71 sizeof(wstrWindowStationsDir),
86 &gustrWindowStationsDir,
93 ERR(
"Could not create %wZ directory (Status 0x%X)\n", &gustrWindowStationsDir, Status);
97 TRACE(
"Created directory %wZ for session %lu\n", &gustrWindowStationsDir, Peb->
SessionId);
112 TRACE(
"Deleting window station 0x%p\n", WinSta);
114 if (WinSta == InputWindowStation)
116 ERR(
"WARNING: Deleting the interactive window station '%wZ'!\n",
122 InputWindowStation =
NULL;
146 if (!RemainingName->
Length)
231 HWINSTA WindowStation,
239 if (WindowStation ==
NULL)
241 ERR(
"Invalid window station handle\n");
299 gpsi->tmSysFont = tmw;
352 ERR(
"Requires Interactive Window Station\n");
358 ERR(
"Access Denied\n");
404 OUT HWINSTA* phWinSta,
419 TRACE(
"IntCreateWindowStation called\n");
433 TRACE(
"IntCreateWindowStation opened window station '%wZ'\n",
434 ObjectAttributes->ObjectName);
452 (
PVOID*)&WindowStation);
455 ERR(
"ObCreateObject failed for window station '%wZ', Status 0x%08lx\n",
456 ObjectAttributes->ObjectName, Status);
469 ERR(
"RtlCreateAtomTable failed for window station '%wZ', Status 0x%08lx\n",
470 ObjectAttributes->ObjectName, Status);
484 ERR(
"ObInsertObject failed for window station, Status 0x%08lx\n", Status);
491 if (InputWindowStation ==
NULL)
493 ERR(
"Initializing input window station\n");
498 InputWindowStation = WindowStation;
507 TRACE(
"IntCreateWindowStation created window station '%wZ' object 0x%p handle 0x%p\n",
508 ObjectAttributes->ObjectName, WindowStation, hWinSta);
524 if (UserModeObjectAttributes && LocalObjectAttributes)
529 *UserModeObjectAttributes = *LocalObjectAttributes;
539 if (WindowStationName && (WindowStationName != TebStaticUnicodeString))
542 (
PVOID*)&WindowStationName,
562 *WindowStationName =
NULL;
563 *TebStaticUnicodeString =
NULL;
569 ERR(
"Failed to retrieve the caller LUID, Status 0x%08lx\n", Status);
575 &gustrWindowStationsDir,
581 ERR(
"Window station name length is too long.\n");
584 StrSize = (
USHORT)MemSize;
600 *WindowStationName = *TebStaticUnicodeString;
601 (*WindowStationName)->
Length = 0;
610 (
PVOID*)WindowStationName,
617 ERR(
"ZwAllocateVirtualMemory() failed, Status 0x%08lx\n", Status);
621 RtlInitEmptyUnicodeString(*WindowStationName,
629 (*WindowStationName)->MaximumLength,
630 L"%wZ\\Service-0x%x-%x$",
631 &gustrWindowStationsDir,
636 ERR(
"Impossible to build a valid window station name, Status 0x%08lx\n", Status);
639 (*WindowStationName)->Length = (
USHORT)(
wcslen((*WindowStationName)->Buffer) *
sizeof(
WCHAR));
645 *LocalObjectAttributes = *UserModeObjectAttributes;
647 UserModeObjectAttributes->ObjectName = *WindowStationName;
648 UserModeObjectAttributes->RootDirectory =
NULL;
663 *TebStaticUnicodeString,
682 HWINSTA hWinSta =
NULL;
688 TRACE(
"NtUserCreateWindowStation called\n");
697 ERR(
"Invalid ObjectAttributes length!\n");
721 &LocalObjectAttributes,
723 &TebStaticUnicodeString);
726 ERR(
"BuildUserModeWindowStationName() failed, Status 0x%08lx\n", Status);
735 ERR(
"ObjectAttributes capture failed, Status 0x%08lx\n", Status);
758 TRACE(
"NtUserCreateWindowStation created window station '%wZ' with handle 0x%p\n",
759 ObjectAttributes->ObjectName, hWinSta);
764 ERR(
"NtUserCreateWindowStation failed to create window station '%wZ', Status 0x%08lx\n",
765 ObjectAttributes->ObjectName, Status);
770 TebStaticUnicodeString,
772 &LocalObjectAttributes);
814 HWINSTA hWinSta =
NULL;
820 TRACE(
"NtUserOpenWindowStation called\n");
829 ERR(
"Invalid ObjectAttributes length!\n");
854 sizeof(
L"Service-0x00000000-00000000$") -
sizeof(
UNICODE_NULL) &&
856 L"Service-0x00000000-00000000$",
874 &LocalObjectAttributes,
876 &TebStaticUnicodeString);
879 ERR(
"BuildUserModeWindowStationName() failed, Status 0x%08lx\n", Status);
888 ERR(
"ObjectAttributes capture failed, Status 0x%08lx\n", Status);
908 TRACE(
"NtUserOpenWindowStation opened window station '%wZ' with handle 0x%p\n",
909 ObjectAttributes->ObjectName, hWinSta);
914 ERR(
"NtUserOpenWindowStation failed to open window station '%wZ', Status 0x%08lx\n",
915 ObjectAttributes->ObjectName, Status);
920 TebStaticUnicodeString,
922 &LocalObjectAttributes);
962 TRACE(
"NtUserCloseWindowStation called (%p)\n", hWinSta);
966 ERR(
"Attempted to close process window station\n");
977 ERR(
"Validation of window station handle (%p) failed\n", hWinSta);
983 TRACE(
"Closing window station handle (%p)\n", hWinSta);
1039 PVOID pvInformation,
1068 TRACE(
"Trying to open window station 0x%p\n", hObject);
1073 (
PVOID*)&WinStaObject,
1079 TRACE(
"Trying to open desktop %p\n", hObject);
1080 WinStaObject =
NULL;
1089 ERR(
"Failed: 0x%x\n", Status);
1093 TRACE(
"WinSta or Desktop opened!\n");
1104 if (WinStaObject !=
NULL)
1109 else if (DesktopObject !=
NULL)
1111 FIXME(
"Setting DF_ALLOWOTHERACCOUNTHOOK is unimplemented.\n");
1115 ERR(
"No associated WinStaObject nor DesktopObject!\n");
1118 pvData = &ObjectFlags;
1119 nDataSize =
sizeof(ObjectFlags);
1126 if (WinStaObject !=
NULL)
1134 pStrNameU = &NameInfo->
Name;
1146 else if (DesktopObject !=
NULL)
1161 if (WinStaObject !=
NULL)
1164 pStrNameU = &ObjectHeader->
Type->
Name;
1168 else if (DesktopObject !=
NULL)
1171 pStrNameU = &ObjectHeader->
Type->
Name;
1184 ERR(
"UOI_USER_SID unimplemented!\n");
1199 *nLengthNeeded = nDataSize;
1204 TRACE(
"Trying to copy data to caller (len = %lu, len needed = %lu)\n", nLength, nDataSize);
1230 if (DesktopObject !=
NULL)
1232 if (WinStaObject !=
NULL)
1279 PVOID pvInformation,
1325 HWINSTA hCacheWinSta;
1330 if (hWindowStation !=
NULL)
1339 TRACE(
"Validation of window station handle 0x%p failed\n", hWindowStation);
1349 if (OldWinSta !=
NULL)
1359 if (hCacheWinSta !=
NULL)
1370 ERR(
"Failed to reference the inherited window station, Status 0x%08lx\n", Status);
1372 hCacheWinSta =
NULL;
1381 if (NewWinSta != OldWinSta)
1384 hCacheWinSta =
NULL;
1394 if ((hCacheWinSta ==
NULL) && (hWindowStation !=
NULL))
1405 ERR(
"UserSetProcessWindowStation: Failed to duplicate the window station handle, Status 0x%08lx\n", Status);
1414 ppi->
hwinsta = hWindowStation;
1483 TRACE(
"About to set process window station with handle (%p)\n",
1488 ERR(
"Unauthorized process attempted to lock the window station!\n");
1500 TRACE(
"Validation of window station handle (%p) failed\n",
1528 TRACE(
"About to set process window station with handle (%p)\n",
1533 ERR(
"Unauthorized process attempted to unlock the window station!\n");
1545 TRACE(
"Validation of window station handle (%p) failed\n",
1567 char InitialBuffer[256], *
Buffer;
1585 &gustrWindowStationsDir,
1602 Status = ZwQueryDirectoryObject(DirectoryHandle,
1604 sizeof(InitialBuffer),
1615 Buffer = InitialBuffer;
1622 Status = ZwQueryDirectoryObject(DirectoryHandle,
NULL, 0,
FALSE,
TRUE, &Context,
1626 ERR(
"ZwQueryDirectoryObject failed\n");
1641 Status = ZwQueryDirectoryObject(DirectoryHandle, Buffer, BufferSize,
1659 ReturnLength =
sizeof(
DWORD);
1668 TRACE(
"Required size: %lu Entry count: %lu\n", ReturnLength, EntryCount);
1669 if (
NULL != pRequiredSize)
1674 if (Buffer != InitialBuffer)
1685 if (dwSize < ReturnLength)
1687 if (Buffer != InitialBuffer)
1700 if (Buffer != InitialBuffer)
1716 if (Buffer != InitialBuffer)
1726 if (Buffer != InitialBuffer)
1738 if (Buffer != InitialBuffer)
1748 HWINSTA hWindowStation,
1775 ReturnLength =
sizeof(
DWORD);
1779 DesktopEntry = DesktopEntry->
Flink)
1783 ReturnLength += DesktopName.
Length +
sizeof(
WCHAR);
1786 TRACE(
"Required size: %lu Entry count: %lu\n", ReturnLength, EntryCount);
1787 if (
NULL != pRequiredSize)
1800 if (dwSize < ReturnLength)
1820 DesktopEntry = DesktopEntry->
Flink)
1875 HWINSTA hWindowStation,
1933 IN HWINSTA hWindowStation,
2016 WindowStation->
luidUser = luidUser;
NTSTATUS NTAPI ObOpenObjectByName(IN POBJECT_ATTRIBUTES ObjectAttributes, IN POBJECT_TYPE ObjectType, IN KPROCESSOR_MODE AccessMode, IN PACCESS_STATE PassedAccessState, IN ACCESS_MASK DesiredAccess, IN OUT PVOID ParseContext, OUT PHANDLE Handle)
IN PUNICODE_STRING IN POBJECT_ATTRIBUTES ObjectAttributes
IN CINT OUT PVOID IN ULONG OUT PULONG ReturnLength
BOOL APIENTRY NtUserLockWindowStation(HWINSTA hWindowStation)
BOOL FASTCALL UserPostMessage(HWND Wnd, UINT Msg, WPARAM wParam, LPARAM lParam)
WCHAR StaticUnicodeBuffer[261]
BOOL NTAPI GreDeleteObject(HGDIOBJ hobj)
HWINSTA FASTCALL UserGetProcessWindowStation(VOID)
NTSYSAPI VOID NTAPI RtlCopyMemory(VOID UNALIGNED *Destination, CONST VOID UNALIGNED *Source, ULONG Length)
NTSTATUS APIENTRY NtUserBuildNameList(HWINSTA hWindowStation, ULONG dwSize, PVOID lpBuffer, PULONG pRequiredSize)
#define STATUS_INSUFFICIENT_RESOURCES
IN PUNICODE_STRING IN POBJECT_ATTRIBUTES IN DWORD Unknown3
POBJECT_TYPE ExWindowStationObjectType
BOOL FASTCALL co_IntInitializeDesktopGraphics(VOID)
#define STATUS_NO_MORE_ENTRIES
#define ALIGN_UP(size, type)
#define STATUS_NOT_IMPLEMENTED
BOOL APIENTRY NtUserLockWorkStation(VOID)
VOID NTAPI UserEmptyClipboardData(PWINSTATION_OBJECT pWinSta)
ASSERT((InvokeOnSuccess||InvokeOnError||InvokeOnCancel)?(CompletionRoutine!=NULL):TRUE)
#define STATUS_INVALID_PARAMETER
#define ZwCurrentProcess()
NTSYSAPI NTSTATUS NTAPI ZwClose(_In_ HANDLE Handle)
NTSTATUS APIENTRY IntDesktopObjectParse(IN PVOID ParseObject, IN PVOID ObjectType, IN OUT PACCESS_STATE AccessState, IN KPROCESSOR_MODE AccessMode, IN ULONG Attributes, IN OUT PUNICODE_STRING CompleteName, IN OUT PUNICODE_STRING RemainingName, IN OUT PVOID Context OPTIONAL, IN PSECURITY_QUALITY_OF_SERVICE SecurityQos OPTIONAL, OUT PVOID *Object)
#define DIRECTORY_CREATE_OBJECT
PACCESS_STATE AccessState
UNICODE_STRING gustrWindowStationsDir
PWINSTATION_OBJECT InputWindowStation
__kernel_entry W32KAPI HANDLE APIENTRY NtGdiGetStockObject(_In_ INT iObject)
HWINSTA APIENTRY NtUserCreateWindowStation(IN POBJECT_ATTRIBUTES ObjectAttributes, IN ACCESS_MASK dwDesiredAccess, DWORD Unknown2, DWORD Unknown3, DWORD Unknown4, DWORD Unknown5, DWORD Unknown6)
PVOID NTAPI PsGetCurrentThreadWin32Thread(VOID)
#define ERROR_INVALID_HANDLE
_Check_return_ _CRTIMP int __cdecl _wcsnicmp(_In_reads_or_z_(_MaxCount) const wchar_t *_Str1, _In_reads_or_z_(_MaxCount) const wchar_t *_Str2, _In_ size_t _MaxCount)
HWINSTA APIENTRY NtUserOpenWindowStation(IN POBJECT_ATTRIBUTES ObjectAttributes, IN ACCESS_MASK dwDesiredAccess)
static HANDLE DirectoryHandle
IN PUNICODE_STRING IN POBJECT_ATTRIBUTES IN DWORD IN DWORD IN DWORD IN DWORD Unknown6
NTSYSAPI NTSTATUS NTAPI ZwOpenDirectoryObject(_Out_ PHANDLE FileHandle, _In_ ACCESS_MASK DesiredAccess, _In_ POBJECT_ATTRIBUTES ObjectAttributes)
#define OBJECT_HEADER_TO_NAME_INFO(h)
POBJECT_TYPE ExDesktopObjectType
BOOL APIENTRY NtUserSetLogonNotifyWindow(HWND hWnd)
#define MmCopyToCaller(x, y, z)
KPROCESSOR_MODE AccessMode
VOID NTAPI ObDereferenceObject(IN PVOID Object)
LIST_ENTRY DesktopListHead
NTSYSAPI NTSTATUS NTAPI RtlCreateAtomTable(_In_ ULONG TableSize, _Inout_ PRTL_ATOM_TABLE *AtomTable)
#define ERROR_REQUIRES_INTERACTIVE_WINDOWSTATION
struct _WINSTATION_OBJECT * prpwinsta
DBG_DEFAULT_CHANNEL(UserWinsta)
VOID NTAPI ProbeForWrite(IN PVOID Address, IN SIZE_T Length, IN ULONG Alignment)
#define STATUS_INVALID_HANDLE
IN BOOLEAN OUT PSTR Buffer
NTSTATUS NTAPI UserAttachMonitor(IN HDEV hDev)
#define STATUS_BUFFER_TOO_SMALL
#define OBJECT_TO_OBJECT_HEADER(o)
#define STATUS_INTERNAL_ERROR
NTSTATUS NTAPI IntWinStaObjectParse(_In_ PVOID Parameters)
UNICODE_STRING StaticUnicodeString
NTSTATUS FASTCALL IntCreateWindowStation(OUT HWINSTA *phWinSta, IN POBJECT_ATTRIBUTES ObjectAttributes, IN KPROCESSOR_MODE AccessMode, IN KPROCESSOR_MODE OwnerMode, IN ACCESS_MASK dwDesiredAccess, DWORD Unknown2, DWORD Unknown3, DWORD Unknown4, DWORD Unknown5, DWORD Unknown6)
NTSTATUS NTAPI ObReferenceObjectByHandle(IN HANDLE Handle, IN ACCESS_MASK DesiredAccess, IN POBJECT_TYPE ObjectType, IN KPROCESSOR_MODE AccessMode, OUT PVOID *Object, OUT POBJECT_HANDLE_INFORMATION HandleInformation OPTIONAL)
#define DUPLICATE_SAME_ACCESS
NTSTATUS(* NTAPI)(IN PFILE_FULL_EA_INFORMATION EaBuffer, IN ULONG EaLength, OUT PULONG ErrorOffset)
#define ERROR_ACCESS_DENIED
BOOL FASTCALL co_IntSetWndIcons(VOID)
#define OBJ_NAME_PATH_SEPARATOR
PRTL_UNICODE_STRING_BUFFER PULONG PULONG Unknown4
NTSTATUS NTAPI UserCreateWinstaDirectory(VOID)
BOOL InitCursorImpl(VOID)
_In_ PEPROCESS _In_ KPROCESSOR_MODE AccessMode
DWORD FASTCALL IntGetCharDimensions(HDC hdc, PTEXTMETRICW ptm, PDWORD height)
static TAGREF LPCWSTR LPDWORD LPVOID lpBuffer
INIT_FUNCTION NTSTATUS NTAPI InitWindowStationImpl(VOID)
NTSTATUS NTAPI IntWinStaObjectDelete(_In_ PVOID Parameters)
#define EXCEPTION_EXECUTE_HANDLER
BOOL APIENTRY NtUserSetObjectInformation(HANDLE hObject, DWORD nIndex, PVOID pvInformation, DWORD nLength)
NTSYSAPI NTSTATUS NTAPI ZwCreateDirectoryObject(_Out_ PHANDLE DirectoryHandle, _In_ ACCESS_MASK DesiredAccess, _In_ POBJECT_ATTRIBUTES ObjectAttributes)
_In_ ULONG _In_opt_ PVOID pvData
HDC FASTCALL IntGetScreenDC(VOID)
static NTSTATUS FASTCALL BuildDesktopNameList(HWINSTA hWindowStation, ULONG dwSize, PVOID lpBuffer, PULONG pRequiredSize)
NTSTATUS FASTCALL IntValidateWindowStationHandle(HWINSTA WindowStation, KPROCESSOR_MODE AccessMode, ACCESS_MASK DesiredAccess, PWINSTATION_OBJECT *Object, POBJECT_HANDLE_INFORMATION pObjectHandleInfo)
PFLT_MESSAGE_WAITER_QUEUE CONTAINING_RECORD(Csq, DEVICE_EXTENSION, IrpQueue)) -> WaiterQ.mLock) _IRQL_raises_(DISPATCH_LEVEL) VOID NTAPI FltpAcquireMessageWaiterLock(_In_ PIO_CSQ Csq, _Out_ PKIRQL Irql)
#define STATUS_NAME_TOO_LONG
NTSTATUS NTAPI ObCreateObject(IN KPROCESSOR_MODE ProbeMode OPTIONAL, IN POBJECT_TYPE Type, IN POBJECT_ATTRIBUTES ObjectAttributes OPTIONAL, IN KPROCESSOR_MODE AccessMode, IN OUT PVOID ParseContext OPTIONAL, IN ULONG ObjectSize, IN ULONG PagedPoolCharge OPTIONAL, IN ULONG NonPagedPoolCharge OPTIONAL, OUT PVOID *Object)
#define LN_LOCK_WORKSTATION
VOID FASTCALL UserEnterExclusive(VOID)
__kernel_entry W32KAPI HFONT APIENTRY NtGdiSelectFont(_In_ HDC hdc, _In_ HFONT hf)
struct _LIST_ENTRY * Flink
#define STATUS_OBJECT_TYPE_MISMATCH
BOOL APIENTRY NtUserUnlockWindowStation(HWINSTA hWindowStation)
_CONST_RETURN wchar_t *__cdecl wcschr(_In_z_ const wchar_t *_Str, wchar_t _Ch)
#define _SEH2_YIELD(STMT_)
BOOL FASTCALL CheckWinstaAttributeAccess(ACCESS_MASK DesiredAccess)
#define NT_SUCCESS(StatCode)
BOOL APIENTRY NtUserCloseWindowStation(HWINSTA hWinSta)
VOID NTAPI PsSetProcessWindowStation(PEPROCESS Process, PVOID WindowStation)
BOOL APIENTRY co_IntLoadDefaultCursors(VOID)
#define STATUS_ACCESS_DENIED
struct _WINSTATION_OBJECT * PWINSTATION_OBJECT
BOOL FASTCALL IntIsWindow(HWND hWnd)
BOOL FASTCALL IntCreatePrimarySurface(VOID)
#define OBJ_CASE_INSENSITIVE
struct _WINSTATION_OBJECT WINSTATION_OBJECT
#define STATUS_UNSUCCESSFUL
#define ExAllocatePoolWithTag(hernya, size, tag)
_In_ PUNICODE_STRING Name
VOID FASTCALL IntEndDesktopGraphics(VOID)
NTSTATUS NTAPI ObCloseHandle(IN HANDLE Handle, IN KPROCESSOR_MODE AccessMode)
NTSYSAPI BOOLEAN NTAPI RtlCreateUnicodeString(PUNICODE_STRING DestinationString, PCWSTR SourceString)
VOID NTAPI ProbeForRead(IN CONST VOID *Address, IN SIZE_T Length, IN ULONG Alignment)
BOOL FASTCALL UserSetProcessWindowStation(HWINSTA hWindowStation)
PSECURITY_QUALITY_OF_SERVICE SecurityQos
BOOL NTAPI NtUserSetWindowStationUser(IN HWINSTA hWindowStation, IN PLUID pluid, IN PSID psid OPTIONAL, IN DWORD size)
NTSTATUS NTAPI IntWinStaOkToClose(_In_ PVOID Parameters)
static NTSTATUS FASTCALL BuildWindowStationNameList(ULONG dwSize, PVOID lpBuffer, PULONG pRequiredSize)
#define GDI_OBJ_HMGR_POWNED
NTSTATUS FASTCALL co_IntShowDesktop(PDESKTOP Desktop, ULONG Width, ULONG Height, BOOL bRedraw)
PVOID NTAPI PsGetProcessWin32WindowStation(PEPROCESS Process)
static __inline NTSTATUS RtlStringCbPrintfW(_Out_writes_bytes_(cbDest) _Always_(_Post_z_) NTSTRSAFE_PWSTR pszDest, _In_ size_t cbDest, _In_ _Printf_format_string_ NTSTRSAFE_PCWSTR pszFormat,...)
OBJECT_TYPE_INITIALIZER TypeInfo
VOID FASTCALL SetLastNtError(NTSTATUS Status)
__kernel_entry W32KAPI HDC APIENTRY NtGdiCreateCompatibleDC(_In_opt_ HDC hdc)
VOID FASTCALL UserLeave(VOID)
PRTL_ATOM_TABLE AtomTable
NTSTATUS NTAPI ObInsertObject(IN PVOID Object, IN PACCESS_STATE AccessState OPTIONAL, IN ACCESS_MASK DesiredAccess, IN ULONG ObjectPointerBias, OUT PVOID *NewObject OPTIONAL, OUT PHANDLE Handle)
GENERIC_MAPPING GenericMapping
FORCEINLINE struct _TEB * NtCurrentTeb(VOID)
#define WINSTA_ACCESS_ALL
NTSTATUS GetProcessLuid(IN PETHREAD Thread OPTIONAL, IN PEPROCESS Process OPTIONAL, OUT PLUID Luid)
#define InitializeListHead(ListHead)
_In_ PIO_STACK_LOCATION _Inout_ PFILE_OBJECT _Inout_ PVCB _Outptr_result_maybenull_ PDCB _In_ PDCB _In_ PDIRENT _In_ ULONG _In_ ULONG _In_ PUNICODE_STRING _In_ PACCESS_MASK DesiredAccess
HDC FASTCALL IntGdiCreateDC(PUNICODE_STRING Driver, PUNICODE_STRING pustrDevice, PVOID pUMdhpdev, CONST PDEVMODEW pdmInit, BOOL CreateAsIC)
#define W32PF_READSCREENACCESSGRANTED
BOOL NTAPI GreSetDCOwner(HDC hdc, ULONG ulOwner)
#define GDI_OBJ_HMGR_PUBLIC
NTSTATUS FASTCALL IntValidateDesktopHandle(HDESK Desktop, KPROCESSOR_MODE AccessMode, ACCESS_MASK DesiredAccess, PDESKTOP *Object)
static NTSTATUS BuildUserModeWindowStationName(IN OUT POBJECT_ATTRIBUTES UserModeObjectAttributes, IN OUT POBJECT_ATTRIBUTES LocalObjectAttributes, OUT PUNICODE_STRING *WindowStationName, OUT PUNICODE_STRING *TebStaticUnicodeString)
#define STATUS_OBJECT_PATH_INVALID
HANDLE NTAPI PsGetCurrentProcessId(VOID)
PVOID NTAPI PsGetCurrentProcessWin32Process(VOID)
NTSYSAPI BOOLEAN NTAPI RtlAreAllAccessesGranted(ACCESS_MASK GrantedAccess, ACCESS_MASK DesiredAccess)
BOOL APIENTRY NtUserSetProcessWindowStation(HWINSTA hWindowStation)
HWINSTA APIENTRY NtUserGetProcessWindowStation(VOID)
BOOL APIENTRY NtUserGetObjectInformation(HANDLE hObject, DWORD nIndex, PVOID pvInformation, DWORD nLength, PDWORD nLengthNeeded)
static VOID FreeUserModeWindowStationName(IN OUT PUNICODE_STRING WindowStationName, IN PUNICODE_STRING TebStaticUnicodeString, IN OUT POBJECT_ATTRIBUTES UserModeObjectAttributes OPTIONAL, IN POBJECT_ATTRIBUTES LocalObjectAttributes OPTIONAL)
#define PUSIF_PALETTEDISPLAY
#define ObReferenceObject
PUNICODE_STRING ObjectName
struct tagContext Context
NTSYSAPI NTSTATUS NTAPI RtlDestroyAtomTable(IN PRTL_ATOM_TABLE AtomTable)
NTSYSAPI VOID NTAPI RtlInitUnicodeString(PUNICODE_STRING DestinationString, PCWSTR SourceString)
#define RtlZeroMemory(Destination, Length)
#define InitializeObjectAttributes(p, n, a, r, s)
_Check_return_ _CRTIMP int __cdecl _scwprintf(_In_z_ _Printf_format_string_ const wchar_t *_Format,...)
#define _SEH2_EXCEPT(...)
PDESKTOP FASTCALL IntGetActiveDesktop(VOID)
PUNICODE_STRING RemainingName
#define ExFreePoolWithTag(_P, _T)
__kernel_entry W32KAPI INT APIENTRY NtGdiGetDeviceCaps(_In_ HDC hdc, _In_ INT i)
#define _SEH2_GetExceptionCode()
VOID FASTCALL IntDestroyPrimarySurface(VOID)
IN PUNICODE_STRING IN POBJECT_ATTRIBUTES IN DWORD IN DWORD IN DWORD Unknown5
_Out_ PUNICODE_STRING CompleteName
#define OBJ_KERNEL_HANDLE
#define WINSTA_READSCREEN
size_t __cdecl wcslen(_In_z_ const wchar_t *_Str)
ULONG DefaultNonPagedPoolCharge
IN HDEVINFO IN PSP_DEVINFO_DATA DeviceInfoData OPTIONAL
ACPI_EFI_GUID ACPI_EFI_OPEN_PROTOCOL_INFORMATION_ENTRY UINTN * EntryCount
ENGAPI VOID APIENTRY EngSetLastError(_In_ ULONG iError)
IN SCSI_ADAPTER_CONTROL_TYPE IN PVOID Parameters
NTSTATUS FASTCALL IntHideDesktop(PDESKTOP Desktop)
_Inout_ PFCB _Inout_ PUNICODE_STRING RemainingName
#define RTL_CONSTANT_STRING(s)
1.8.6