windows-xp/Source/XPSP1/NT/base/published/apcompat.w

//
// Helpful macro
//
#define FIELDOFFSET(type, field)        ((int)(&((type *)1)->field)-1)


//
// The macro that should be used to check for apphack flags
//

#define APPCOMPATFLAG(_flag)    (NtCurrentPeb()->AppCompatFlags.QuadPart & (_flag))

//
// Application compatibility flags and information
//

#define KACF_OLDGETSHORTPATHNAME  0x00000001  // Don't be like Win9x: in GetShortPathName(), NT 4
                                              // did not care if the file existed - it would give
                                              // the short path name anyway.  This behavior was
                                              // changed in NT 5 (Win2000) to reflect behavior of
                                              // Win9x which will fail if the file does not exist.
                                              // Turning on this flag will give the old behavior
                                              // for the app.
#define KACF_VERSIONLIE           0x00000002  // Used to signify app will
                                              // be lied to wrt what version
                                              // of the OS its running on via
                                              // GetVersion(), GetVersionEx()
#define KACF_GETDISKFREESPACE     0x00000008  // Make GetDiskFreeSpace 2G friendly

#define KACF_GETTEMPPATH          0x00000010  // Make GetTempPath return x:\temp

#define KACF_FTMFROMCURRENTAPT    0x00000020  // If set, a DCOM Free-Threaded-Marshaled Object has
                                              // its' stub parked in the apartment that the object is
                                              // marshaled from instead of the Neutral-Apartment.
                                              // Having to set this bit indicates a busted App
                                              // that is not following the rules for FTM objects. The
                                              // app probably has other subtle problems that NT 4 or
                                              // Win9x didn't show. Blindly using the ATL wizard to
                                              // enable using the FTM is usually the source of the bug.

#define KACF_DISALLOWORBINDINGCHANGES  0x00000040  // If set, the process will not be notified of changes
                                                   // in the local machine bindings used by COM.

#define KACF_OLE32VALIDATEPTRS    0x00000080  // If set, ole32.dll will use the IsBadReadPtr family of
                                              // functions to verify pointer arguments in the standard COM APIs.
                                              // This was the default behavior on all platforms prior to Whistler.

#define KACF_DISABLECICERO        0x00000100  // If set, Cicero support for the current process
                                              // is disabled.

enum {
    AVT_OSVERSIONINFO = 1,    // Designates that an OSVERSIONINFO type info is contained within
    AVT_PATCHINFO             // Designates that patching info is contained within
    };
    
//
// This variable length struct is the main basic data type contained within
// the ApplicationGoo registry entry.  Anything can be contained within here:
// ResourceVersionInfo, VersionlyingInfo, patches, etc.  You need to use the
// XXX function to bounce down these correctly.
//
typedef struct _APP_VARIABLE_INFO {

    //
    // Type of variable length struct (defined above)
    //
    ULONG   dwVariableType;

    //
    // Total size of this particular variable length struct
    //
    ULONG   dwVariableInfoSize;

    //
    // The variable length data itself is to follow.  It's commented out
    // as the length is undefined, could even be zero.
    //
//  UCHAR   VariableInfo[];


} APP_VARIABLE_INFO, *PAPP_VARIABLE_INFO;

typedef struct _PRE_APP_COMPAT_INFO {

    //
    // Total size of this entry
    //
    ULONG   dwEntryTotalSize;

    //
    // Amount of version resource information present in this entry
    //
    ULONG   dwResourceInfoSize;

    //
    // Actual version resource information itself.  It's commented out
    // as some apps have no version info.  For the apps that do, below
    // is where it would start
    //
//  UCHAR   ResourceInfo[];


} PRE_APP_COMPAT_INFO, *PPRE_APP_COMPAT_INFO;

//
// This struct is what is read directly out of the registry under 
// HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\EXEname - ApplicationGoo.
// Its a "Pre" structure cuz we won't be keeping all of it, if we decide its
// a match to the app in question.  You should make no assumptions of what
// is contained beyond AppCompatEntry, as everything will be variable length.
// If a match is found to the app being executed, a cleaner "Post" structure
// is made and should be used by all.
//
typedef struct _APP_COMPAT_GOO {
    
    //
    // Total size of the "Pre" structure
    //
    ULONG               dwTotalGooSize;

    //
    // At least one "Pre" app compat entry will be present (possibly more)
    //
    PRE_APP_COMPAT_INFO AppCompatEntry[1];


} APP_COMPAT_GOO, *PAPP_COMPAT_GOO;


//
// This is the "Post" app compat structure.  Variable length data can follow
// the CompatibilityFlags field, so you should use the XXX function to find
// any variable length data you might have in here.  We have a "Pre" and 
// "Post" struct to try and save space in the registry and in resident RAM.
//
typedef struct _APP_COMPAT_INFO {

    //
    // Size of app compat entry
    //
    ULONG               dwTotalSize;

    //
    // Bitmask of various app compat flags, see KACF definitions
    //
    ULARGE_INTEGER      CompatibilityFlags;

    //
    // We may have zero, or many APP_VARIABLE_INFO structs to follow
    //


} APP_COMPAT_INFO, *PAPP_COMPAT_INFO;


typedef struct {
    ULONG dwOSVersionInfoSize;
    ULONG dwMajorVersion;
    ULONG dwMinorVersion;
    ULONG dwBuildNumber;
    ULONG dwPlatformId;
    USHORT wServicePackMajor;
    USHORT wServicePackMinor;
    USHORT wSuiteMask;
    UCHAR  wProductType;
    UCHAR  wReserved;
    WCHAR  szCSDVersion[ 128 ];
} EFFICIENTOSVERSIONINFOEXW, *PEFFICIENTOSVERSIONINFOEXW;

//
// New shim application compatibility flags and information
//

#define KACF_DISABLESYSKEYMESSAGES 0x00000001 // Sucks up WM_SYSKEYUP, WM_SYSKEYDOWN, WM_SYSMENU
                                              // so a particular app will not be able to alt-tab
                                              // to the desktop


typedef struct _APP_COMPAT_SHIM_INFO {
    //
    // List of API hooked
    //
    PVOID pHookAPIList;

    //
    // List of patch hooks
    //
    PVOID pHookPatchList;

    //
    // List of the APIs to be hooked
    //
    PVOID ppHookAPI;   

    //
    // Count of hooked APIs
    //
    ULONG dwHookAPICount;

    //
    // Exe specific inclusions/exclusion
    //
    PVOID pExeFilter;

    //
    // Global exclusions
    //
    PVOID pGlobalFilterList;

    //
    // Late bound DLL exclusions
    //
    PVOID pLBFilterList;

    //
    // Crit sec
    //
    PVOID pCritSec;

    //
    // Shim heap
    //
   PVOID pShimHeap;

} APP_COMPAT_SHIM_INFO, *PAPP_COMPAT_SHIM_INFO;