网上找到的,对 Windows Heap 有详细的定义。
1 // file winheap.h 2 typedef void VOID; 3 typedef unsigned __int8 UINT8; 4 typedef unsigned __int16 UINT16; 5 typedef __int32 LONG32; 6 typedef unsigned __int32 ULONG32; 7 typedef unsigned __int64 UINT64; 8 9 // pseudo struct, for the PEB heap list 10 struct HEAPTABLE { 11 struct _HEAP *list[16]; 12 }; 13 14 struct _LIST_ENTRY { 15 struct _LIST_ENTRY *FLink; 16 struct _LIST_ENTRY *BLink; 17 }; 18 19 union _SLIST_HEADER { 20 struct _LIST_ENTRY le; 21 }; 22 23 typedef struct _HEAP_ENTRY // 7 elements, 0x8 bytes (sizeof) 24 { 25 // union // 2 elements, 0x4 bytes (sizeof) 26 // { 27 // struct // 2 elements, 0x4 bytes (sizeof) 28 // { 29 /*0x000*/ UINT16 Size; 30 /*0x002*/ UINT16 PreviousSize; 31 // }; 32 ///*0x000*/ VOID* SubSegmentCode; 33 // }; 34 /*0x004*/ UINT8 SmallTagIndex; 35 /*0x005*/ UINT8 Flags; 36 /*0x006*/ UINT8 UnusedBytes; 37 /*0x007*/ UINT8 SegmentIndex; 38 }HEAP_ENTRY, *PHEAP_ENTRY; 39 40 typedef struct _HEAP // 36 elements, 0x588 bytes (sizeof) 41 { 42 /*0x000*/ struct _HEAP_ENTRY Entry; // 7 elements, 0x8 bytes (sizeof) 43 /*0x008*/ ULONG32 Signature; 44 /*0x00C*/ ULONG32 Flags; 45 /*0x010*/ ULONG32 ForceFlags; 46 /*0x014*/ ULONG32 VirtualMemoryThreshold; 47 /*0x018*/ ULONG32 SegmentReserve; 48 /*0x01C*/ ULONG32 SegmentCommit; 49 /*0x020*/ ULONG32 DeCommitFreeBlockThreshold; 50 /*0x024*/ ULONG32 DeCommitTotalFreeThreshold; 51 /*0x028*/ ULONG32 TotalFreeSize; 52 /*0x02C*/ ULONG32 MaximumAllocationSize; 53 /*0x030*/ UINT16 ProcessHeapsListIndex; 54 /*0x032*/ UINT16 HeaderValidateLength; 55 /*0x034*/ VOID* HeaderValidateCopy; 56 /*0x038*/ UINT16 NextAvailableTagIndex; 57 /*0x03A*/ UINT16 MaximumTagIndex; 58 /*0x03C*/ struct _HEAP_TAG_ENTRY* TagEntries; 59 /*0x040*/ struct _HEAP_UCR_SEGMENT* UCRSegments; 60 /*0x044*/ struct _HEAP_UNCOMMMTTED_RANGE* UnusedUnCommittedRanges; 61 /*0x048*/ ULONG32 AlignRound; 62 /*0x04C*/ ULONG32 AlignMask; 63 /*0x050*/ struct _LIST_ENTRY VirtualAllocdBlocks; // 2 elements, 0x8 bytes (sizeof) 64 /*0x058*/ struct _HEAP_SEGMENT* Segments[64]; 65 union // 2 elements, 0x10 bytes (sizeof) 66 { 67 /*0x158*/ ULONG32 FreeListsInUseUlong[4]; 68 /*0x158*/ UINT8 FreeListsInUseBytes[16]; 69 }u; 70 union // 2 elements, 0x2 bytes (sizeof) 71 { 72 /*0x168*/ UINT16 FreeListsInUseTerminate; 73 /*0x168*/ UINT16 DecommitCount; 74 }u2; 75 /*0x16A*/ UINT16 AllocatorBackTraceIndex; 76 /*0x16C*/ ULONG32 NonDedicatedListLength; 77 /*0x170*/ VOID* LargeBlocksIndex; 78 /*0x174*/ struct _HEAP_PSEUDO_TAG_ENTRY* PseudoTagEntries; 79 /*0x178*/ struct _LIST_ENTRY FreeLists[128]; 80 /*0x578*/ struct _HEAP_LOCK* LockVariable; 81 ///*0x57C*/ FUNCT_0049_0C5F_CommitRoutine* CommitRoutine; 82 /*0x57C*/ VOID* CommitRoutine; 83 /*0x580*/ VOID* FrontEndHeap; 84 /*0x584*/ UINT16 FrontHeapLockCount; 85 /*0x586*/ UINT8 FrontEndHeapType; 86 /*0x587*/ UINT8 LastSegmentIndex; 87 }HEAP, *PHEAP; 88 89 typedef struct _HEAP_UNCOMMMTTED_RANGE // 4 elements, 0x10 bytes (sizeof) 90 { 91 /*0x000*/ struct _HEAP_UNCOMMMTTED_RANGE* Next; 92 /*0x004*/ ULONG32 Address; 93 /*0x008*/ ULONG32 Size; 94 /*0x00C*/ ULONG32 filler; 95 }HEAP_UNCOMMMTTED_RANGE, *PHEAP_UNCOMMMTTED_RANGE; 96 97 typedef struct _HEAP_ENTRY_EXTRA // 4 elements, 0x8 bytes (sizeof) 98 { 99 union // 2 elements, 0x8 bytes (sizeof) 100 { 101 struct // 3 elements, 0x8 bytes (sizeof) 102 { 103 /*0x000*/ UINT16 AllocatorBackTraceIndex; 104 /*0x002*/ UINT16 TagIndex; 105 /*0x004*/ ULONG32 Settable; 106 }; 107 /*0x000*/ UINT64 ZeroInit; 108 }; 109 }HEAP_ENTRY_EXTRA, *PHEAP_ENTRY_EXTRA; 110 111 typedef struct _HEAP_VIRTUAL_ALLOC_ENTRY // 5 elements, 0x20 bytes (sizeof) 112 { 113 /*0x000*/ struct _LIST_ENTRY Entry; // 2 elements, 0x8 bytes (sizeof) 114 /*0x008*/ struct _HEAP_ENTRY_EXTRA ExtraStuff; // 4 elements, 0x8 bytes (sizeof) 115 /*0x010*/ ULONG32 CommitSize; 116 /*0x014*/ ULONG32 ReserveSize; 117 /*0x018*/ struct _HEAP_ENTRY BusyBlock; // 7 elements, 0x8 bytes (sizeof) 118 }HEAP_VIRTUAL_ALLOC_ENTRY, *PHEAP_VIRTUAL_ALLOC_ENTRY; 119 120 121 typedef struct _HEAP_FREE_ENTRY // 8 elements, 0x10 bytes (sizeof) 122 { 123 union // 2 elements, 0x4 bytes (sizeof) 124 { 125 struct // 2 elements, 0x4 bytes (sizeof) 126 { 127 /*0x000*/ UINT16 Size; 128 /*0x002*/ UINT16 PreviousSize; 129 }; 130 /*0x000*/ VOID* SubSegmentCode; 131 }; 132 /*0x004*/ UINT8 SmallTagIndex; 133 /*0x005*/ UINT8 Flags; 134 /*0x006*/ UINT8 UnusedBytes; 135 /*0x007*/ UINT8 SegmentIndex; 136 /*0x008*/ struct _LIST_ENTRY FreeList; // 2 elements, 0x8 bytes (sizeof) 137 }HEAP_FREE_ENTRY, *PHEAP_FREE_ENTRY; 138 139 typedef struct _HEAP_LOOKASIDE // 10 elements, 0x30 bytes (sizeof) 140 { 141 /*0x000*/ union _SLIST_HEADER ListHead; // 4 elements, 0x8 bytes (sizeof) 142 /*0x008*/ UINT16 Depth; 143 /*0x00A*/ UINT16 MaximumDepth; 144 /*0x00C*/ ULONG32 TotalAllocates; 145 /*0x010*/ ULONG32 AllocateMisses; 146 /*0x014*/ ULONG32 TotalFrees; 147 /*0x018*/ ULONG32 FreeMisses; 148 /*0x01C*/ ULONG32 LastTotalAllocates; 149 /*0x020*/ ULONG32 LastAllocateMisses; 150 /*0x024*/ ULONG32 Counters[2]; 151 /*0x02C*/ UINT8 _PADDING0_[0x4]; 152 }HEAP_LOOKASIDE, *PHEAP_LOOKASIDE; 153 154 struct FRONTEND1 { 155 struct _HEAP_LOOKASIDE l[128]; 156 }; 157 158 typedef struct _HEAP_SEGMENT // 15 elements, 0x3C bytes (sizeof) 159 { 160 /*0x000*/ struct _HEAP_ENTRY Entry; // 7 elements, 0x8 bytes (sizeof) 161 /*0x008*/ ULONG32 Signature; 162 /*0x00C*/ ULONG32 Flags; 163 /*0x010*/ struct _HEAP* Heap; 164 /*0x014*/ ULONG32 LargestUnCommittedRange; 165 /*0x018*/ VOID* BaseAddress; 166 /*0x01C*/ ULONG32 NumberOfPages; 167 /*0x020*/ struct _HEAP_ENTRY* FirstEntry; 168 /*0x024*/ struct _HEAP_ENTRY* LastValidEntry; 169 /*0x028*/ ULONG32 NumberOfUnCommittedPages; 170 /*0x02C*/ ULONG32 NumberOfUnCommittedRanges; 171 /*0x030*/ struct _HEAP_UNCOMMMTTED_RANGE* UnCommittedRanges; 172 /*0x034*/ UINT16 AllocatorBackTraceIndex; 173 /*0x036*/ UINT16 Reserved; 174 /*0x038*/ struct _HEAP_ENTRY* LastEntryInSegment; 175 }HEAP_SEGMENT, *PHEAP_SEGMENT;