl.c
+++ b/SystemInformer/prpghndl.c
@@ -81,7 +81,6 @@ VOID PhpInitializeHandleMenu(
     _Inout_ PPH_HANDLES_CONTEXT HandlesContext
     )
 {
-    PPH_EMENU_ITEM item;
     KPH_LEVEL level;
 
     if (NumberOfHandles == 0)
@@ -106,18 +105,8 @@ VOID PhpInitializeHandleMenu(
         PhEnableEMenuItem(Menu, ID_HANDLE_COPY, TRUE);
     }
 
-    // Remove irrelevant menu items.
-
     level = KsiLevel();
 
-    if (level >= KphLevelMed)
-    {
-        if (item = PhFindEMenuItem(Menu, 0, NULL, ID_HANDLE_PROTECTED))
-            PhDestroyEMenuItem(item);
-        if (item = PhFindEMenuItem(Menu, 0, NULL, ID_HANDLE_INHERIT))
-            PhDestroyEMenuItem(item);
-    }
-
     // Protected, Inherit
     if (NumberOfHandles == 1 && (level >= KphLevelMed))
     {

From b1f8563d6d7c9cac13862bff79783a09a0a22bca Mon Sep 17 00:00:00 2001
From: Johnny Shaw <johnny.shaw@live.com>
Date: Thu, 8 Aug 2024 23:42:46 -0600
Subject: [PATCH 2/6] CI force latest SDK/WDK

---
 .github/workflows/msbuild.yml | 23 ++++++++++++-----------
 .gitignore                    |  2 +-
 Directory.Build.props         |  6 ++++++
 packages.config               |  9 +++++++++
 4 files changed, 28 insertions(+), 12 deletions(-)
 create mode 100644 packages.config

diff --git a/.github/workflows/msbuild.yml b/.github/workflows/msbuild.yml
index f80178a3ef11..4a8ffbfb0f5f 100644
--- a/.github/workflows/msbuild.yml
+++ b/.github/workflows/msbuild.yml
@@ -16,18 +16,19 @@ jobs:
     runs-on: windows-latest
     steps:
     - uses: actions/checkout@v4
+    - name: Install Nuget Packages
+      run: nuget restore .\packages.config -PackagesDirectory .\packages\
     - name: Build Solution
       shell: cmd
       working-directory: ${{github.workspace}}
       run: build\build_verbose.cmd
-  # temporarily disabled pending resolution of:
-  # https://github.com/winsiderss/systeminformer/issues/2109
-  # https://github.com/actions/runner-images/issues/10012
-  #build_driver:
-  #  runs-on: windows-latest
-  #  steps:
-  #  - uses: actions/checkout@v4
-  #  - name: Build Driver
-  #    shell: cmd
-  #    working-directory: ${{github.workspace}}
-  #    run: build\build_zdriver.cmd prefast
+  build_driver:
+    runs-on: windows-latest
+    steps:
+    - uses: actions/checkout@v4
+    - name: Install Nuget Packages
+      run: nuget restore .\packages.config -PackagesDirectory .\packages\
+    - name: Build Driver
+      shell: cmd
+      working-directory: ${{github.workspace}}
+      run: build\build_zdriver.cmd prefast
diff --git a/.gitignore b/.gitignore
index 9b792729af55..2f2b4b30498a 100644
--- a/.gitignore
+++ b/.gitignore
@@ -45,7 +45,7 @@
 # Visual C++ cache folders
 ipch/
 .vs/
-*/packages/
+**/packages/
 
 # Visual Studio profiler
 *.psess
diff --git a/Directory.Build.props b/Directory.Build.props
index f511532dc45e..48502580ddce 100644
--- a/Directory.Build.props
+++ b/Directory.Build.props
@@ -4,4 +4,10 @@
       <AdditionalOptions>/d1trimfile:"$(MSBuildThisFileDirectory)\" %(AdditionalOptions)</AdditionalOptions>
     </ClCompile>
   </ItemDefinitionGroup>
+  <Import Project="packages\Microsoft.Windows.SDK.CPP.10.0.26100.1\build\native\Microsoft.Windows.SDK.cpp.props" Condition="Exists('packages\Microsoft.Windows.SDK.CPP.10.0.26100.1\build\native\Microsoft.Windows.SDK.cpp.props')"/>
+  <Import Project="packages\Microsoft.Windows.SDK.CPP.x86.10.0.26100.1\build\native\Microsoft.Windows.SDK.cpp.x86.props" Condition="Exists('packages\Microsoft.Windows.SDK.CPP.x86.10.0.26100.1\build\native\Microsoft.Windows.SDK.cpp.x86.props') and '$(Platform)' == 'Win32'"/>
+  <Import Project="packages\Microsoft.Windows.SDK.CPP.x64.10.0.26100.1\build\native\Microsoft.Windows.SDK.cpp.x64.props" Condition="Exists('packages\Microsoft.Windows.SDK.CPP.x64.10.0.26100.1\build\native\Microsoft.Windows.SDK.cpp.x64.props') and '$(Platform)' == 'x64'"/>
+  <Import Project="packages\Microsoft.Windows.SDK.CPP.arm64.10.0.26100.1\build\native\Microsoft.Windows.SDK.cpp.arm64.props" Condition="Exists('packages\Microsoft.Windows.SDK.CPP.arm64.10.0.26100.1\build\native\Microsoft.Windows.SDK.cpp.arm64.props') and '$(Platform)' == 'ARM64'"/>
+  <Import Project="packages\Microsoft.Windows.WDK.x64.10.0.26100.1\build\native\Microsoft.Windows.WDK.x64.props" Condition="Exists('packages\Microsoft.Windows.WDK.x64.10.0.26100.1\build\native\Microsoft.Windows.WDK.x64.props') and '$(Platform)' == 'x64'"/>
+  <Import Project="packages\Microsoft.Windows.WDK.arm64.10.0.26100.1\build\native\Microsoft.Windows.WDK.arm64.props" Condition="Exists('packages\Microsoft.Windows.WDK.arm64.10.0.26100.1\build\native\Microsoft.Windows.WDK.arm64.props') and '$(Platform)' == 'ARM64'"/>
 </Project>
diff --git a/packages.config b/packages.config
new file mode 100644
index 000000000000..723e19b7fb99
--- /dev/null
+++ b/packages.config
@@ -0,0 +1,9 @@
+<?xml version="1.0" encoding="utf-8"?>
+<packages>
+  <package id="Microsoft.Windows.SDK.CPP" version="10.0.26100.1" targetFramework="native" />
+  <package id="Microsoft.Windows.SDK.CPP.x86" version="10.0.26100.1" targetFramework="native" />
+  <package id="Microsoft.Windows.SDK.CPP.x64" version="10.0.26100.1" targetFramework="native" />
+  <package id="Microsoft.Windows.SDK.CPP.arm64" version="10.0.26100.1" targetFramework="native" />
+  <package id="Microsoft.Windows.WDK.x64" version="10.0.26100.1" targetFramework="native" />
+  <package id="Microsoft.Windows.WDK.arm64" version="10.0.26100.1" targetFramework="native" />
+</packages>

From 2dc900c1ccdf49a1f0a1fa416dabdc57601fa8a5 Mon Sep 17 00:00:00 2001
From: Johnny Shaw <johnny.shaw@live.com>
Date: Thu, 8 Aug 2024 23:47:47 -0600
Subject: [PATCH 3/6] natvis corract xml declaration

---
 SystemInformer.natvis | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/SystemInformer.natvis b/SystemInformer.natvis
index 3c5f79d651d8..45768dfd2de0 100644
--- a/SystemInformer.natvis
+++ b/SystemInformer.natvis
@@ -1,3 +1,4 @@
+<?xml version="1.0" encoding="utf-8"?>
 <!--
 Copyright (c) 2022 Winsider Seminars & Solutions, Inc.  All rights reserved.
 
@@ -7,7 +8,6 @@ Authors:
 
     jxy-s   2024
 -->
-<?xml version="1.0" encoding="utf-8"?>
 
 <!-- Debugger Visualizers -->
 <AutoVisualizer xmlns="http://schemas.microsoft.com/vstudio/debugger/natvis/2010">

From 00334d2d7d3def2f81e583a588bf2c6a54277547 Mon Sep 17 00:00:00 2001
From: Johnny Shaw <johnny.shaw@live.com>
Date: Fri, 9 Aug 2024 00:34:32 -0600
Subject: [PATCH 4/6] kph correct SAL

---
 KSystemInformer/informer_debug.c | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/KSystemInformer/informer_debug.c b/KSystemInformer/informer_debug.c
index d550ec70c13a..ea67f5bb75f3 100644
--- a/KSystemInformer/informer_debug.c
+++ b/KSystemInformer/informer_debug.c
@@ -102,6 +102,10 @@ VOID KphpDebugPrintFlush(
  * \param SystemArgument1 Unused
  * \param SystemArgument2 Unused
  */
+_Function_class_(KDEFERRED_ROUTINE)
+_IRQL_requires_max_(DISPATCH_LEVEL)
+_IRQL_requires_min_(DISPATCH_LEVEL)
+_IRQL_requires_(DISPATCH_LEVEL)
 _IRQL_requires_same_
 VOID KphpDebugPrintDpc(
     _In_ PKDPC Dpc,

From e9ee1c078bd661111f01b0008be676b30bc22751 Mon Sep 17 00:00:00 2001
From: Johnny Shaw <johnny.shaw@live.com>
Date: Fri, 9 Aug 2024 00:55:08 -0600
Subject: [PATCH 5/6] kph codeql analysis

---
 .github/workflows/scan.yml | 32 ++++++++++++++++++++++++++++++++
 1 file changed, 32 insertions(+)
 create mode 100644 .github/workflows/scan.yml

diff --git a/.github/workflows/scan.yml b/.github/workflows/scan.yml
new file mode 100644
index 000000000000..b7075861283b
--- /dev/null
+++ b/.github/workflows/scan.yml
@@ -0,0 +1,32 @@
+name: "CodeQL Analysis"
+
+on:
+  workflow_dispatch:
+
+permissions:
+  actions: read
+  contents: read
+  security-events: write
+
+jobs:
+  analyze_driver:
+    runs-on: windows-latest
+    strategy:
+      fail-fast: false
+    steps:
+      - uses: actions/checkout@v4
+      - name: Install Nuget Packages
+        run: nuget restore .\packages.config -PackagesDirectory .\packages\
+      - name: Initialize CodeQL
+        uses: github/codeql-action/init@v3
+        with:
+          languages: cpp
+          packs: microsoft/windows-drivers
+      - name: Build Driver
+        shell: cmd
+        working-directory: ${{github.workspace}}
+        run: build\build_zdriver.cmd
+      - name: Perform CodeQL analysis
+        uses: github/codeql-action/analyze@v3
+        with:
+          category: "/language:cpp"

From abb21b9c326680c31fa05651dd22fba5f82b8efe Mon Sep 17 00:00:00 2001
From: Johnny Shaw <johnny.shaw@live.com>
Date: Sat, 10 Aug 2024 03:30:36 -0600
Subject: [PATCH 6/6] kph config codeql

---
 .github/workflows/scan.yml | 17 ++++++++++++++++-
 1 file changed, 16 insertions(+), 1 deletion(-)

diff --git a/.github/workflows/scan.yml b/.github/workflows/scan.yml
index b7075861283b..632429315fb9 100644
--- a/.github/workflows/scan.yml
+++ b/.github/workflows/scan.yml
@@ -2,6 +2,8 @@ name: "CodeQL Analysis"
 
 on:
   workflow_dispatch:
+  schedule:
+    - cron: '00 16 * * 1'
 
 permissions:
   actions: read
@@ -26,7 +28,20 @@ jobs:
         shell: cmd
         working-directory: ${{github.workspace}}
         run: build\build_zdriver.cmd
-      - name: Perform CodeQL analysis
+      - name: Perform CodeQL Analysis
         uses: github/codeql-action/analyze@v3
         with:
           category: "/language:cpp"
+          output: sarif-results
+          upload: failure-only
+      - name: Filter CodeQL Results
+        uses: advanced-security/filter-sarif@v1
+        with:
+          # Exclude Microsoft and third party sources
+          patterns: -packages/**/*
+          input: sarif-results/cpp.sarif
+          output: sarif-results/cpp.sarif
+      - name: Upload CodeQL Results
+        uses: github/codeql-action/upload-sarif@v3
+        with:
+          sarif_file: sarif-results/cpp.sarif