168 *StopEnumeration =
TRUE;
179 *StopEnumeration =
TRUE;
269 DPRINT(
"BasepAnsiStringToHeapUnicodeString\n");
295 Timeout->QuadPart = dwMilliseconds * -10000LL;
311 DPRINT(
"BaseFormatObjectAttributes. Security: %p, Name: %p\n",
315 if (SecurityAttributes)
343 DPRINT(
"Attributes: %lx, RootDirectory: %p, SecurityDescriptor: %p\n",
364 ULONG PageSize, AllocationGranularity, Dummy;
365 SIZE_T MinimumStackCommit, GuardPageSize;
367 DPRINT(
"BaseCreateStack(hProcess: 0x%p, Max: 0x%lx, Current: 0x%lx)\n",
368 hProcess, StackReserve, StackCommit);
378 if (StackReserve == 0)
381 if (StackCommit == 0)
386 else if (StackCommit >= StackReserve)
389 StackReserve =
ROUND_UP(StackCommit, 1024 * 1024);
393 StackCommit =
ROUND_UP(StackCommit, PageSize);
394 StackReserve =
ROUND_UP(StackReserve, AllocationGranularity);
396 MinimumStackCommit =
NtCurrentPeb()->MinimumStackCommit;
397 if ((MinimumStackCommit != 0) && (StackCommit < MinimumStackCommit))
399 StackCommit = MinimumStackCommit;
403 if (StackCommit >= StackReserve)
406 StackReserve =
ROUND_UP(StackCommit, 1024 * 1024);
410 StackCommit =
ROUND_UP(StackCommit, PageSize);
411 StackReserve =
ROUND_UP(StackReserve, AllocationGranularity);
428 InitialTeb->AllocatedStackBase = (
PVOID)
Stack;
429 InitialTeb->StackBase = (
PVOID)(
Stack + StackReserve);
430 InitialTeb->PreviousStackBase =
NULL;
431 InitialTeb->PreviousStackLimit =
NULL;
434 Stack += StackReserve - StackCommit;
437 if (StackReserve >= StackCommit + PageSize)
440 StackCommit += PageSize;
457 DPRINT1(
"Failure to allocate stack\n");
469 GuardPageSize = PageSize;
477 DPRINT1(
"Failure to set guard page\n");
482 InitialTeb->StackLimit = (
PVOID)((
ULONG_PTR)InitialTeb->StackLimit +
503 &InitialTeb->AllocatedStackBase,
538 ContextFlags =
Context->ContextFlags;
560 Context->ContextFlags |= ContextFlags;
564 Context->FloatSave.ControlWord = 0x27F;
565 Context->FloatSave.StatusWord = 0;
566 Context->FloatSave.TagWord = 0xFFFF;
567 Context->FloatSave.ErrorOffset = 0;
568 Context->FloatSave.ErrorSelector = 0;
569 Context->FloatSave.DataOffset = 0;
570 Context->FloatSave.DataSelector = 0;
581#elif defined(_M_AMD64)
649#warning Unknown architecture
737 DPRINT1(
"Failed to open file\n");
890 sizeof(FileBasicInfo),
903 sizeof(FileBasicInfo),
911 &FileDispositionInfo,
912 sizeof(FileDispositionInfo),
934 if ((InJob) && (NewToken) && (JobHandle))
937 DPRINT(
"BasepCheckWinSaferRestrictions is UNIMPLEMENTED\n");
NTSTATUS NTAPI NtCreateSection(OUT PHANDLE SectionHandle, IN ACCESS_MASK DesiredAccess, IN POBJECT_ATTRIBUTES ObjectAttributes OPTIONAL, IN PLARGE_INTEGER MaximumSize OPTIONAL, IN ULONG SectionPageProtection OPTIONAL, IN ULONG AllocationAttributes, IN HANDLE FileHandle OPTIONAL)
IN PUNICODE_STRING StaticString
#define EFLAGS_INTERRUPT_MASK
#define FILE_NON_DIRECTORY_FILE
IN PUNICODE_STRING IN POBJECT_ATTRIBUTES ObjectAttributes
#define NT_SUCCESS(StatCode)
NTSYSAPI NTSTATUS NTAPI RtlWow64EnableFsRedirection(IN BOOLEAN Wow64FsEnableRedirection)
NTSYSAPI NTSTATUS NTAPI RtlWow64EnableFsRedirectionEx(IN PVOID Wow64FsEnableRedirection, OUT PVOID *OldFsRedirectionLevel)
@ ThreadImpersonationToken
#define FILE_ATTRIBUTE_NORMAL
PBASE_STATIC_SERVER_DATA BaseStaticServerData
HANDLE BaseNamedObjectDirectory
PLDR_DATA_TABLE_ENTRY BasepExeLdrEntry
DECLSPEC_NORETURN VOID WINAPI BaseProcessStartup(_In_ PPROCESS_START_ROUTINE lpStartAddress)
DECLSPEC_NORETURN VOID WINAPI BaseThreadStartup(_In_ LPTHREAD_START_ROUTINE lpStartAddress, _In_ LPVOID lpParameter)
PLARGE_INTEGER WINAPI BaseFormatTimeOut(OUT PLARGE_INTEGER Timeout, IN DWORD dwMilliseconds)
PRTL_CONVERT_STRINGA BasepUnicodeStringTo8BitString
NTSTATUS WINAPI BaseCreateStack(_In_ HANDLE hProcess, _In_opt_ SIZE_T StackCommit, _In_opt_ SIZE_T StackReserve, _Out_ PINITIAL_TEB InitialTeb)
BOOLEAN WINAPI Basep8BitStringToDynamicUnicodeString(OUT PUNICODE_STRING UnicodeString, IN LPCSTR String)
HANDLE WINAPI BaseGetNamedObjectDirectory(VOID)
BOOL WINAPI Wow64RevertWow64FsRedirection(IN PVOID OldValue)
VOID WINAPI BaseMarkFileForDelete(IN HANDLE FileHandle, IN ULONG FileAttributes)
VOID NTAPI BasepLocateExeLdrEntry(IN PLDR_DATA_TABLE_ENTRY Entry, IN PVOID Context, OUT BOOLEAN *StopEnumeration)
VOID WINAPI BaseInitializeContext(IN PCONTEXT Context, IN PVOID Parameter, IN PVOID StartAddress, IN PVOID StackAddress, IN ULONG ContextType)
PRTL_COUNT_STRINGA Basep8BitStringToUnicodeSize
PRTL_CONVERT_STRING Basep8BitStringToUnicodeString
ULONG NTAPI BasepUnicodeStringToOemSize(IN PUNICODE_STRING String)
NTSTATUS WINAPI BasepMapFile(IN LPCWSTR lpApplicationName, OUT PHANDLE hSection, IN PUNICODE_STRING ApplicationName)
POBJECT_ATTRIBUTES WINAPI BaseFormatObjectAttributes(OUT POBJECT_ATTRIBUTES ObjectAttributes, IN PSECURITY_ATTRIBUTES SecurityAttributes OPTIONAL, IN PUNICODE_STRING ObjectName)
PUNICODE_STRING WINAPI Basep8BitStringToStaticUnicodeString(IN LPCSTR String)
PRTL_COUNT_STRING BasepUnicodeStringTo8BitSize
BOOLEAN WINAPI Wow64EnableWow64FsRedirection(IN BOOLEAN Wow64EnableWow64FsRedirection)
VOID WINAPI BaseFreeThreadStack(_In_ HANDLE hProcess, _In_ PINITIAL_TEB InitialTeb)
VOID WINAPI BasepAnsiStringToHeapUnicodeString(IN LPCSTR AnsiString, OUT LPWSTR *UnicodeString)
ULONG NTAPI BasepOemStringToUnicodeSize(IN PANSI_STRING String)
NTSTATUS WINAPI BasepCheckWinSaferRestrictions(IN HANDLE UserToken, IN LPWSTR ApplicationName, IN HANDLE FileHandle, OUT PBOOLEAN InJob, OUT PHANDLE NewToken, OUT PHANDLE JobHandle)
BOOL WINAPI Wow64DisableWow64FsRedirection(IN PVOID *OldValue)
ULONG NTAPI BasepAnsiStringToUnicodeSize(IN PANSI_STRING String)
ULONG NTAPI BasepUnicodeStringToAnsiSize(IN PUNICODE_STRING String)
UNICODE_STRING Restricted
PVOID WINAPI BasepIsRealtimeAllowed(IN BOOLEAN Keep)
#define ROUND_UP(n, align)
_Must_inspect_result_ _In_opt_ PFLT_INSTANCE _Out_ PHANDLE _In_ ACCESS_MASK _In_ POBJECT_ATTRIBUTES _Out_ PIO_STATUS_BLOCK _In_opt_ PLARGE_INTEGER _In_ ULONG FileAttributes
_Must_inspect_result_ _In_opt_ PFLT_INSTANCE _Out_ PHANDLE FileHandle
_Must_inspect_result_ _In_ FLT_CONTEXT_TYPE ContextType
@ FileDispositionInformation
#define FILE_SYNCHRONOUS_IO_NONALERT
#define OBJ_CASE_INSENSITIVE
NTSYSAPI void WINAPI RtlReleasePebLock(void)
NTSYSAPI NTSTATUS WINAPI RtlInitAnsiStringEx(PANSI_STRING, PCSZ)
NTSYSAPI void WINAPI RtlAcquirePebLock(void)
NTSYSAPI void WINAPI DbgBreakPoint(void)
ULONG(NTAPI * PRTL_COUNT_STRINGA)(IN PANSI_STRING UnicodeString)
VOID WINAPI BaseThreadStartupThunk(VOID)
ULONG(NTAPI * PRTL_COUNT_STRING)(IN PUNICODE_STRING UnicodeString)
DECLSPEC_NORETURN VOID WINAPI BaseFiberStartup(VOID)
NTSTATUS(NTAPI * PRTL_CONVERT_STRING)(IN PUNICODE_STRING UnicodeString, IN PANSI_STRING AnsiString, IN BOOLEAN AllocateMemory)
VOID WINAPI BaseProcessStartThunk(VOID)
NTSTATUS(NTAPI * PRTL_CONVERT_STRINGA)(IN PANSI_STRING AnsiString, IN PCUNICODE_STRING UnicodeString, IN BOOLEAN AllocateMemory)
_In_ BOOL _In_ HANDLE hProcess
PVOID PVOID PWCHAR ApplicationName
#define SE_INC_BASE_PRIORITY_PRIVILEGE
static OUT PIO_STATUS_BLOCK IoStatusBlock
#define InitializeObjectAttributes(p, n, a, r, s)
NTSYSAPI NTSTATUS NTAPI RtlUnicodeStringToOemString(POEM_STRING DestinationString, PCUNICODE_STRING SourceString, BOOLEAN AllocateDestinationString)
NTSYSAPI NTSTATUS NTAPI RtlAcquirePrivilege(_In_ PULONG Privilege, _In_ ULONG NumPriv, _In_ ULONG Flags, _Out_ PVOID *ReturnedState)
NTSYSAPI NTSTATUS NTAPI RtlOemStringToUnicodeString(PUNICODE_STRING DestinationString, PCOEM_STRING SourceString, BOOLEAN AllocateDestinationString)
NTSYSAPI VOID NTAPI RtlReleasePrivilege(_In_ PVOID ReturnedState)
NTSYSAPI BOOLEAN NTAPI RtlDosPathNameToNtPathName_U(_In_opt_z_ PCWSTR DosPathName, _Out_ PUNICODE_STRING NtPathName, _Out_opt_ PCWSTR *NtFileNamePart, _Out_opt_ PRTL_RELATIVE_NAME_U DirectoryInfo)
NTSYSAPI NTSTATUS NTAPI NtOpenFile(OUT PHANDLE phFile, IN ACCESS_MASK DesiredAccess, IN POBJECT_ATTRIBUTES ObjectAttributes, OUT PIO_STATUS_BLOCK pIoStatusBlock, IN ULONG ShareMode, IN ULONG OpenMode)
NTSYSAPI NTSTATUS NTAPI RtlUnicodeStringToAnsiString(PANSI_STRING DestinationString, PUNICODE_STRING SourceString, BOOLEAN AllocateDestinationString)
#define DIRECTORY_CREATE_OBJECT
#define FILE_ATTRIBUTE_READONLY
#define SECTION_ALL_ACCESS
#define DIRECTORY_TRAVERSE
NTSYSAPI NTSTATUS NTAPI RtlAnsiStringToUnicodeString(PUNICODE_STRING DestinationString, PANSI_STRING SourceString, BOOLEAN AllocateDestinationString)
NTSYSAPI NTSTATUS NTAPI NtSetInformationFile(IN HANDLE hFile, OUT PIO_STATUS_BLOCK pIoStatusBlock, IN PVOID FileInformationBuffer, IN ULONG FileInformationBufferLength, IN FILE_INFORMATION_CLASS FileInfoClass)
NTSYSAPI NTSTATUS NTAPI NtQueryInformationFile(IN HANDLE hFile, OUT PIO_STATUS_BLOCK pIoStatusBlock, OUT PVOID FileInformationBuffer, IN ULONG FileInformationBufferLength, IN FILE_INFORMATION_CLASS FileInfoClass)
#define CONTEXT_FLOATING_POINT
#define FILE_SHARE_DELETE
NTSTATUS NTAPI NtClose(IN HANDLE Handle)
#define DIRECTORY_CREATE_SUBDIRECTORY
NTSYSAPI VOID NTAPI RtlInitAnsiString(PANSI_STRING DestinationString, PCSZ SourceString)
#define RtlAnsiStringToUnicodeSize(STRING)
NTSTATUS NTAPI NtFreeVirtualMemory(IN HANDLE ProcessHandle, IN PVOID *UBaseAddress, IN PSIZE_T URegionSize, IN ULONG FreeType)
NTSTATUS NTAPI NtProtectVirtualMemory(IN HANDLE ProcessHandle, IN OUT PVOID *UnsafeBaseAddress, IN OUT SIZE_T *UnsafeNumberOfBytesToProtect, IN ULONG NewAccessProtection, OUT PULONG UnsafeOldAccessProtection)
NTSTATUS NTAPI NtAllocateVirtualMemory(IN HANDLE ProcessHandle, IN OUT PVOID *UBaseAddress, IN ULONG_PTR ZeroBits, IN OUT PSIZE_T URegionSize, IN ULONG AllocationType, IN ULONG Protect)
NTSTATUS NTAPI NtSetInformationThread(IN HANDLE ThreadHandle, IN THREADINFOCLASS ThreadInformationClass, IN PVOID ThreadInformation, IN ULONG ThreadInformationLength)
NTSTATUS NTAPI NtOpenThreadToken(_In_ HANDLE ThreadHandle, _In_ ACCESS_MASK DesiredAccess, _In_ BOOLEAN OpenAsSelf, _Out_ PHANDLE TokenHandle)
Opens a token that is tied to a thread handle.
#define STATUS_INVALID_IMAGE_FORMAT
#define STATUS_ACCESS_VIOLATION
NTSTATUS NTAPI NtOpenDirectoryObject(OUT PHANDLE DirectoryHandle, IN ACCESS_MASK DesiredAccess, IN POBJECT_ATTRIBUTES ObjectAttributes)
DWORD BaseSetLastNTError(IN NTSTATUS Status)
#define STATUS_BUFFER_OVERFLOW
PULONG MinorVersion OPTIONAL
base of all file and directory entries
UNICODE_STRING NamedObjectDirectory
SYSTEM_BASIC_INFORMATION SysInfo
UNICODE_STRING RelativeName
HANDLE ContainingDirectory
#define RTL_CONSTANT_STRING(s)
#define RtlZeroMemory(Destination, Length)
#define STATUS_OBJECT_PATH_NOT_FOUND
#define STATUS_INVALID_PARAMETER
BOOL Privilege(LPTSTR pszPrivilege, BOOL bEnable)
_Must_inspect_result_ _In_ WDFDMAENABLER _In_ _In_opt_ PWDF_OBJECT_ATTRIBUTES Attributes
_Must_inspect_result_ _In_ WDFDEVICE _In_ WDFSTRING String
_In_ WDFREQUEST _In_ PIO_STACK_LOCATION Stack
BOOL WINAPI AreFileApisANSI(void)
VOID WINAPI SetFileApisToOEM(void)
VOID WINAPI SetFileApisToANSI(void)
#define ERROR_FILENAME_EXCED_RANGE
_In_ const BITMAPINFO _In_ UINT _In_opt_ HANDLE hSection
_In_ USHORT _In_ ULONG _In_ PSOCKADDR _In_ PSOCKADDR _Reserved_ ULONG _In_opt_ PVOID _In_opt_ const WSK_CLIENT_CONNECTION_DISPATCH _In_opt_ PEPROCESS _In_opt_ PETHREAD _In_opt_ PSECURITY_DESCRIPTOR SecurityDescriptor
_At_(*)(_In_ PWSK_CLIENT Client, _In_opt_ PUNICODE_STRING NodeName, _In_opt_ PUNICODE_STRING ServiceName, _In_opt_ ULONG NameSpace, _In_opt_ GUID *Provider, _In_opt_ PADDRINFOEXW Hints, _Outptr_ PADDRINFOEXW *Result, _In_opt_ PEPROCESS OwningProcess, _In_opt_ PETHREAD OwningThread, _Inout_ PIRP Irp Result)(Mem)) NTSTATUS(WSKAPI *PFN_WSK_GET_ADDRESS_INFO
_In_ PVOID _Out_opt_ PULONG_PTR _Outptr_opt_ PCUNICODE_STRING * ObjectName
#define PF_XMMI_INSTRUCTIONS_AVAILABLE
#define RtlOemStringToUnicodeSize(STRING)
#define RtlUnicodeStringToOemSize(STRING)
#define RtlUnicodeStringToAnsiSize(String)
_Inout_opt_ PVOID Parameter
#define TOKEN_IMPERSONATE
#define NtCurrentThread()