[PATCH 1/2] ntoskrnl.exe: Implement IoGetCurrentProcess and KeGetCurrentThread.
Thomas Faber
thfabba at gmx.de
Thu Oct 4 06:18:57 CDT 2012
On 2012-10-04 13:07, Christian Costa wrote:
> 2012/10/4 Paul Chitescu <paulc at voip.null.ro>
>> AFAIK the structure differs for each major version of Windows and some SP
>> too.
>>
>>
> I was expecting something like this. :(
>
>
>> At the minimum I saw some drivers expecting that at the returned pointer
>> to be
>> a "System" C-style string.
>>
>
> Which windows version it is ? In Vista definition the first basic element
> can be either an UCHAR or an ULONG. Not a char buffer.
What all versions have in common is that processes are dispatcher
objects. Thus the EPROCESS/KPROCESS structure starts with a
DISPATCHER_HEADER.
More information about the wine-devel
mailing list