rbmm

#pragma pack(push, 2 )
struct ICONDIRENTRY
{
	BYTE	bWidth;					// Width of the image
	BYTE	bHeight;				// Height of the image (times 2)
	BYTE	bColorCount;			// Number of colors in image (0 if >=8bpp)
	BYTE	bReserved;				// Reserved
	WORD	wPlanes;				// Color Planes
	WORD	wBitCount;				// Bits per pixel
	DWORD	dwBytesInRes;			// how many bytes in this resource?

rbmm

#pragma pack(push, 2 )
struct ICONDIRENTRY
{
	BYTE	bWidth;					// Width of the image
	BYTE	bHeight;				// Height of the image (times 2)
	BYTE	bColorCount;			// Number of colors in image (0 if >=8bpp)
	BYTE	bReserved;				// Reserved
	WORD	wPlanes;				// Color Planes
	WORD	wBitCount;				// Bits per pixel
	DWORD	dwBytesInRes;			// how many bytes in this resource?

rbmm

---- pp.cpp ---------------------------------------------------------------------
__declspec(dllimport) double __cdecl func(double t, unsigned int n);

double g(double t)
{
	return func(t, 0);
}

---- pp.asm --------------------------------------------------------------------

rbmm

void saw(PBYTE Base, PIMAGE_RESOURCE_DIRECTORY pird, ULONG Level, PCSTR prefix)
{
	PIMAGE_RESOURCE_DIRECTORY_ENTRY Entry = (PIMAGE_RESOURCE_DIRECTORY_ENTRY)(pird + 1);

	if (ULONG n = pird->NumberOfNamedEntries + pird->NumberOfIdEntries)
	{
		do 
		{
			WCHAR name[16];
			UNICODE_STRING Name;

rbmm

#define _malloca_s(size) ((size) < _ALLOCA_S_THRESHOLD ? alloca(size) : new BYTE[size])

inline void _freea_s(PVOID pv)
{
	PNT_TIB tib = (PNT_TIB)NtCurrentTeb();
	if (pv < tib->StackLimit || tib->StackBase <= pv) delete [] pv;
}

static HANDLE _G_hFile = 0;
static BOOLEAN _G_bConsole = FALSE;

rbmm

HRESULT scld(_In_ PCWSTR lpApplicationName, _In_ PCWSTR lpCommandLine)
{
	STARTUPINFOW si = { sizeof(si) };
	PROCESS_INFORMATION pi;
	ULONG len = (ULONG)(1 + wcslen(lpCommandLine)) * sizeof(WCHAR), len_ = (len + 7) & ~7;
	
	if (PWSTR buf = (PWSTR)_malloca(len_))
	{
		__stosq((ULONG64*)buf, '*' * 0x0001000100010001, len_ >> 3);

rbmm

#include "Strsafe.h "
struct ResultStatus
{
	HRESULT hr;
	NTSTATUS status;
};

enum class ReportFailureOptions { NtStatus, HResult };

// wil::details::

rbmm

HRESULT GetLastErrorEx(ULONG dwError = GetLastError())
{
	NTSTATUS status = RtlGetLastNtStatus();
	return dwError == RtlNtStatusToDosErrorNoTeb(status) ? HRESULT_FROM_NT(status) : HRESULT_FROM_WIN32(dwError);
}

NTSTATUS GetLogonSid(_In_ ULONG SessionId, _Out_ PSID_AND_ATTRIBUTES LogonSid)
{
	HANDLE hToken;

rbmm

inline ULONG BOOL_TO_ERROR(BOOL f)
{
	return f ? NOERROR : GetLastError();
}

#define case_INTERNET_CALLBACK_STATUS(x) case INTERNET_STATUS_##x: return #x;

PCSTR GetStatusName(DWORD dwInternetStatus)
{
	switch (dwInternetStatus)

rbmm

void PrintDevType(HANDLE hFile)
{
	IO_STATUS_BLOCK iosb;
	FILE_FS_DEVICE_INFORMATION ffdi;
	if (0 <= NtQueryVolumeInformationFile(hFile, &iosb, &ffdi, sizeof(ffdi), FileFsDeviceInformation))
	{
		DbgPrint("%x %x\n", ffdi.DeviceType, GetFileType(hFile));
	}
}