[PATCH] ntdll: Pad HEAP structure so 'flags' offset matches recent Windows.
Brendan Shanks
bshanks at codeweavers.com
Fri Aug 7 13:40:52 CDT 2020
Needed for Red Dead Redemption 2 to pass anti-debugger checks, it
accesses 'flags' and 'force_flags' at a fixed offset of the ProcessHeap.
Wine-Bug: https://bugs.winehq.org/show_bug.cgi?id=49666
Signed-off-by: Brendan Shanks <bshanks at codeweavers.com>
---
dlls/ntdll/heap.c | 8 +++++++-
1 file changed, 7 insertions(+), 1 deletion(-)
diff --git a/dlls/ntdll/heap.c b/dlls/ntdll/heap.c
index f3c76cc82b0..1ac0cb24806 100644
--- a/dlls/ntdll/heap.c
+++ b/dlls/ntdll/heap.c
@@ -145,7 +145,13 @@ typedef struct tagSUBHEAP
typedef struct tagHEAP
{
DWORD_PTR unknown1[2];
- DWORD unknown2;
+ DWORD unknown2[2];
+ DWORD_PTR unknown3[4];
+ DWORD unknown4;
+ DWORD_PTR unknown5[2];
+ DWORD unknown6[3];
+ DWORD_PTR unknown7[2];
+ /* For Vista through 10, 'flags' is at offset 0x40 (x86) / 0x70 (x64) */
DWORD flags; /* Heap flags */
DWORD force_flags; /* Forced heap flags for debugging */
SUBHEAP subheap; /* First sub-heap */
--
2.26.2
More information about the wine-devel
mailing list