📄 winnt.pas
字号:
CONTEXT_FLOATING_POINT = (CONTEXT_i386 or $00000008); // 387 state
{$EXTERNALSYM CONTEXT_FLOATING_POINT}
CONTEXT_DEBUG_REGISTERS = (CONTEXT_i386 or $00000010); // DB 0-3,6,7
{$EXTERNALSYM CONTEXT_DEBUG_REGISTERS}
CONTEXT_EXTENDED_REGISTERS = (CONTEXT_i386 or $00000020); // cpu specific extensions
{$EXTERNALSYM CONTEXT_EXTENDED_REGISTERS}
CONTEXT_FULL = (CONTEXT_CONTROL or CONTEXT_INTEGER or CONTEXT_SEGMENTS);
{$EXTERNALSYM CONTEXT_FULL}
MAXIMUM_SUPPORTED_EXTENSION = 512;
{$EXTERNALSYM MAXIMUM_SUPPORTED_EXTENSION}
type
PFLOATING_SAVE_AREA = ^FLOATING_SAVE_AREA;
{$EXTERNALSYM PFLOATING_SAVE_AREA}
_FLOATING_SAVE_AREA = record
ControlWord: DWORD;
StatusWord: DWORD;
TagWord: DWORD;
ErrorOffset: DWORD;
ErrorSelector: DWORD;
DataOffset: DWORD;
DataSelector: DWORD;
RegisterArea: array [0..SIZE_OF_80387_REGISTERS - 1] of BYTE;
Cr0NpxState: DWORD;
end;
{$EXTERNALSYM _FLOATING_SAVE_AREA}
FLOATING_SAVE_AREA = _FLOATING_SAVE_AREA;
{$EXTERNALSYM FLOATING_SAVE_AREA}
TFloatingSaveArea = FLOATING_SAVE_AREA;
PFloatingSaveArea = PFLOATING_SAVE_AREA;
//
// Context Frame
//
// This frame has a several purposes: 1) it is used as an argument to
// NtContinue, 2) is is used to constuct a call frame for APC delivery,
// and 3) it is used in the user level thread creation routines.
//
// The layout of the record conforms to a standard call frame.
//
type
PContext = ^CONTEXT;
_CONTEXT = record
//
// The flags values within this flag control the contents of
// a CONTEXT record.
//
// If the context record is used as an input parameter, then
// for each portion of the context record controlled by a flag
// whose value is set, it is assumed that that portion of the
// context record contains valid context. If the context record
// is being used to modify a threads context, then only that
// portion of the threads context will be modified.
//
// If the context record is used as an IN OUT parameter to capture
// the context of a thread, then only those portions of the thread's
// context corresponding to set flags will be returned.
//
// The context record is never used as an OUT only parameter.
//
ContextFlags: DWORD;
//
// This section is specified/returned if CONTEXT_DEBUG_REGISTERS is
// set in ContextFlags. Note that CONTEXT_DEBUG_REGISTERS is NOT
// included in CONTEXT_FULL.
//
Dr0: DWORD;
Dr1: DWORD;
Dr2: DWORD;
Dr3: DWORD;
Dr6: DWORD;
Dr7: DWORD;
//
// This section is specified/returned if the
// ContextFlags word contians the flag CONTEXT_FLOATING_POINT.
//
FloatSave: FLOATING_SAVE_AREA;
//
// This section is specified/returned if the
// ContextFlags word contians the flag CONTEXT_SEGMENTS.
//
SegGs: DWORD;
SegFs: DWORD;
SegEs: DWORD;
SegDs: DWORD;
//
// This section is specified/returned if the
// ContextFlags word contians the flag CONTEXT_INTEGER.
//
Edi: DWORD;
Esi: DWORD;
Ebx: DWORD;
Edx: DWORD;
Ecx: DWORD;
Eax: DWORD;
//
// This section is specified/returned if the
// ContextFlags word contians the flag CONTEXT_CONTROL.
//
Ebp: DWORD;
Eip: DWORD;
SegCs: DWORD; // MUST BE SANITIZED
EFlags: DWORD; // MUST BE SANITIZED
Esp: DWORD;
SegSs: DWORD;
//
// This section is specified/returned if the ContextFlags word
// contains the flag CONTEXT_EXTENDED_REGISTERS.
// The format and contexts are processor specific
//
ExtendedRegisters: array [0..MAXIMUM_SUPPORTED_EXTENSION - 1] of BYTE;
end;
{$EXTERNALSYM _CONTEXT}
CONTEXT = _CONTEXT;
{$EXTERNALSYM CONTEXT}
TContext = CONTEXT;
const
LDTENTRY_FLAGS1_TYPE = $1F;
LDTENTRY_FLAGS1_DPL = $60;
LDTENTRY_FLAGS1_PRES = $80;
LDTENTRY_FLAGS2_LIMITHI = $0F;
LDTENTRY_FLAGS2_SYS = $10;
LDTENTRY_FLAGS2_RESERVED_0 = $20;
LDTENTRY_FLAGS2_DEFAULT_BIG = $40;
LDTENTRY_FLAGS2_GRANULARITY = $80;
type
PLDT_ENTRY = ^LDT_ENTRY;
{$EXTERNALSYM PLDT_ENTRY}
_LDT_ENTRY = record
LimitLow: WORD;
BaseLow: WORD;
BaseMid: BYTE;
Flags1: BYTE; // Declare as bytes to avoid alignment
Flags2: BYTE; // Problems.
BaseHi: BYTE;
end;
{$EXTERNALSYM _LDT_ENTRY}
LDT_ENTRY = _LDT_ENTRY;
{$EXTERNALSYM LDT_ENTRY}
TLdtEntry = LDT_ENTRY;
PLdtEntry = PLDT_ENTRY;
// Please contact INTEL to get IA64-specific information
const
EXCEPTION_NONCONTINUABLE = $1; // Noncontinuable exception
{$EXTERNALSYM EXCEPTION_NONCONTINUABLE}
EXCEPTION_MAXIMUM_PARAMETERS = 15; // maximum number of exception parameters
{$EXTERNALSYM EXCEPTION_MAXIMUM_PARAMETERS}
//
// Exception record definition.
//
type
PEXCEPTION_RECORD = ^EXCEPTION_RECORD;
{$EXTERNALSYM PEXCEPTION_RECORD}
_EXCEPTION_RECORD = record
ExceptionCode: DWORD;
ExceptionFlags: DWORD;
ExceptionRecord: PEXCEPTION_RECORD;
ExceptionAddress: Pointer;
NumberParameters: DWORD;
ExceptionInformation: array [0..EXCEPTION_MAXIMUM_PARAMETERS - 1] of ULONG_PTR;
end;
{$EXTERNALSYM _EXCEPTION_RECORD}
EXCEPTION_RECORD = _EXCEPTION_RECORD;
{$EXTERNALSYM EXCEPTION_RECORD}
TExceptionRecord = EXCEPTION_RECORD;
PExceptionRecord = PEXCEPTION_RECORD;
PEXCEPTION_RECORD32 = ^EXCEPTION_RECORD32;
{$EXTERNALSYM PEXCEPTION_RECORD32}
_EXCEPTION_RECORD32 = record
ExceptionCode: DWORD;
ExceptionFlags: DWORD;
ExceptionRecord: DWORD;
ExceptionAddress: DWORD;
NumberParameters: DWORD;
ExceptionInformation: array [0..EXCEPTION_MAXIMUM_PARAMETERS - 1] of DWORD;
end;
{$EXTERNALSYM _EXCEPTION_RECORD32}
EXCEPTION_RECORD32 = _EXCEPTION_RECORD32;
{$EXTERNALSYM EXCEPTION_RECORD32}
TExceptionRecord32 = EXCEPTION_RECORD32;
PExceptionRecord32 = PEXCEPTION_RECORD32;
PEXCEPTION_RECORD64 = ^EXCEPTION_RECORD64;
{$EXTERNALSYM PEXCEPTION_RECORD64}
_EXCEPTION_RECORD64 = record
ExceptionCode: DWORD;
ExceptionFlags: DWORD;
ExceptionRecord: DWORD64;
ExceptionAddress: DWORD64;
NumberParameters: DWORD;
__unusedAlignment: DWORD;
ExceptionInformation: array [0..EXCEPTION_MAXIMUM_PARAMETERS - 1] of DWORD64;
end;
{$EXTERNALSYM _EXCEPTION_RECORD64}
EXCEPTION_RECORD64 = _EXCEPTION_RECORD64;
{$EXTERNALSYM EXCEPTION_RECORD64}
TExceptionRecord64 = EXCEPTION_RECORD64;
PExceptionRecord64 = PEXCEPTION_RECORD64;
//
// Typedef for pointer returned by exception_info()
//
PEXCEPTION_POINTERS = ^EXCEPTION_POINTERS;
{$EXTERNALSYM PEXCEPTION_POINTERS}
_EXCEPTION_POINTERS = record
ExceptionRecord: PEXCEPTION_RECORD;
ContextRecord: PCONTEXT;
end;
{$EXTERNALSYM _EXCEPTION_POINTERS}
EXCEPTION_POINTERS = _EXCEPTION_POINTERS;
{$EXTERNALSYM EXCEPTION_POINTERS}
TExceptionPointers = EXCEPTION_POINTERS;
PExceptionPointers = PEXCEPTION_POINTERS;
PACCESS_TOKEN = Pointer;
{$EXTERNALSYM PACCESS_TOKEN}
////////////////////////////////////////////////////////////////////////
// //
// ACCESS MASK //
// //
////////////////////////////////////////////////////////////////////////
//
// Define the access mask as a longword sized structure divided up as
// follows:
//
// 3 3 2 2 2 2 2 2 2 2 2 2 1 1 1 1 1 1 1 1 1 1
// 1 0 9 8 7 6 5 4 3 2 1 0 9 8 7 6 5 4 3 2 1 0 9 8 7 6 5 4 3 2 1 0
// +---------------+---------------+-------------------------------+
// |G|G|G|G|Res'd|A| StandardRights| SpecificRights |
// |R|W|E|A| |S| | |
// +-+-------------+---------------+-------------------------------+
//
// typedef struct _ACCESS_MASK {
// WORD SpecificRights;
// BYTE StandardRights;
// BYTE AccessSystemAcl : 1;
// BYTE Reserved : 3;
// BYTE GenericAll : 1;
// BYTE GenericExecute : 1;
// BYTE GenericWrite : 1;
// BYTE GenericRead : 1;
// } ACCESS_MASK;
// typedef ACCESS_MASK *PACCESS_MASK;
//
// but to make life simple for programmer's we'll allow them to specify
// a desired access mask by simply OR'ing together mulitple single rights
// and treat an access mask as a DWORD. For example
//
// DesiredAccess = DELETE | READ_CONTROL
//
// So we'll declare ACCESS_MASK as DWORD
//
type
ACCESS_MASK = DWORD;
{$EXTERNALSYM ACCESS_MASK}
PACCESS_MASK = ^ACCESS_MASK;
{$EXTERNALSYM PACCESS_MASK}
////////////////////////////////////////////////////////////////////////
// //
// ACCESS TYPES //
// //
////////////////////////////////////////////////////////////////////////
//
// The following are masks for the predefined standard access types
//
const
DELETE = ($00010000);
{$EXTERNALSYM DELETE}
READ_CONTROL = ($00020000);
{$EXTERNALSYM READ_CONTROL}
WRITE_DAC = ($00040000);
{$EXTERNALSYM WRITE_DAC}
WRITE_OWNER = ($00080000);
{$EXTERNALSYM WRITE_OWNER}
SYNCHRONIZE = ($00100000);
{$EXTERNALSYM SYNCHRONIZE}
STANDARD_RIGHTS_REQUIRED = ($000F0000);
{$EXTERNALSYM STANDARD_RIGHTS_REQUIRED}
STANDARD_RIGHTS_READ = (READ_CONTROL);
{$EXTERNALSYM STANDARD_RIGHTS_READ}
STANDARD_RIGHTS_WRITE = (READ_CONTROL);
{$EXTERNALSYM STANDARD_RIGHTS_WRITE}
STANDARD_RIGHTS_EXECUTE = (READ_CONTROL);
{$EXTERNALSYM STANDARD_RIGHTS_EXECUTE}
STANDARD_RIGHTS_ALL = ($001F0000);
{$EXTERNALSYM STANDARD_RIGHTS_ALL}
SPECIFIC_RIGHTS_ALL = ($0000FFFF);
{$EXTERNALSYM SPECIFIC_RIGHTS_ALL}
//
// AccessSystemAcl access type
//
ACCESS_SYSTEM_SECURITY = ($01000000);
{$EXTERNALSYM ACCESS_SYSTEM_SECURITY}
//
// MaximumAllowed access type
//
MAXIMUM_ALLOWED = ($02000000);
{$EXTERNALSYM MAXIMUM_ALLOWED}
//
// These are the generic rights.
//
GENERIC_READ = DWORD($80000000);
{$EXTERNALSYM GENERIC_READ}
GENERIC_WRITE = ($40000000);
{$EXTERNALSYM GENERIC_WRITE}
GENERIC_EXECUTE = ($20000000);
{$EXTERNALSYM GENERIC_EXECUTE}
GENERIC_ALL = ($10000000);
{$EXTERNALSYM GENERIC_ALL}
//
// Define the generic mapping array. This is used to denote the
// mapping of each generic access right to a specific access mask.
//
type
PGENERIC_MAPPING = ^GENERIC_MAPPING;
{$EXTERNALSYM PGENERIC_MAPPING}
_GENERIC_MAPPING = record
GenericRead: ACCESS_MASK;
GenericWrite: ACCESS_MASK;
GenericExecute: ACCESS_MASK;
GenericAll: ACCESS_MASK;
end;
{$EXTERNALSYM _GENERIC_MAPPING}
GENERIC_MAPPING = _GENERIC_MAPPING;
{$EXTERNALSYM GENERIC_MAPPING}
TGenericMapping = GENERIC_MAPPING;
PGenericMapping = PGENERIC_MAPPING;
////////////////////////////////////////////////////////////////////////
// //
// LUID_AND_ATTRIBUTES //
// //
////////////////////////////////////////////////////////////////////////
//
//
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -