Google Git
Sign in
apache / openoffice / bab44dcac0296df22024f3f10e7997de78ed4094 / . / AOO410 / main / sal / systools / win32 / uwinapi / win95sys.h
blob: cb89a28fae89b67faac0e55fbb3acef0f60e6d77 [file] [log] [blame]
#pragma once
// *************************************************************
//
// Licensed to the Apache Software Foundation (ASF) under one
// or more contributor license agreements. See the NOTICE file
// distributed with this work for additional information
// regarding copyright ownership. The ASF licenses this file
// to you under the Apache License, Version 2.0 (the
// "License"); you may not use this file except in compliance
// with the License. You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing,
// software distributed under the License is distributed on an
// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
// KIND, either express or implied. See the License for the
// specific language governing permissions and limitations
// under the License.
//
// *************************************************************
//Kernel32 objects
#define K32OBJ_SEMAPHORE 0x1
#define K32OBJ_EVENT 0x2
#define K32OBJ_MUTEX 0x3
#define K32OBJ_CRITICAL_SECTION 0x4
#define K32OBJ_PROCESS 0x5
#define K32OBJ_THREAD 0x6
#define K32OBJ_FILE 0x7
#define K32OBJ_CHANGE 0x8
#define K32OBJ_CONSOLE 0x9
#define K32OBJ_SCREEN_BUFFER 0xA
#define K32OBJ_MEM_MAPPED_FILE 0xB
#define K32OBJ_SERIAL 0xC
#define K32OBJ_DEVICE_IOCTL 0xD
#define K32OBJ_PIPE 0xE
#define K32OBJ_MAILSLOT 0xF
#define K32OBJ_TOOLHELP_SNAPSHOT 0x10
#define K32OBJ_SOCKET 0x11
//Process Database flags
#define fDebugSingle 0x00000001
#define fCreateProcessEvent 0x00000002
#define fExitProcessEvent 0x00000004
#define fWin16Process 0x00000008
#define fDosProcess 0x00000010
#define fConsoleProcess 0x00000020
#define fFileApisAreOem 0x00000040
#define fNukeProcess 0x00000080
#define fServiceProcess 0x00000100
#define fLoginScriptHack 0x00000800
//Thread Database flags
#define fCreateThreadEvent 0x00000001
#define fCancelExceptionAbort 0x00000002
#define fOnTempStack 0x00000004
#define fGrowableStack 0x00000008
#define fDelaySingleStep 0x00000010
#define fOpenExeAsImmovableFile 0x00000020
#define fCreateSuspended 0x00000040
#define fStackOverflow 0x00000080
#define fNestedCleanAPCs 0x00000100
#define fWasOemNowAnsi 0x00000200
#define fOKToSetThreadOem 0x00000400
#ifdef _MSC_VER
#pragma warning(disable:4103)
#endif
#pragma pack(1)
//MODREF and IMTE structures
typedef struct _MODREF {
struct _MODREF *pNextModRef; // 00h
DWORD un1; // 04h
DWORD un2; // 08h
DWORD un3; // 0Ch
WORD mteIndex; // 10h
WORD un4; // 12h
DWORD un5; // 14h
PVOID ppdb; // 18h Pointer to process database
DWORD un6; // 1Ch
DWORD un7; // 20h
DWORD un8; // 24h
} MODREF, *PMODREF;
typedef struct _IMTE {
DWORD un1; // 00h
PIMAGE_NT_HEADERS pNTHdr; // 04h
DWORD un2; // 08h
PSTR pszFileName; // 0Ch
PSTR pszModName; // 10h
WORD cbFileName; // 14h
WORD cbModName; // 16h
DWORD un3; // 18h
DWORD cSections; // 1Ch
DWORD un5; // 20h
DWORD baseAddress; // 24h
WORD hModule16; // 28h
WORD cUsage; // 2Ah
DWORD un7; // 2Ch
PSTR pszFileName2; // 30h
WORD cbFileName2; // 34h
DWORD pszModName2; // 36h
WORD cbModName2; // 3Ah
} IMTE, *PIMTE;
//Process Database structure
typedef struct _ENVIRONMENT_DATABASE {
PSTR pszEnvironment; // 00h Pointer to Environment
DWORD un1; // 04h
PSTR pszCmdLine; // 08h Pointer to command line
PSTR pszCurrDirectory; // 0Ch Pointer to current directory
LPSTARTUPINFOA pStartupInfo;// 10h Pointer to STARTUPINFOA struct
HANDLE hStdIn; // 14h Standard Input
HANDLE hStdOut; // 18h Standard Output
HANDLE hStdErr; // 1Ch Standard Error
DWORD un2; // 20h
DWORD InheritConsole; // 24h
DWORD BreakType; // 28h
DWORD BreakSem; // 2Ch
DWORD BreakEvent; // 30h
DWORD BreakThreadID; // 34h
DWORD BreakHandlers; // 38h
} ENVIRONMENT_DATABASE, *PENVIRONMENT_DATABASE;
typedef struct _KERNEL_OBJECT {
DWORD Type; // 00h KERNEL32 object type (5)
DWORD cReference; // 04h Number of references to process
} KERNEL_OBJECT, *PKERNEL_OBJECT;
typedef struct _HANDLE_TABLE_ENTRY {
DWORD flags; // Valid flags depend on what type of object this is
PKERNEL_OBJECT pObject; // Pointer to the object that the handle refers to
} HANDLE_TABLE_ENTRY, *PHANDLE_TABLE_ENTRY;
typedef struct _HANDLE_TABLE {
DWORD cEntries; // Max number of handles in table
HANDLE_TABLE_ENTRY array[1]; // An array (number is given by cEntries)
} HANDLE_TABLE, *PHANDLE_TABLE;
typedef struct _PROCESS_DATABASE {
DWORD Type; // 00h KERNEL32 object type (5)
DWORD cReference; // 04h Number of references to process
DWORD un1; // 08h
DWORD someEvent; // 0Ch An event object (What's it used for???)
DWORD TerminationStatus; // 10h Returned by GetExitCodeProcess
DWORD un2; // 14h
DWORD DefaultHeap; // 18h Address of the process heap
DWORD MemoryContext; // 1Ch pointer to the process's context
DWORD flags; // 20h
// 0x00000001 - fDebugSingle
// 0x00000002 - fCreateProcessEvent
// 0x00000004 - fExitProcessEvent
// 0x00000008 - fWin16Process
// 0x00000010 - fDosProcess
// 0x00000020 - fConsoleProcess
// 0x00000040 - fFileApisAreOem
// 0x00000080 - fNukeProcess
// 0x00000100 - fServiceProcess
// 0x00000800 - fLoginScriptHack
DWORD pPSP; // 24h Linear address of PSP?
WORD PSPSelector; // 28h
WORD MTEIndex; // 2Ah
WORD cThreads; // 2Ch
WORD cNotTermThreads; // 2Eh
WORD un3; // 30h
WORD cRing0Threads; // 32h number of ring 0 threads
HANDLE HeapHandle; // 34h Heap to allocate handle tables out of
// This seems to always be the KERNEL32 heap
HTASK W16TDB; // 38h Win16 Task Database selector
DWORD MemMapFiles; // 3Ch memory mapped file list (?)
PENVIRONMENT_DATABASE pEDB; // 40h Pointer to Environment Database
PHANDLE_TABLE pHandleTable; // 44h Pointer to process handle table
struct _PROCESS_DATABASE *ParentPDB; // 48h Parent process database
PMODREF MODREFlist; // 4Ch Module reference list
DWORD ThreadList; // 50h Threads in this process
DWORD DebuggeeCB; // 54h Debuggee Context block?
DWORD LocalHeapFreeHead; // 58h Head of free list in process heap
DWORD InitialRing0ID; // 5Ch
CRITICAL_SECTION crst; // 60h
DWORD un4[3]; // 78h
DWORD pConsole; // 84h Pointer to console for process
DWORD tlsInUseBits1; // 88h // Represents TLS indices 0 - 31
DWORD tlsInUseBits2; // 8Ch // Represents TLS indices 32 - 63
DWORD ProcessDWORD; // 90h
struct _PROCESS_DATABASE *ProcessGroup; // 94h
DWORD pExeMODREF; // 98h pointer to EXE's MODREF
DWORD TopExcFilter; // 9Ch Top Exception Filter?
DWORD BasePriority; // A0h Base scheduling priority for process
DWORD HeapOwnList; // A4h Head of the list of process heaps
DWORD HeapHandleBlockList;// A8h Pointer to head of heap handle block list
DWORD pSomeHeapPtr; // ACh normally zero, but can a pointer to a
// moveable handle block in the heap
DWORD pConsoleProvider; // B0h Process that owns the console we're using?
WORD EnvironSelector; // B4h Selector containing process environment
WORD ErrorMode; // B6H SetErrorMode value (also thunks to Win16)
DWORD pevtLoadFinished; // B8h Pointer to event LoadFinished?
WORD UTState; // BCh
} PROCESS_DATABASE, *PPROCESS_DATABASE;
//TIB (Thread Information Block) structure
typedef struct _SEH_record {
struct _SEH_record *pNext;
FARPROC pfnHandler;
} SEH_record, *PSEH_record;
// This is semi-documented in the NTDDK.H file from the NT DDK
typedef struct _TIB {
PSEH_record pvExcept; // 00h Head of exception record list
PVOID pvStackUserTop; // 04h Top of user stack
PVOID pvStackUserBase; // 08h Base of user stack
WORD pvTDB; // 0Ch TDB
WORD pvThunksSS; // 0Eh SS selector used for thunking to 16 bits
DWORD SelmanList; // 10h
PVOID pvArbitrary; // 14h Available for application use
struct _tib *ptibSelf; // 18h Linear address of TIB structure
WORD TIBFlags; // 1Ch
WORD Win16MutexCount; // 1Eh
DWORD DebugContext; // 20h
DWORD pCurrentPriority; // 24h
DWORD pvQueue; // 28h Message Queue selector
PVOID *pvTLSArray; // 2Ch Thread Local Storage array
} TIB, *PTIB;
//TDBX structure
typedef struct _TDBX {
DWORD ptdb; // 00h // PTHREAD_DATABASE
DWORD ppdb; // 04h // PPROCESDS_DATABASE
DWORD ContextHandle; // 08h
DWORD un1; // 0Ch
DWORD TimeOutHandle; // 10h
DWORD WakeParam; // 14h
DWORD BlockHandle; // 18h
DWORD BlockState; // 1Ch
DWORD SuspendCount; // 20h
DWORD SuspendHandle; // 24h
DWORD MustCompleteCount; // 28h
DWORD WaitExFlags; // 2Ch
// 0x00000001 - WAITEXBIT
// 0x00000002 - WAITACKBIT
// 0x00000004 - SUSPEND_APC_PENDING
// 0x00000008 - SUSPEND_TERMINATED
// 0x00000010 - BLOCKED_FOR_TERMINATION
// 0x00000020 - EMULATE_NPX
// 0x00000040 - WIN32_NPX
// 0x00000080 - EXTENDED_HANDLES
// 0x00000100 - FROZEN
// 0x00000200 - DONT_FREEZE
// 0x00000400 - DONT_UNFREEZE
// 0x00000800 - DONT_TRACE
// 0x00001000 - STOP_TRACING
// 0x00002000 - WAITING_FOR_CRST_SAFE
// 0x00004000 - CRST_SAFE
// 0x00040000 - BLOCK_TERMINATE_APC
DWORD SyncWaitCount; // 30h
DWORD QueuedSyncFuncs; // 34h
DWORD UserAPCList; // 38h
DWORD KernAPCList; // 3Ch
DWORD pPMPSPSelector; // 40h
DWORD BlockedOnID; // 44h
DWORD un2[7]; // 48h
DWORD TraceRefData; // 64h
DWORD TraceCallBack; // 68h
DWORD TraceEventHandle; // 6Ch
WORD TraceOutLastCS; // 70h
WORD K16TDB; // 72h
WORD K16PDB; // 74h
WORD DosPDBSeg; // 76h
WORD ExceptionCount; // 78h
} TDBX, *PTDBX;
//Thread Database structure
typedef struct _THREAD_DATABASE {
DWORD Type; // 00h
DWORD cReference; // 04h
PPROCESS_DATABASE pProcess; // 08h
DWORD someEvent; // 0Ch An event object (What's it used for???)
DWORD pvExcept; // 10h This field through field 3CH is a TIB
// structure (see TIB.H)
DWORD TopOfStack; // 14h
DWORD StackLow; // 18h
WORD W16TDB; // 1Ch
WORD StackSelector16; // 1Eh Used when thunking down to 16 bits
DWORD SelmanList; // 20h
DWORD UserPointer; // 24h
PTIB pTIB; // 28h
WORD TIBFlags; // 2Ch TIBF_WIN32 = 1, TIBF_TRAP = 2
WORD Win16MutexCount; // 2Eh
DWORD DebugContext; // 30h
PDWORD pCurrentPriority; // 34h
DWORD MessageQueue; // 38h
DWORD pTLSArray; // 3Ch
PPROCESS_DATABASE pProcess2;// 40h Another copy of the thread's process???
DWORD Flags; // 44h
// 0x00000001 - fCreateThreadEvent
// 0x00000002 - fCancelExceptionAbort
// 0x00000004 - fOnTempStack
// 0x00000008 - fGrowableStack
// 0x00000010 - fDelaySingleStep
// 0x00000020 - fOpenExeAsImmovableFile
// 0x00000040 - fCreateSuspended
// 0x00000080 - fStackOverflow
// 0x00000100 - fNestedCleanAPCs
// 0x00000200 - fWasOemNowAnsi
// 0x00000400 - fOKToSetThreadOem
DWORD TerminationStatus; // 48h Returned by GetExitCodeThread
WORD TIBSelector; // 4Ch
WORD EmulatorSelector; // 4Eh
DWORD cHandles; // 50h
DWORD WaitNodeList; // 54h
DWORD un4; // 58h
DWORD Ring0Thread; // 5Ch
PTDBX pTDBX; // 60
DWORD StackBase; // 64h
DWORD TerminationStack; // 68h
DWORD EmulatorData; // 6Ch
DWORD GetLastErrorCode; // 70h
DWORD DebuggerCB; // 74h
DWORD DebuggerThread; // 78h
PCONTEXT ThreadContext; // 7Ch // register context defined in WINNT.H
DWORD Except16List; // 80h
DWORD ThunkConnect; // 84h
DWORD NegStackBase; // 88h
DWORD CurrentSS; // 8Ch
DWORD SSTable; // 90h
DWORD ThunkSS16; // 94h
DWORD TLSArray[64]; // 98h
DWORD DeltaPriority; // 198h
// The retail version breaks off somewhere around here.
// All the remaining fields are most likely only in the debug version
DWORD un5[7]; // 19Ch
DWORD pCreateData16; // 1B8h
DWORD APISuspendCount; // 1BCh # of times SuspendThread has been called
DWORD un6; // 1C0h
DWORD WOWChain; // 1C4h
WORD wSSBig; // 1C8h
WORD un7; // 1CAh
DWORD lp16SwitchRec; // 1CCh
DWORD un8[6]; // 1D0h
DWORD pSomeCritSect1; // 1E8h
DWORD pWin16Mutex; // 1ECh
DWORD pWin32Mutex; // 1F0h
DWORD pSomeCritSect2; // 1F4h
DWORD un9; // 1F8h
DWORD ripString; // 1FCh
DWORD LastTlsSetValueEIP[64]; // 200h (parallel to TlsArray, contains EIP
// where TLS value was last set from)
} THREAD_DATABASE, *PTHREAD_DATABASE;