mirror-ac/driver/pool.h

#ifndef POOL_H
#define POOL_H

#include <ntifs.h>
#include "common.h"

#define REPORT_INVALID_PROCESS_BUFFER_SIZE 4096

typedef struct _INVALID_PROCESS_ALLOCATION_REPORT
{
	INT report_code;
	CHAR process[REPORT_INVALID_PROCESS_BUFFER_SIZE];

}INVALID_PROCESS_ALLOCATION_REPORT, * PINVALID_PROCESS_ALLOCATION_REPORT;

NTSTATUS
FindUnlinkedProcesses();

VOID
GetPsActiveProcessHead(
	_Out_ PUINT64 Address
);

PKDDEBUGGER_DATA64
GetGlobalDebuggerData();

NTSTATUS
EnumerateBigPoolAllocations();

#endif
page table walking stuff started 2023-08-26 14:07:06 +02:00			`#ifndef POOL_H`
			`#define POOL_H`

			`#include <ntifs.h>`
e 2023-09-02 15:47:15 +02:00			`#include "common.h"`
page table walking stuff started 2023-08-26 14:07:06 +02:00
e c: 2023-09-23 13:40:39 +02:00			`#define REPORT_INVALID_PROCESS_BUFFER_SIZE 4096`
bed time c: 2023-08-28 17:00:52 +02:00
			`typedef struct _INVALID_PROCESS_ALLOCATION_REPORT`
			`{`
			`INT report_code;`
da 2023-10-05 08:27:17 +02:00			`CHAR process[REPORT_INVALID_PROCESS_BUFFER_SIZE];`
bed time c: 2023-08-28 17:00:52 +02:00
da 2023-10-05 08:27:17 +02:00			`}INVALID_PROCESS_ALLOCATION_REPORT, * PINVALID_PROCESS_ALLOCATION_REPORT;`
bed time c: 2023-08-28 17:00:52 +02:00
da 2023-10-05 08:27:17 +02:00			`NTSTATUS`
add irp buffer validation 2023-11-09 08:30:59 +01:00			`FindUnlinkedProcesses();`
oh yea 2023-08-28 11:17:38 +02:00
da 2023-10-05 08:27:17 +02:00			`VOID`
fix apc free deadlock ting 2023-09-27 06:22:14 +02:00			`GetPsActiveProcessHead(`
sum stuff c: 2023-10-07 17:37:47 +02:00			`_Out_ PUINT64 Address`
c: 2023-08-30 11:19:41 +02:00			`);`

da 2023-10-05 08:27:17 +02:00			`PKDDEBUGGER_DATA64`
fix apc free deadlock ting 2023-09-27 06:22:14 +02:00			`GetGlobalDebuggerData();`
bed time c: 2023-08-29 19:36:58 +02:00
start big pool scan stuf 2023-11-08 16:02:17 +01:00			`NTSTATUS`
			`EnumerateBigPoolAllocations();`
fix some stoopid stuff 2023-10-07 07:27:22 +02:00
page table walking stuff started 2023-08-26 14:07:06 +02:00			`#endif`