2009-01-14:

Windows 7 - short list of changes in kernel32.dll exports

win7:windows:winapi:easy:re
Finally You can download the official Windows 7 Beta release (unofficially You could do it for some time now). So I've downloaded it, installed it (looks cool), and started to play...

The first think was to checkout what changed in the kernel32.dll exports. I've compared the Win7 exports with Vista SP1, and it seems they added many functions, and removed a few too.

The removed functions:

< ConsoleIMERoutine - An undocumented function that has something to do with Asian languages and the conime.exe process.
< GetCPFileNameFromRegistry - Another undocumented function - it retrieves the name of the an .nls file for the given code page. It's worth checking out it's implementation in the ReactOS project (@ google/codesearch).
< NlsConvertIntegerToString - Almost a wrapper on RtlIntegerToUnicodeString.

They also added some new functions. Some of them are forwards to other DLLs, and their final implementation looks like this: retn X. I'll write something more about them when I know learn something more ;D
Update: Deus noticed that the K32* functions are the functions from psapi.dll

> AddIntegrityLabelToBoundaryDescriptor
> BaseCheckAppcompatCacheEx
> BaseDllReadWriteIniFile
> BaseFormatObjectAttributes
> BaseFormatTimeOut
> BaseGetNamedObjectDirectory
> BaseSetLastNTError
> BaseVerifyUnicodeString
> Basep8BitStringToDynamicUnicodeString
> BasepAllocateActivationContextActivationBlock
> BasepAnsiStringToDynamicUnicodeString
> BasepFreeActivationContextActivationBlock
> BasepIsRealtimeAllowed
> BasepMapModuleHandle
> CopyExtendedContext
> CreateRemoteThreadEx
> FindStringOrdinal
> GetActiveProcessorCount
> GetActiveProcessorGroupCount
> GetCurrentProcessorNumberEx
> GetEnabledExtendedFeatures
> GetEraNameCountedString
> GetExtendedContextLength
> GetExtendedFeaturesMask
> GetLogicalProcessorInformationEx
> GetMaximumProcessorCount
> GetMaximumProcessorGroupCount
> GetNumaAvailableMemoryNodeEx
> GetNumaNodeNumberFromHandle
> GetNumaNodeProcessorMaskEx
> GetNumaProcessorNodeEx
> GetNumaProximityNodeEx
> GetProcessGroupAffinity
> GetProcessPreferredUILanguages
> GetProcessorSystemCycleTime
> GetSystemInfoInternal
> GetThreadErrorMode
> GetThreadGroupAffinity
> GetThreadIdealProcessorEx
> InitializeExtendedContext
> K32EmptyWorkingSet
> K32EnumDeviceDrivers
> K32EnumPageFilesA
> K32EnumPageFilesW
> K32EnumProcessModules
> K32EnumProcessModulesEx
> K32EnumProcesses
> K32GetDeviceDriverBaseNameA
> K32GetDeviceDriverBaseNameW
> K32GetDeviceDriverFileNameA
> K32GetDeviceDriverFileNameW
> K32GetMappedFileNameA
> K32GetMappedFileNameW
> K32GetModuleBaseNameA
> K32GetModuleBaseNameW
> K32GetModuleFileNameExA
> K32GetModuleFileNameExW
> K32GetModuleInformation
> K32GetPerformanceInfo
> K32GetProcessImageFileNameA
> K32GetProcessImageFileNameW
> K32GetProcessMemoryInfo
> K32GetWsChanges
> K32GetWsChangesEx
> K32InitializeProcessForWsWatch
> K32QueryWorkingSet
> K32QueryWorkingSetEx
> LoadAppInitDlls
> LocateExtendedFeature
> LocateLegacyContext
> NotifyMountMgr
> PowerClearRequest
> PowerCreateRequest
> PowerSetRequest
> QueryIdleProcessorCycleTimeEx
> QueryThreadpoolStackInformation
> QueryUnbiasedInterruptTime
> RaiseFailFastException
> ResolveLocaleName
> SetExtendedFeaturesMask
> SetProcessPreferredUILanguages
> SetSearchPathMode
> SetThreadErrorMode
> SetThreadGroupAffinity
> SetThreadIdealProcessorEx
> SetThreadpoolStackInformation
> SetWaitableTimerEx
> SortCloseHandle
> SortGetHandle
> TryAcquireSRWLockExclusive
> TryAcquireSRWLockShared
> WerRegisterRuntimeExceptionModule
> WerUnregisterRuntimeExceptionModule


The end for now.

Add a comment:

Nick:
URL (optional):
Math captcha: 6 ∗ 8 + 4 =