blob: 277738fb3b76b4bb3aaeb85d8106d1fbfcd6851e (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
|
LIBRARY ntdll
EXPORTS
DbgSsInitialize
DbgSsHandleKmApiMsg
DbgUiConnectToDbg
DbgUiWaitStateChange
DbgUiContinue
DbgBreakPoint
DbgPrint
DbgPrompt
DbgUserBreakPoint
KiUserApcDispatcher
KiUserCallbackDispatcher
KiUserExceptionDispatcher
KiRaiseUserExceptionDispatcher
LdrAccessResource
LdrEnumResources
LdrFindEntryForAddress
LdrFindResource_U
LdrFindResourceDirectory_U
LdrGetDllHandle
LdrGetProcedureAddress
LdrInitializeThunk
LdrLoadDll
LdrShutdownProcess
LdrShutdownThread
LdrUnloadDll
LdrDisableThreadCalloutsForDll
NlsMbCodePageTag CONSTANT // Data - use pointer for access
NlsMbOemCodePageTag CONSTANT // Data - use pointer for access
NlsAnsiCodePage CONSTANT // Data - use pointer for access
PfxFindPrefix
PfxInitialize
PfxInsertPrefix
PfxRemovePrefix
RtlAbortRXact
RtlAbsoluteToSelfRelativeSD
RtlAcquirePebLock
RtlAcquireResourceExclusive
RtlAcquireResourceShared
RtlAddAccessAllowedAce
RtlAddAccessDeniedAce
RtlAddCompoundAce
RtlAddAce
RtlAddActionToRXact
RtlAddAtomToAtomTable
RtlAddAttributeActionToRXact
RtlAddAuditAccessAce
RtlAdjustPrivilege
RtlAllocateAndInitializeSid
RtlAllocateHandle
RtlAllocateHeap
RtlAnsiCharToUnicodeChar
RtlAnsiStringToUnicodeSize=RtlxAnsiStringToUnicodeSize
RtlAnsiStringToUnicodeString
RtlAppendAsciizToString
RtlAppendStringToString
RtlAppendUnicodeToString
RtlAppendUnicodeStringToString
RtlApplyRXact
RtlApplyRXactNoFlush
RtlAreAllAccessesGranted
RtlAreAnyAccessesGranted
RtlAreBitsClear
RtlAreBitsSet
RtlAssert
RtlCharToInteger
RtlCheckRegistryKey
RtlClearAllBits
RtlClearBits
RtlCompactHeap
RtlCompareMemory
RtlCompareMemoryUlong
RtlCompareString
RtlCompareUnicodeString
RtlCompressBuffer
RtlConvertExclusiveToShared
RtlConvertLongToLargeInteger
RtlConvertSharedToExclusive
RtlConvertSidToUnicodeString
RtlConvertUlongToLargeInteger
RtlConvertUiListToApiList
RtlCopyLuid
RtlCopyLuidAndAttributesArray
RtlCopySecurityDescriptor
RtlCopySid
RtlCopySidAndAttributesArray
RtlCopyString
RtlCopyUnicodeString
RtlCreateAcl
RtlCreateAndSetSD
RtlCreateAtomTable
RtlCreateEnvironment
RtlCreateHeap
RtlCreateProcessParameters
RtlCreateRegistryKey
RtlCreateSecurityDescriptor
RtlCreateUnicodeString
RtlCreateUnicodeStringFromAsciiz
RtlCreateUserProcess
RtlCreateUserSecurityObject
RtlCreateUserThread
RtlDecompressBuffer
RtlDecompressFragment
RtlDelete
RtlDeleteNoSplay
RtlDeleteAce
RtlDeleteAtomFromAtomTable
RtlDeleteCriticalSection
RtlDeleteElementGenericTable
RtlDeleteRegistryValue
RtlDeleteResource
RtlDeleteSecurityObject
RtlDeNormalizeProcessParams
RtlDestroyAtomTable
RtlDestroyEnvironment
RtlDestroyHandleTable
RtlDestroyHeap
RtlDestroyProcessParameters
RtlDetermineDosPathNameType_U
RtlDoesFileExists_U
RtlDosPathNameToNtPathName_U
RtlDosSearchPath_U
RtlDowncaseUnicodeString
RtlDumpResource
RtlEmptyAtomTable
RtlEnlargedIntegerMultiply
RtlEnlargedUnsignedMultiply
RtlEnterCriticalSection
RtlEnumerateGenericTable
RtlEnumerateGenericTableWithoutSplaying
RtlEnumProcessHeaps
RtlEqualComputerName
RtlEqualDomainName
RtlEqualLuid
RtlEqualPrefixSid
RtlEqualSid
RtlEqualString
RtlEqualUnicodeString
RtlEraseUnicodeString
RtlExtendedIntegerMultiply
RtlEnlargedUnsignedDivide
RtlExtendedLargeIntegerDivide
RtlExtendedMagicDivide
RtlExpandEnvironmentStrings_U
RtlFillMemory
RtlFillMemoryUlong
RtlFindClearBits
RtlFindClearBitsAndSet
RtlFindLongestRunClear
RtlFindLongestRunSet
RtlFindMessage
RtlFindSetBits
RtlFindSetBitsAndClear
RtlFirstFreeAce
RtlFormatMessage
RtlFormatCurrentUserKeyPath
RtlFreeAnsiString
RtlFreeHandle
RtlFreeHeap
RtlFreeOemString
RtlFreeSid
RtlFreeUnicodeString
RtlFreeUserThreadStack
RtlGenerate8dot3Name
RtlGetAce
RtlGetCompressionWorkSpaceSize
RtlGetControlSecurityDescriptor
RtlSetAttributesSecurityDescriptor
RtlGetCurrentDirectory_U
RtlGetDaclSecurityDescriptor
RtlGetElementGenericTable
RtlGetFullPathName_U
RtlGetGroupSecurityDescriptor
RtlGetLongestNtPathLength
RtlGetUserInfoHeap
RtlGetNtGlobalFlags
RtlGetNtProductType
RtlGetOwnerSecurityDescriptor
RtlGetSaclSecurityDescriptor
RtlIdentifierAuthoritySid
RtlImageDirectoryEntryToData
RtlImageNtHeader
RtlImageRvaToSection
RtlImageRvaToVa
RtlImpersonateSelf
RtlInitAnsiString
RtlInitializeAtomPackage
RtlInitializeBitMap
RtlInitializeContext
RtlInitializeCriticalSection
RtlInitializeGenericTable
RtlInitializeHandleTable
RtlInitializeResource
RtlInitializeRXact
RtlInitializeSid
RtlInitString
RtlInitUnicodeString
RtlInsertElementGenericTable
RtlIntegerToChar
RtlIntegerToUnicodeString
RtlIsDosDeviceName_U
RtlIsGenericTableEmpty
RtlIsNameLegalDOS8Dot3
RtlIsValidHandle
RtlIsValidIndexHandle
RtlLargeIntegerAdd
RtlLargeIntegerArithmeticShift
RtlLargeIntegerDivide
RtlLargeIntegerNegate
RtlLargeIntegerShiftLeft
RtlLargeIntegerShiftRight
RtlLargeIntegerSubtract
RtlLargeIntegerToChar
RtlLeaveCriticalSection
RtlLengthRequiredSid
RtlLengthSecurityDescriptor
RtlLengthSid
RtlLockHeap
RtlLookupAtomInAtomTable
RtlLookupElementGenericTable
RtlMakeSelfRelativeSD
RtlMapGenericMask
RtlMoveMemory
RtlConsoleMultiByteToUnicodeN
RtlMultiByteToUnicodeN
RtlMultiByteToUnicodeSize
RtlNewInstanceSecurityObject
RtlNewSecurityGrantedAccess
RtlNewSecurityObject
RtlNormalizeProcessParams
RtlNtStatusToDosError
RtlNumberGenericTableElements
RtlNumberOfClearBits
RtlNumberOfSetBits
RtlOemStringToUnicodeSize=RtlxOemStringToUnicodeSize
RtlOemStringToUnicodeString
RtlOemToUnicodeN
RtlOpenCurrentUser
RtlPcToFileHeader
RtlpNtCreateKey
RtlpNtEnumerateSubKey
RtlpNtMakeTemporaryKey
RtlpNtOpenKey
RtlpNtQueryValueKey
RtlpNtSetValueKey
RtlPinAtomInAtomTable
RtlPrefixString
RtlPrefixUnicodeString
RtlQueryAtomInAtomTable
RtlQueryEnvironmentVariable_U
RtlQueryInformationAcl
RtlQueryRegistryValues
RtlQuerySecurityObject
RtlQueryTimeZoneInformation
RtlRaiseException
RtlRaiseStatus
RtlRandom
RtlReAllocateHeap
RtlRealPredecessor
RtlRealSuccessor
RtlReleasePebLock
RtlReleaseResource
RtlRemoteCall
RtlRunDecodeUnicodeString
RtlRunEncodeUnicodeString
RtlSecondsSince1970ToTime
RtlSecondsSince1980ToTime
RtlSelfRelativeToAbsoluteSD
RtlSetAllBits
RtlSetBits
RtlSetCurrentDirectory_U
RtlSetCurrentEnvironment
RtlSetDaclSecurityDescriptor
RtlSetEnvironmentVariable
RtlSetGroupSecurityDescriptor
RtlSetUserValueHeap
RtlSetUserFlagsHeap
RtlSetInformationAcl
RtlSetOwnerSecurityDescriptor
RtlSetSaclSecurityDescriptor
RtlSetSecurityObject
RtlSetTimeZoneInformation
RtlSizeHeap
RtlSplay
RtlStartRXact
RtlSubAuthorityCountSid
RtlSubAuthoritySid
RtlSubtreePredecessor
RtlSubtreeSuccessor
RtlTimeToElapsedTimeFields
RtlTimeFieldsToTime
RtlTimeToSecondsSince1970
RtlTimeToSecondsSince1980
RtlTimeToTimeFields
RtlTryEnterCriticalSection
RtlUnicodeStringToAnsiSize=RtlxUnicodeStringToAnsiSize
RtlUnicodeStringToAnsiString
RtlUnicodeStringToInteger
RtlUnicodeStringToOemSize=RtlxUnicodeStringToOemSize
RtlUnicodeStringToOemString
RtlUnicodeStringToCountedOemString
RtlUnicodeToMultiByteN
RtlUnicodeToOemN
RtlUnicodeToMultiByteSize
RtlUniform
RtlUnlockHeap
RtlUnwind
RtlUpcaseUnicodeChar
RtlUpcaseUnicodeString
RtlUpcaseUnicodeStringToAnsiString
RtlUpcaseUnicodeStringToOemString
RtlUpcaseUnicodeStringToCountedOemString
RtlUpcaseUnicodeToMultiByteN
RtlUpcaseUnicodeToOemN
RtlUpperChar
RtlUpperString
RtlValidAcl
RtlValidSecurityDescriptor
RtlValidSid
RtlWalkHeap
RtlWriteRegistryValue
RtlxAnsiStringToUnicodeSize
RtlxOemStringToUnicodeSize
RtlxUnicodeStringToAnsiSize
RtlxUnicodeStringToOemSize
RtlZeroHeap
RtlZeroMemory
RtlSystemTimeToLocalTime
RtlLocalTimeToSystemTime
CsrClientConnectToServer
CsrClientCallServer
CsrAllocateCaptureBuffer
CsrFreeCaptureBuffer
CsrAllocateMessagePointer
CsrAllocateCapturePointer
CsrCaptureMessageBuffer
CsrCaptureMessageString
CsrCaptureTimeout
CsrProbeForWrite
CsrProbeForRead
CsrNewThread
CsrIdentifyAlertableThread
CsrSetPriorityClass
RtlCutoverTimeToSystemTime
RtlExtendHeap
RtlUsageHeap
RtlCreateTagHeap
RtlQueryTagHeap
RtlGetProcessHeaps
RtlCreateQueryDebugBuffer
RtlDestroyQueryDebugBuffer
RtlQueryProcessDebugInformation
atan
tan
sin
cos
ceil
floor
log
pow
sqrt
abs
fabs
labs
#if DBG
RtlCreateEventId
RtlLogEvent
RtlCreateEventLog
RtlWaitForEvent
RtlDestroyEventLog
#endif
#if DBG
RtlpNotOwnerCriticalSection
#endif
RtlpWaitForCriticalSection
RtlpUnWaitCriticalSection
RtlIsTextUnicode
RtlGetCallersAddress
#if i386
#if !FPO
RtlInitializeStackTraceDataBase
RtlLogStackBackTrace
#endif // !FPO
RtlCaptureStackBackTrace
#endif // i386
RtlValidateHeap
RtlValidateProcessHeaps
RtlQueryProcessLockInformation
RtlQueryProcessBackTraceInformation
RtlQueryProcessHeapInformation
LdrQueryProcessModuleInformation
LdrQueryImageFileExecutionOptions
RtlInitNlsTables
RtlResetRtlTranslations
RtlCustomCPToUnicodeN
RtlUnicodeToCustomCPN
RtlUpcaseUnicodeToCustomCPN
RtlInitCodePageTable
LdrProcessRelocationBlock
LdrVerifyImageMatchesChecksum
strlen
strcpy
strstr
strchr
strrchr
strspn
strcspn
strpbrk
strcat
strcmp
strncmp
strncat
strncpy
strtol
strtoul
_strlwr
_stricmp
_strnicmp
_strcmpi
_strupr
toupper
tolower
towlower
towupper
wcslen
wcscpy
wcsstr
wcschr
wcstol
wcstoul
wcsrchr
wcscspn
wcspbrk
wcscat
wcscmp
wcsspn
wcsncmp
wcsncat
wcsncpy
_wcsupr
_wcslwr
_wcsicmp
_wcsnicmp
_memccpy
mbstowcs
wcstombs
memchr
memcmp
memset
memcpy
memmove
_memicmp
sprintf
_snprintf
swprintf
_snwprintf
vsprintf
_vsnprintf
sscanf
qsort
atol
_wtol
atoi
_wtoi
_atoi64
_wtoi64
_itoa
_itow
_i64toa
_i64tow
_ltoa
_ltow
_ultoa
_ultow
_splitpath
isupper
islower
isdigit
isalpha
isxdigit
isspace
ispunct
isalnum
isprint
isgraph
iscntrl
toupper
tolower
_tolower
_toupper
__isascii
__toascii
__iscsymf
__iscsym
iswalpha
iswctype
_fltused
RtlProtectHeap
#if defined(_CAIRO_) || DBG
#ifdef _CAIRO_
RtlGetDeletionLogServices
RtlRegisterDeletionLogService
RtlGetDeletionsAfter
OFSGetVersion
OFSGetCloseUsn // Obsolete
RtlGenerateUsn
OFSGetProp // Obsolete
OFSSetProp // Obsolete
OFSDeleteProp // Obsolete
OFSEnumProp // Obsolete
OFSEnumPropSet // Obsolete
RtlDeleteObject // Obsolete
RtlDeleteObjectByPath // Obsolete
RtlQueryClassId
RtlSetClassId
#endif
RtlQueryObjectId
RtlSetObjectId
RtlGenerateRelatedObjectId
RtlSetTunnelMode
RtlSearchVolume
#ifdef _CAIRO_
RtlQueryQuota
RtlOleIdToName
RtlNameToOleId
RtlSetReplicationState
#endif
#endif
RtlGuidToPropertySetName
RtlPropertySetNameToGuid
#ifdef _CAIRO_
RtlCreateMappedStream
RtlCloseMappedStream
#endif
RtlSetUnicodeCallouts
RtlCreatePropertySet
RtlClosePropertySet
RtlOnMappedStreamEvent
RtlFlushPropertySet
RtlSetProperties
RtlQueryProperties
#ifdef _CAIRO_
RtlQueryPropertiesDirect
#endif
RtlEnumerateProperties
RtlQueryPropertyNames
RtlSetPropertyNames
RtlSetPropertySetClassId
RtlQueryPropertySet
RtlCompareVariants
#ifdef _CAIRO_
RtlEnumeratePropertySets
RtlQueryCatalogColumns
RtlQueryCatalogRows
RtlUpdateCatalogRows
RtlEnumerateCatalogRowIds // Obsolete
RtlEnumerateCatalogRows // Obsolete
RtlGetCatalogRows // Obsolete
RtlUpdateCatalog // Obsolete
RtlDeleteCatalogRows // Obsolete
#endif
RtlConvertVariantToProperty
RtlConvertPropertyToVariant
PropertyLengthAsVariant
#if i386
?Allocate@CBufferAllocator@@UAEPAXK@Z
#else
?Allocate@CBufferAllocator@@UAAPAXK@Z
#endif
|
