diff options
| author | Casimir666 <casimir666@users.sourceforge.net> | 2007-05-06 21:10:16 +0400 |
|---|---|---|
| committer | Casimir666 <casimir666@users.sourceforge.net> | 2007-05-06 21:10:16 +0400 |
| commit | 8f9e9eda9ffb4d5104ba036b62aa420e7b5d3541 (patch) | |
| tree | f71b4db3d52ac989e5da6a89b2dd00a952de3eab /src/apps/mplayerc/Struct.h | |
| parent | a3f172e113ab8401fa78fcc313e972325619360f (diff) | |
git-svn-id: https://mpc-hc.svn.sourceforge.net/svnroot/mpc-hc/trunk@95 10f7b99b-c216-0410-bff0-8a66a9350fd8
Diffstat (limited to 'src/apps/mplayerc/Struct.h')
| -rw-r--r-- | src/apps/mplayerc/Struct.h | 630 |
1 files changed, 630 insertions, 0 deletions
diff --git a/src/apps/mplayerc/Struct.h b/src/apps/mplayerc/Struct.h new file mode 100644 index 000000000..918c40f34 --- /dev/null +++ b/src/apps/mplayerc/Struct.h @@ -0,0 +1,630 @@ +/*********************************************************************
+ * Structures and definitions undocumented or included in the NTDDK. *
+ *********************************************************************/
+
+#ifndef __STRUCT_H__
+#define __STRUCT_H__
+
+///////////////// Windows NT ///////////////
+#include <winternl.h>
+
+typedef unsigned long ULONG_PTR, *PULONG_PTR;
+typedef LONG NTSTATUS, *PNTSTATUS;
+typedef ULONG KAFFINITY, *PKAFFINITY;
+typedef LONG KPRIORITY;
+
+#define NT_SUCCESS(Status) ((NTSTATUS)(Status) >= 0)
+
+typedef void (CALLBACK *PKNORMAL_ROUTINE)(PVOID, PVOID, PVOID);
+
+typedef struct _CLIENT_ID {
+ HANDLE UniqueProcess;
+ HANDLE UniqueThread;
+} CLIENT_ID, *PCLIENT_ID;
+
+#define InitializeObjectAttributes( p, n, a, r, s ) { \
+ (p)->Length = sizeof( OBJECT_ATTRIBUTES ); \
+ (p)->RootDirectory = r; \
+ (p)->Attributes = a; \
+ (p)->ObjectName = n; \
+ (p)->SecurityDescriptor = s; \
+ (p)->SecurityQualityOfService = NULL; \
+ }
+
+#define OBJ_INHERIT 0x00000002L
+#define OBJ_PERMANENT 0x00000010L
+#define OBJ_EXCLUSIVE 0x00000020L
+#define OBJ_CASE_INSENSITIVE 0x00000040L
+#define OBJ_OPENIF 0x00000080L
+#define OBJ_OPENLINK 0x00000100L
+#define OBJ_KERNEL_HANDLE 0x00000200L
+
+
+typedef struct RTL_DRIVE_LETTER_CURDIR { // Size = 0x10
+ USHORT Flags;
+ USHORT Length;
+ ULONG TimeStamp;
+ UNICODE_STRING DosPath;
+} RTL_DRIVE_LETTER_CURDIR, *PRTL_DRIVE_LETTER_CURDIR;
+
+typedef struct _RTL_USER_PROCESS_PARAMETERS { // Size = 0x290
+ ULONG AllocationSize;
+ ULONG Size;
+ ULONG Flags;
+ ULONG DebugFlags;
+ HANDLE hConsole;
+ ULONG ProcessGroup;
+ HANDLE hStdInput;
+ HANDLE hStdOutput;
+ HANDLE hStdError;
+ UNICODE_STRING CurrentDirectoryName;
+ HANDLE CurrentDirectoryHandle;
+ UNICODE_STRING DllPath;
+ UNICODE_STRING ImagePathName;
+ UNICODE_STRING CommandLine;
+ PWSTR Environment;
+ ULONG StartingPositionLeft;
+ ULONG StartingPositionTop;
+ ULONG Width;
+ ULONG Height;
+ ULONG CharWidth;
+ ULONG CharHeight;
+ ULONG ConsoleTextAttributes;
+ ULONG WindowFlags;
+ ULONG ShowWindowFlags;
+ UNICODE_STRING WindowTitle;
+ UNICODE_STRING DesktopName;
+ UNICODE_STRING ShellInfo;
+ UNICODE_STRING RuntimeInfo;
+ RTL_DRIVE_LETTER_CURDIR DLCurrentDirectory[0x20];
+} RTL_USER_PROCESS_PARAMETERS, *PRTL_USER_PROCESS_PARAMETERS;
+
+typedef struct _LDR_MODULE {
+ LIST_ENTRY InLoadOrderModuleList;
+ LIST_ENTRY InMemoryOrderModuleList;
+ LIST_ENTRY InInitializationOrderModuleList;
+ PVOID BaseAddress;
+ PVOID EntryPoint;
+ ULONG SizeOfImage;
+ UNICODE_STRING FullDllName;
+ UNICODE_STRING BaseDllName;
+ ULONG Flags;
+ SHORT LoadCount;
+ SHORT TlsIndex;
+ LIST_ENTRY HashTableEntry;
+ ULONG TimeDateStamp;
+} LDR_MODULE, *PLDR_MODULE;
+
+typedef struct _PEB_LDR_DATA { // Size = 0x24
+ ULONG Length; // 00
+ BOOLEAN Initialized; // 04
+ PVOID SsHandle; // 08
+ LIST_ENTRY InLoadOrderModuleList; // 0C
+ LIST_ENTRY InMemoryOrderModuleList; // 14
+ LIST_ENTRY InInitializationOrderModuleList; // 1C
+// void * EntryInProgress; // 24
+} PEB_LDR_DATA, *PPEB_LDR_DATA;
+
+typedef struct _PEB_FREE_BLOCK { // Size = 8
+struct _PEB_FREE_BLOCK *Next;
+ULONG Size;
+} PEB_FREE_BLOCK, *PPEB_FREE_BLOCK;
+
+// Structured Exception Handler
+typedef struct _SEH {
+ struct _SEH *pNext;
+ FARPROC pfnHandler;
+} SEH, *PSEH;
+
+#pragma pack(1)
+
+// Thread Information Block (FS:[0])
+typedef struct _TIB_NT {
+ PSEH pvExcept; // 00 Head of exception record list
+ PVOID pvStackBase; // 04
+ PVOID pvStackLimit; // 08
+ PVOID SubSystemTib; // 0C
+ union {
+ PVOID FiberData; // 10
+ DWORD Version;
+ };
+ PVOID pvArbitrary; // 14 Available for application use
+ struct _TIB_NT *pTIBSelf; // 18 Linear address of TIB structure
+} TIB_NT, *PTIB_NT;
+
+typedef void (*PPEBLOCKROUTINE)(PVOID);
+
+// PEB (Process Environment Block) data structure (FS:[0x30])
+// Located at addr. 0x7FFDF000
+typedef struct _PEB_NT { // Size = 0x1E8
+ BOOLEAN InheritedAddressSpace; //000
+ BOOLEAN ReadImageFileExecOptions; //001
+ BOOLEAN BeingDebugged; //002
+ BOOLEAN SpareBool; //003 Allocation size
+ HANDLE Mutant; //004
+ HINSTANCE ImageBaseAddress; //008 Instance
+ PPEB_LDR_DATA LdrData; //00C
+ PRTL_USER_PROCESS_PARAMETERS ProcessParameters; //010
+ ULONG SubSystemData; //014
+ HANDLE ProcessHeap; //018
+ KSPIN_LOCK FastPebLock; //01C
+ PPEBLOCKROUTINE FastPebLockRoutine; //020
+ PPEBLOCKROUTINE FastPebUnlockRoutine; //024
+ ULONG EnvironmentUpdateCount; //028
+ PVOID * KernelCallbackTable; //02C
+ PVOID EventLogSection; //030
+ PVOID EventLog; //034
+ PPEB_FREE_BLOCK FreeList; //038
+ ULONG TlsExpansionCounter; //03C
+ ULONG TlsBitmap; //040
+ LARGE_INTEGER TlsBitmapBits; //044
+ PVOID ReadOnlySharedMemoryBase; //04C
+ PVOID ReadOnlySharedMemoryHeap; //050
+ PVOID * ReadOnlyStaticServerData; //054
+ PVOID AnsiCodePageData; //058
+ PVOID OemCodePageData; //05C
+ PVOID UnicodeCaseTableData; //060
+ ULONG NumberOfProcessors; //064
+ LARGE_INTEGER NtGlobalFlag; //068 Address of a local copy
+ LARGE_INTEGER CriticalSectionTimeout; //070
+ ULONG HeapSegmentReserve; //078
+ ULONG HeapSegmentCommit; //07C
+ ULONG HeapDeCommitTotalFreeThreshold; //080
+ ULONG HeapDeCommitFreeBlockThreshold; //084
+ ULONG NumberOfHeaps; //088
+ ULONG MaximumNumberOfHeaps; //08C
+ PVOID ** ProcessHeaps; //090
+ PVOID GdiSharedHandleTable; //094
+ PVOID ProcessStarterHelper; //098
+ PVOID GdiDCAttributeList; //09C
+ KSPIN_LOCK LoaderLock; //0A0
+ ULONG OSMajorVersion; //0A4
+ ULONG OSMinorVersion; //0A8
+ USHORT OSBuildNumber; //0AC
+ USHORT OSCSDVersion; //0AE
+ ULONG OSPlatformId; //0B0
+ ULONG ImageSubsystem; //0B4
+ ULONG ImageSubsystemMajorVersion; //0B8
+ ULONG ImageSubsystemMinorVersion; //0BC
+ ULONG ImageProcessAffinityMask; //0C0
+ ULONG GdiHandleBuffer[0x22]; //0C4
+ ULONG PostProcessInitRoutine; //14C
+ ULONG TlsExpansionBitmap; //150
+ UCHAR TlsExpansionBitmapBits[0x80]; //154
+ ULONG SessionId; //1D4
+ void * AppCompatInfo; //1D8
+ UNICODE_STRING CSDVersion; //1DC
+} PEB_NT, *PPEB_NT;
+
+// TEB (Thread Environment Block) data structure (FS:[0x18])
+// Located at 0x7FFDE000, 0x7FFDD000, ...
+typedef struct _TEB_NT { // Size = 0xF88
+ NT_TIB Tib; //000
+ PVOID EnvironmentPointer; //01C
+ CLIENT_ID ClientId; //020
+ HANDLE ActiveRpcHandle; //028
+ PVOID ThreadLocalStoragePointer; //02C
+ PPEB_NT ProcessEnvironmentBlock; //030 PEB
+ ULONG LastErrorValue; //034
+ ULONG CountOfOwnedCriticalSections; //038
+ ULONG CsrClientThread; //03C
+ ULONG Win32ThreadInfo; //040
+ UCHAR Win32ClientInfo[0x7C]; //044
+ ULONG WOW32Reserved; //0C0
+ ULONG CurrentLocale; //0C4
+ ULONG FpSoftwareStatusRegister; //0C8
+ UCHAR SystemReserved1[0xD8]; //0CC
+ ULONG Spare1; //1A4
+ ULONG ExceptionCode; //1A8
+ UCHAR SpareBytes1[0x28]; //1AC
+ UCHAR SystemReserved2[0x28]; //1D4
+ UCHAR GdiTebBatch[0x4E0]; //1FC
+ ULONG GdiRgn; //6DC
+ ULONG GdiPen; //6E0
+ ULONG GdiBrush; //6E4
+ CLIENT_ID RealClientId; //6E8
+ ULONG GdiCachedProcessHandle; //6F0
+ ULONG GdiClientPID; //6F4
+ ULONG GdiClientTID; //6F8
+ ULONG GdiThreadLocalInfo; //6FC
+ UCHAR UserReserved[0x14]; //700
+ UCHAR glDispatchTable[0x460]; //714
+ UCHAR glReserved1[0x68]; //B74
+ ULONG glReserved2; //BDC
+ ULONG glSectionInfo; //BE0
+ ULONG glSection; //BE4
+ ULONG glTable; //BE8
+ ULONG glCurrentRC; //BEC
+ ULONG glContext; //BF0
+ ULONG LastStatusValue; //BF4
+ LARGE_INTEGER StaticUnicodeString; //BF8
+ UCHAR StaticUnicodeBuffer[0x20C]; //C00
+ ULONG DeallocationStack; //E0C
+ UCHAR TlsSlots[0x100]; //E10
+ LARGE_INTEGER TlsLinks; //F10
+ ULONG Vdm; //F18
+ ULONG ReservedForNtRpc; //F1C
+ LARGE_INTEGER DbgSsReserved; //F20
+ ULONG HardErrorsAreDisabled; //F28
+ UCHAR Instrumentation[0x40]; //F2C
+ ULONG WinSockData; //F6C
+ ULONG GdiBatchCount; //F70
+ ULONG Spare2; //F74
+ ULONG Spare3; //F78
+ ULONG Spare4; //F7C
+ ULONG ReservedForOle; //F80
+ ULONG WaitingOnLoaderLock; //F84
+// PVOID StackCommit;
+// PVOID StackCommitMax;
+// PVOID StackReserved;
+// PVOID MessageQueue;
+} TEB_NT, *PTEB_NT;
+
+#pragma pack()
+
+
+
+typedef struct _THREAD_BASIC_INFORMATION {
+ NTSTATUS ExitStatus;
+ PTIB_NT TebBaseAddress;
+ CLIENT_ID ClientId;
+ KAFFINITY AffinityMask;
+ KPRIORITY Priority;
+ KPRIORITY BasePriority;
+} THREAD_BASIC_INFORMATION, *PTHREAD_BASIC_INFORMATION;
+
+
+#define STATUS_INFO_LENGTH_MISMATCH ((NTSTATUS)0xC0000004L)
+#define SystemProcessesAndThreadsInformation 5
+
+
+typedef struct _VM_COUNTERS {
+ SIZE_T PeakVirtualSize;
+ SIZE_T VirtualSize;
+ ULONG PageFaultCount;
+ SIZE_T PeakWorkingSetSize;
+ SIZE_T WorkingSetSize;
+ SIZE_T QuotaPeakPagedPoolUsage;
+ SIZE_T QuotaPagedPoolUsage;
+ SIZE_T QuotaPeakNonPagedPoolUsage;
+ SIZE_T QuotaNonPagedPoolUsage;
+ SIZE_T PagefileUsage;
+ SIZE_T PeakPagefileUsage;
+} VM_COUNTERS;
+
+typedef struct _SYSTEM_THREAD_INFORMATION {
+ LARGE_INTEGER KernelTime;
+ LARGE_INTEGER UserTime;
+ LARGE_INTEGER CreateTime;
+ ULONG WaitTime;
+ PVOID StartAddress;
+ CLIENT_ID ClientId;
+ KPRIORITY Priority;
+ KPRIORITY BasePriority;
+ ULONG ContextSwitchCount;
+ LONG State;
+ LONG WaitReason;
+} SYSTEM_THREAD_INFORMATION, *PSYSTEM_THREAD_INFORMATION;
+
+// The size of the SYSTEM_PROCESS_INFORMATION structure is
+// different on NT 4 and Win2K.
+
+typedef struct _SYSTEM_PROCESS_INFORMATION_NT4 {
+ ULONG NextEntryDelta;
+ ULONG ThreadCount;
+ ULONG Reserved1[6];
+ LARGE_INTEGER CreateTime;
+ LARGE_INTEGER UserTime;
+ LARGE_INTEGER KernelTime;
+ UNICODE_STRING ProcessName;
+ KPRIORITY BasePriority;
+ ULONG ProcessId;
+ ULONG InheritedFromProcessId;
+ ULONG HandleCount;
+ ULONG Reserved2[2];
+ VM_COUNTERS VmCounters;
+ SYSTEM_THREAD_INFORMATION Threads[1];
+} SYSTEM_PROCESS_INFORMATION_NT4, *PSYSTEM_PROCESS_INFORMATION_NT4;
+
+
+/////////////////////// Windows 95 /////////////////////////
+
+#pragma pack(1)
+
+#define VA_SHARED 0x8000000 // Undocumented flag to allocate shared memory in Win9x
+
+// Kernel32 objects (WIN95)
+#define WIN95_K32OBJ_SEMAPHORE 0x1
+#define WIN95_K32OBJ_EVENT 0x2
+#define WIN95_K32OBJ_MUTEX 0x3
+#define WIN95_K32OBJ_CRITICAL_SECTION 0x4
+#define WIN95_K32OBJ_PROCESS 0x5
+#define WIN95_K32OBJ_THREAD 0x6
+#define WIN95_K32OBJ_FILE 0x7
+#define WIN95_K32OBJ_CHANGE 0x8
+#define WIN95_K32OBJ_CONSOLE 0x9
+#define WIN95_K32OBJ_SCREEN_BUFFER 0xA
+#define WIN95_K32OBJ_MEM_MAPPED_FILE 0xB
+#define WIN95_K32OBJ_SERIAL 0xC
+#define WIN95_K32OBJ_DEVICE_IOCTL 0xD
+#define WIN95_K32OBJ_PIPE 0xE
+#define WIN95_K32OBJ_MAILSLOT 0xF
+#define WIN95_K32OBJ_TOOLHELP_SNAPSHOT 0x10
+#define WIN95_K32OBJ_SOCKET 0x11
+
+// TIB flags
+#define TIBF_WIN32 0x00000001
+#define TIBF_TRAP 0x00000002
+
+// Process Database flags (WIN95)
+#define fDebugSingle 0x00000001 // Set if process is being debugged
+#define fCreateProcessEvent 0x00000002 // Set in debugged process after starting
+#define fExitProcessEvent 0x00000004 // Might be set in debugged process at exit time
+#define fWin16Process 0x00000008 // 16-bit process
+#define fDosProcess 0x00000010 // DOS process
+#define fConsoleProcess 0x00000020 // 32-bit console process
+#define fFileApisAreOem 0x00000040 // SetFileAPIsToOEM
+#define fNukeProcess 0x00000080
+#define fServiceProcess 0x00000100 // RegisterServiceProcess
+#define fLoginScriptHack 0x00000800 // Might be a Novell network login process
+#define fSendDllNotifications 0x00200000
+#define fDebugEventPending 0x00400000 // e.g. stopped in debugger
+#define fNearlyTerminating 0x00800000
+#define fFaulted 0x08000000
+#define fTerminating 0x10000000
+#define fTerminated 0x20000000
+#define fInitError 0x40000000
+#define fSignaled 0x80000000
+
+// Thread Database flags (WIN95)
+#define fCreateThreadEvent 0x00000001 // Set if thread is being debugged
+#define fCancelExceptionAbort 0x00000002
+#define fOnTempStack 0x00000004
+#define fGrowableStack 0x00000008
+#define fDelaySingleStep 0x00000010
+#define fOpenExeAsImmovableFile 0x00000020
+#define fCreateSuspended 0x00000040 // CREATE_SUSPENDED flag to CreateProcess()
+#define fStackOverflow 0x00000080
+#define fNestedCleanAPCs 0x00000100
+#define fWasOemNowAnsi 0x00000200 // ANSI/OEM file function
+#define fOKToSetThreadOem 0x00000400 // ANSI/OEM file function
+
+// TDBX flags (WIN95)
+#define WAITEXBIT 0x00000001
+#define WAITACKBIT 0x00000002
+#define SUSPEND_APC_PENDING 0x00000004
+#define SUSPEND_TERMINATED 0x00000008
+#define BLOCKED_FOR_TERMINATION 0x00000010
+#define EMULATE_NPX 0x00000020
+#define WIN32_NPX 0x00000040
+#define EXTENDED_HANDLES 0x00000080
+#define FROZEN 0x00000100
+#define DONT_FREEZE 0x00000200
+#define DONT_UNFREEZE 0x00000400
+#define DONT_TRACE 0x00000800
+#define STOP_TRACING 0x00001000
+#define WAITING_FOR_CRST_SAFE 0x00002000
+#define CRST_SAFE 0x00004000
+#define BLOCK_TERMINATE_APC 0x00040000
+
+// Environment Database
+typedef struct _ENVIRONMENT_DATABASE {
+ PSTR pszEnvironment; //00 Pointer to Process Environment
+ DWORD un1; //04 (always 0)
+ PSTR pszCmdLine; //08 Pointer to command line
+ PSTR pszCurrDirectory; //0C Pointer to current directory
+ LPSTARTUPINFOA pStartupInfo; //10 Pointer to STARTUPINFOA struct
+ HANDLE hStdIn; //14 Standard Input handle
+ HANDLE hStdOut; //18 Standard Output handle
+ HANDLE hStdErr; //1C Standard Error handle
+ DWORD un2; //20 (always 1)
+ DWORD InheritConsole; //24 Inherit console from parent
+ DWORD BreakType; //28 Handle console events (like CTRL+C)
+ DWORD BreakSem; //2C Pointer to K32OBJ_SEMAPHORE
+ DWORD BreakEvent; //30 Pointer to K32OBJ_EVENT
+ DWORD BreakThreadID; //34 Pointer to K32OBJ_THREAD
+ DWORD BreakHandlers; //38 Pointer to list of installed console control handlers
+} EDB, *PEDB;
+
+// Handle Table Entry
+typedef struct _HANDLE_TABLE_ENTRY {
+ DWORD flags; // Valid flags depend on what type of object this is
+ PVOID pObject; // Pointer to the object that the handle refers to
+} HANDLE_TABLE_ENTRY, *PHANDLE_TABLE_ENTRY;
+
+// Handle Table
+typedef struct _HANDLE_TABLE {
+ DWORD cEntries; // Max number of handles in table
+ HANDLE_TABLE_ENTRY array[1]; // An array (number is given by cEntries)
+} HANDLE_TABLE, *PHANDLE_TABLE;
+
+
+typedef struct _IMTE
+{
+ DWORD un1; // 00h
+ PIMAGE_NT_HEADERS pNTHdr; // 04h
+ DWORD un2; // 08h
+ PSTR pszFileName; // 0Ch
+ PSTR pszModName; // 10h
+ WORD cbFileName; // 14h
+ WORD cbModName; // 16h
+ DWORD un3; // 18h
+ DWORD cSections; // 1Ch
+ DWORD un5; // 20h
+ DWORD baseAddress; // 24h
+ WORD hModule16; // 28h
+ WORD cUsage; // 2Ah
+ DWORD un7; // 2Ch
+ PSTR pszFileName2; // 30h
+ WORD cbFileName2; // 34h
+ PSTR pszModName2; // 36h
+ WORD cbModName2; // 3Ah
+} IMTE, *PIMTE;
+
+// Thread Information Block (FS:[0x18])
+typedef struct _TIB95 { // Size = 0x34
+ PSEH pvExcept; // 00 Pointer to head of structured exception handling chain
+ PVOID pvStackUserTop; // 04 Max. address for stack
+ PVOID pvStackUserBase; // 08 Lowest page aligned addr. of stack
+ WORD pvTDB; // 0C Ptr to win-16 task database
+ WORD pvThunksSS; // 0E SS selector used for thunking to 16 bits
+ DWORD SelmanList; // 10 Pointer to selector manager list
+ PVOID pvArbitrary; // 14 Available for application use
+ struct _TIB95 *pTIBSelf; // 18 Linear address of TIB structure
+ WORD TIBFlags; // 1C TIBF_WIN32 = 1, TIBF_TRAP = 2
+ WORD Win16MutexCount; // 1E Win16Lock
+ DWORD DebugContext; // 20 Pointer to debug context structure
+ DWORD pCurrentPriority; // 24 Pointer to DWORD containing current priority level
+ DWORD pvQueue; // 28 Message Queue selector
+ PVOID* pvTLSArray; // 2C Thread Local Storage (TLS) array
+ PVOID* pProcess; // 30 Pointer to owning process database (PDB)
+} TIB95, *PTIB95;
+
+
+// Thread Database Extension
+typedef struct _TDBX95 {
+ DWORD ptdb; // 00 TDB
+ DWORD ppdb; // 04 PDB
+ DWORD ContextHandle; // 08 R0 memory context
+ DWORD un1; // 0C
+ DWORD TimeOutHandle; // 10
+ DWORD WakeParam; // 14
+ DWORD BlockHandle; // 18 R0 semaphore on which thread will wait inside VWIN32
+ DWORD BlockState; // 1C
+ DWORD SuspendCount; // 20 Number of times SuspendThread() was called
+ DWORD SuspendHandle; // 24
+ DWORD MustCompleteCount; // 28 Count of EnterMustComplete's minus LeaveMustComplete's
+ DWORD WaitExFlags; // 2C Flags
+ DWORD SyncWaitCount; // 30
+ DWORD QueuedSyncFuncs; // 34
+ DWORD UserAPCList; // 38
+ DWORD KernAPCList; // 3C
+ DWORD pPMPSPSelector; // 40 Pointer to protected mode PSP selector
+ DWORD BlockedOnID; // 44
+ DWORD un2[7]; // 48
+ DWORD TraceRefData; // 64
+ DWORD TraceCallBack; // 68
+ DWORD TraceEventHandle; // 6C
+ WORD TraceOutLastCS; // 70
+ WORD K16TDB; // 72 Win16 TDB selector
+ WORD K16PDB; // 74 Win16 PSP selector
+ WORD DosPDBSeg; // 76 Real mode segment value of PSP
+ WORD ExceptionCount; // 78
+} TDBX95, *PTDBX95;
+
+
+/////////////////////// Windows 98 /////////////////////////
+
+// Kernel32 objects (WIN98)
+#define WIN98_K32OBJ_SEMAPHORE 0x1
+#define WIN98_K32OBJ_EVENT 0x2
+#define WIN98_K32OBJ_MUTEX 0x3
+#define WIN98_K32OBJ_CRITICAL_SECTION 0x4
+#define WIN98_K32OBJ_CHANGE 0x5
+#define WIN98_K32OBJ_PROCESS 0x6
+#define WIN98_K32OBJ_THREAD 0x7
+#define WIN98_K32OBJ_FILE 0x8
+#define WIN98_K32OBJ_CONSOLE 0x9
+#define WIN98_K32OBJ_SCREEN_BUFFER 0xA
+#define WIN98_K32OBJ_MAILSLOT 0xB
+#define WIN98_K32OBJ_SERIAL 0xC
+#define WIN98_K32OBJ_MEM_MAPPED_FILE 0xD
+#define WIN98_K32OBJ_PIPE 0xE
+#define WIN98_K32OBJ_DEVICE_IOCTL 0xF
+#define WIN98_K32OBJ_TOOLHELP_SNAPSHOT 0x10
+#define WIN98_K32OBJ_SOCKET 0x11
+
+typedef struct _TDBX98 TDBX98;
+typedef struct _PDB98 PDB98;
+
+// Thread Information Block (FS:[0x18])
+typedef struct _TIB98 { // Size = 0x38
+ PSEH pvExcept; // 00 Head of exception record list
+ PVOID pvStackUserTop; // 04 Top of user stack
+ PVOID pvStackUserBase; // 08 Base of user stack
+ WORD pvTDB; // 0C Ptr to win-16 task database
+ WORD pvThunksSS; // 0E SS selector used for thunking to 16 bits
+ DWORD SelmanList; // 10 Pointer to selector manager list
+ PVOID pvArbitrary; // 14 Available for application use
+ struct _TIB98 *pTIBSelf; // 18 Linear address of TIB structure
+ WORD TIBFlags; // 1C TIBF_WIN32 = 1, TIBF_TRAP = 2
+ WORD Win16MutexCount; // 1E Win16Lock
+ DWORD DebugContext; // 20 Pointer to debug context structure
+ DWORD pCurrentPriority; // 24 Pointer to DWORD containing current priority level
+ DWORD pvQueue; // 28 Message Queue selector
+ PVOID *pvTLSArray; // 2C Thread Local Storage (TLS) array
+ PVOID *pProcess; // 30 Pointer to owning process database (PDB)
+ DWORD Unknown; // 34 Pointer to ???
+} TIB98, *PTIB98;
+
+// Thread database (FS:[0x18] - 0x8)
+typedef struct _TDB98 { // Size = 0x228 (from Kernel32)
+ WORD Type; // 00 K32 object type
+ WORD cReference; // 02 Reference count
+ DWORD pSomeEvent; // 04 K32 event object used when someone waits on the thread object
+ TIB98 tib; // 08 Thread information block (TIB)
+ DWORD Unknown; // 40
+ DWORD Flags; // 44 Flags
+ DWORD TerminationStatus; // 48 Exit code
+ WORD TIBSelector; // 4C Selector used in FS to point to TIB
+ WORD EmulatorSelector; // 4E Memory block for saving x87 state
+ DWORD cHandles; // 50 Handle count
+ DWORD Ring0Thread; // 54 R0 thread control block (TCB)
+ TDBX98 *pTDBX; // 58 R0 thread database extension (TDBX)
+ DWORD un1[109]; // 5C
+ DWORD APISuspendCount; // 210 Count of SuspendThread's minus ResumeThread's
+} TDB98, *PTDB98;
+
+// Thread database extension
+typedef struct _TDBX98 {
+ DWORD un0; // 00
+ TDB98 *ptdb; // 04 R3 thread database
+ PDB98 *ppdb; // 08 R3 process database
+ DWORD ContextHandle; // 0C R0 memory context
+ DWORD Ring0Thread; // 10 R0 thread control block [TCB *]
+ DWORD WaitNodeList; // 14 Anchor of things we're waiting on [WAITNODE *]
+ DWORD WaitFlags; // 18 Blocking flags
+ DWORD un1; // 1C
+ DWORD TimeOutHandle; // 20
+ DWORD WakeParam; // 24
+ DWORD BlockHandle; // 28 R0 semaphore on which thread will wait inside VWIN32
+ DWORD BlockState; // 2C
+ DWORD SuspendCount; // 30
+ DWORD SuspendHandle; // 34
+ DWORD MustCompleteCount; // 38 Count of EnterMustComplete's minus LeaveMustComplete's
+ DWORD WaitExFlags; // 3C Flags
+ DWORD SyncWaitCount; // 40
+ DWORD QueuedSyncFuncs; // 44
+ DWORD UserAPCList; // 48
+ DWORD KernAPCList; // 4C
+ DWORD pPMPSPSelector; // 50
+ DWORD BlockedOnID; // 54
+} TDBX98, *PTDBX98;
+
+
+/////////////////////// Windows Me /////////////////////////
+
+typedef TIB98 TIBME;
+typedef TIBME *PTIBME;
+
+typedef struct _TDBME { // Size = 0x228 (from Kernel32)
+ WORD Type; // 00 K32 object type
+ WORD cReference; // 02 Reference count
+ DWORD pSomeEvent; // 04 K32 event object used when someone waits on the thread object
+ TIB98 tib; // 08 Thread information block (TIB)
+ DWORD Unknown; // 40
+ DWORD Unknown2; // 44
+ WORD TIBSelector; // 46 Selector used in FS to point to TIB
+ DWORD TerminationStatus; // 48 Exit code
+ DWORD Flags; // 4C Flags
+ DWORD cHandles; // 50 Handle count
+ DWORD Ring0Thread; // 54 R0 thread control block (TCB)
+ DWORD Unknown3; // 58 Selector for ???
+ DWORD un1[109]; // 5C
+ DWORD APISuspendCount; // 210 Count of SuspendThread's minus ResumeThread's
+} TDBME, *PTDBME;
+
+
+#pragma pack()
+
+#endif // __STRUCT_H__
|