Brendan Shanks : ntdll: Pad HEAP structure so 'flags' offset matches recent Windows.

Alexandre Julliard julliard at winehq.org
Tue Aug 11 16:26:51 CDT 2020


Module: wine
Branch: master
Commit: fd80e0300cbec55fe637714d3b02128616cdd570
URL:    https://source.winehq.org/git/wine.git/?a=commit;h=fd80e0300cbec55fe637714d3b02128616cdd570

Author: Brendan Shanks <bshanks at codeweavers.com>
Date:   Fri Aug  7 11:40:52 2020 -0700

ntdll: Pad HEAP structure so 'flags' offset matches recent Windows.

Needed for Red Dead Redemption 2 to pass anti-debugger checks, it
accesses 'flags' and 'force_flags' at a fixed offset of the ProcessHeap.

Wine-Bug: https://bugs.winehq.org/show_bug.cgi?id=49666
Signed-off-by: Brendan Shanks <bshanks at codeweavers.com>
Signed-off-by: Alexandre Julliard <julliard at winehq.org>

---

 dlls/ntdll/heap.c | 8 +++++++-
 1 file changed, 7 insertions(+), 1 deletion(-)

diff --git a/dlls/ntdll/heap.c b/dlls/ntdll/heap.c
index f3c76cc82b..1ac0cb2480 100644
--- a/dlls/ntdll/heap.c
+++ b/dlls/ntdll/heap.c
@@ -145,7 +145,13 @@ typedef struct tagSUBHEAP
 typedef struct tagHEAP
 {
     DWORD_PTR        unknown1[2];
-    DWORD            unknown2;
+    DWORD            unknown2[2];
+    DWORD_PTR        unknown3[4];
+    DWORD            unknown4;
+    DWORD_PTR        unknown5[2];
+    DWORD            unknown6[3];
+    DWORD_PTR        unknown7[2];
+    /* For Vista through 10, 'flags' is at offset 0x40 (x86) / 0x70 (x64) */
     DWORD            flags;         /* Heap flags */
     DWORD            force_flags;   /* Forced heap flags for debugging */
     SUBHEAP          subheap;       /* First sub-heap */




More information about the wine-cvs mailing list