Jeetu Golani
2008-10-21 10:39:47 UTC
Hi there,
I've been snooping into the internals of Win XP and have setup a win32sys SDT
hook on the NtUserCreateWindowEx function.
I'd written sometime back to the list stating that the x,y,nWidth and nHeight
parameters were showing values I couldn't understand - negative values et al.
Since then I realized that this had to do with the fact that the parameter
positions in the prototype I was using seemed to be in a different order
(discovered a window.c file from this project on koders.com and was using
this prototype). I think this could possibly be because maybe the ros team
has been looking at a version of windows that isn't XP (possible??)..dunno
Anyways the parameter ordering I've deduced seems to be :
NtUserCreateWindowEx(DWORD dwExStyle,PUNICODE_STRING
UnsafeClassName,PUNICODE_STRING UnsafeWindowName,DWORD dwUnknown1,DWORD
dwStyle,LONG x, LONG y,LONG nWidth, LONG nHeight,HWND
hWndParent,HMENU,hMenu,HINSTANCE hInstance,LPVOID lpParam,DWORD
dwShowMode,DWORD dwUnknown2)
This seems to be correct with regards the
dwExStyle,dwStyle,x,y,nWidth,nHeight,hWndParent.hMenu,hInstance,lpParam
arguments.
I'm still not able to verify the rest. My immediate concern though are the
UnsafeClassName and UnsafeWindowName arguments.
I'm trying to print out these values...or test out what these values
hold...but can't seem to get anywhere....don't even know for sure if these
are UNICODE_STRING structure vals or LPCTSTR.
I'd like to be able to retrieve/interpret the ClassName and
WindowName......any help would be appreciated.
Bye for now
I've been snooping into the internals of Win XP and have setup a win32sys SDT
hook on the NtUserCreateWindowEx function.
I'd written sometime back to the list stating that the x,y,nWidth and nHeight
parameters were showing values I couldn't understand - negative values et al.
Since then I realized that this had to do with the fact that the parameter
positions in the prototype I was using seemed to be in a different order
(discovered a window.c file from this project on koders.com and was using
this prototype). I think this could possibly be because maybe the ros team
has been looking at a version of windows that isn't XP (possible??)..dunno
Anyways the parameter ordering I've deduced seems to be :
NtUserCreateWindowEx(DWORD dwExStyle,PUNICODE_STRING
UnsafeClassName,PUNICODE_STRING UnsafeWindowName,DWORD dwUnknown1,DWORD
dwStyle,LONG x, LONG y,LONG nWidth, LONG nHeight,HWND
hWndParent,HMENU,hMenu,HINSTANCE hInstance,LPVOID lpParam,DWORD
dwShowMode,DWORD dwUnknown2)
This seems to be correct with regards the
dwExStyle,dwStyle,x,y,nWidth,nHeight,hWndParent.hMenu,hInstance,lpParam
arguments.
I'm still not able to verify the rest. My immediate concern though are the
UnsafeClassName and UnsafeWindowName arguments.
I'm trying to print out these values...or test out what these values
hold...but can't seem to get anywhere....don't even know for sure if these
are UNICODE_STRING structure vals or LPCTSTR.
I'd like to be able to retrieve/interpret the ClassName and
WindowName......any help would be appreciated.
Bye for now