[NTOS:IO][NTOS:PNP] Fix incorrect usage of IopGetRegistryValue

KEY_VALUE_FULL_INFORMATION was not always freed properly

ntoskrnl/io/iomgr/driver.c

@@ -195,7 +195,12 @@ IopGetDriverNames(
     if (driverName.Buffer == NULL)
     {
         status = IopGetRegistryValue(ServiceHandle, L"Type", &kvInfo);
-        if (!NT_SUCCESS(status) || kvInfo->Type != REG_DWORD)
+        if (!NT_SUCCESS(status))
+        {
+            ExFreePoolWithTag(basicInfo, TAG_IO);
+            return status;
+        }
+        if (kvInfo->Type != REG_DWORD)
         {
             ExFreePool(kvInfo);
             ExFreePoolWithTag(basicInfo, TAG_IO); // container for serviceName

ntoskrnl/io/pnpmgr/devaction.c

@@ -419,11 +419,15 @@ PiAttachFilterDriversCallback(
     SERVICE_LOAD_TYPE startType = DisableLoad;
 
     Status = IopGetRegistryValue(serviceHandle, L"Start", &kvInfo);
-    if (NT_SUCCESS(Status) && kvInfo->Type == REG_DWORD)
+    if (NT_SUCCESS(Status))
+    {
+        if (kvInfo->Type == REG_DWORD)
         {
             RtlMoveMemory(&startType,
                           (PVOID)((ULONG_PTR)kvInfo + kvInfo->DataOffset),
                           sizeof(startType));
+        }
+        
         ExFreePool(kvInfo);
     }
 
@@ -621,7 +625,9 @@ PiCallDriverAddDevice(
 
     // try to get the class GUID of an instance and its registry key
     Status = IopGetRegistryValue(SubKey, REGSTR_VAL_CLASSGUID, &kvInfo);
-    if (NT_SUCCESS(Status) && kvInfo->Type == REG_SZ && kvInfo->DataLength > sizeof(WCHAR))
+    if (NT_SUCCESS(Status))
+    {
+        if (kvInfo->Type == REG_SZ && kvInfo->DataLength > sizeof(WCHAR))
         {
             UNICODE_STRING classGUID = {
                 .MaximumLength = kvInfo->DataLength,
@@ -667,6 +673,8 @@ PiCallDriverAddDevice(
                     ZwClose(propertiesHandle);
                 }
             }
+        }
+        
         ExFreePool(kvInfo);
     }