From 8e362ebc3c07c6786914508a4d37f0dfec5959c7 Mon Sep 17 00:00:00 2001
From: daniel <daniel@planethacker.net>
Date: Wed, 7 May 2025 08:31:50 -0700
Subject: initial commit

---
 verifier.h | 36 ++++++++++++++++++++++++++++++++++++
 1 file changed, 36 insertions(+)
 create mode 100644 verifier.h

(limited to 'verifier.h')

diff --git a/verifier.h b/verifier.h
new file mode 100644
index 0000000..f8ae50e
--- /dev/null
+++ b/verifier.h
@@ -0,0 +1,36 @@
+#pragma once
+
+#include <Windows.h>
+
+#define DLL_PROCESS_VERIFIER 4
+
+typedef VOID (NTAPI * RTL_VERIFIER_DLL_LOAD_CALLBACK) (PWSTR DllName, PVOID DllBase, SIZE_T DllSize, PVOID Reserved);
+typedef VOID (NTAPI * RTL_VERIFIER_DLL_UNLOAD_CALLBACK) (PWSTR DllName, PVOID DllBase, SIZE_T DllSize, PVOID Reserved);
+typedef VOID (NTAPI * RTL_VERIFIER_NTDLLHEAPFREE_CALLBACK) (PVOID AllocationBase, SIZE_T AllocationSize);
+
+typedef struct _RTL_VERIFIER_THUNK_DESCRIPTOR {
+  PCHAR ThunkName;
+  PVOID ThunkOldAddress;
+  PVOID ThunkNewAddress;
+} RTL_VERIFIER_THUNK_DESCRIPTOR, *PRTL_VERIFIER_THUNK_DESCRIPTOR;
+
+typedef struct _RTL_VERIFIER_DLL_DESCRIPTOR {
+  PWCHAR DllName;
+  DWORD DllFlags;
+  PVOID DllAddress;
+  PRTL_VERIFIER_THUNK_DESCRIPTOR DllThunks;
+} RTL_VERIFIER_DLL_DESCRIPTOR, *PRTL_VERIFIER_DLL_DESCRIPTOR;
+
+typedef struct _RTL_VERIFIER_PROVIDER_DESCRIPTOR {
+  DWORD Length;
+  PRTL_VERIFIER_DLL_DESCRIPTOR ProviderDlls;
+  RTL_VERIFIER_DLL_LOAD_CALLBACK ProviderDllLoadCallback;
+  RTL_VERIFIER_DLL_UNLOAD_CALLBACK ProviderDllUnloadCallback;
+  PWSTR VerifierImage;
+  DWORD VerifierFlags;
+  DWORD VerifierDebug;
+  PVOID RtlpGetStackTraceAddress;
+  PVOID RtlpDebugPageHeapCreate;
+  PVOID RtlpDebugPageHeapDestroy;
+  RTL_VERIFIER_NTDLLHEAPFREE_CALLBACK ProviderNtdllHeapFreeCallback;
+} RTL_VERIFIER_PROVIDER_DESCRIPTOR, *PRTL_VERIFIER_PROVIDER_DESCRIPTOR;
-- 
cgit v1.2.3