1 files changed, 49 insertions, 0 deletions

diff --git a/CRT/ntdll_zw_functions.c b/CRT/ntdll_zw_functions.c
new file mode 100644
index 0000000..d2df299
--- /dev/null
+++ b/CRT/ntdll_zw_functions.c
@@ -0,0 +1,49 @@
+/* This file was auto generated by gen_wrapper.sh */
+#include <ntddk.h>
+
+
+typedef NTSTATUS NTAPI (*ZwTraceControl_t) (_In_ ULONG FunctionCode, PVOID InBuffer, _In_ ULONG InBufferLen, PVOID OutBuffer, _In_ ULONG OutBufferLen, _Out_ PULONG ReturnLength);
+typedef NTSTATUS NTAPI (*ZwTraceEvent_t) (_In_ HANDLE TraceHandle, _In_ ULONG Flags, _In_ ULONG FieldSize, _In_ PVOID Fields);
+
+static ZwTraceControl_t _ZwTraceControl = NULL;
+static ZwTraceEvent_t _ZwTraceEvent = NULL;
+
+int __cdecl ntdll_zw_functions (void)
+{
+    int retval = 0;
+    UNICODE_STRING fnName;
+
+    RtlInitUnicodeString(&fnName, L"ZwTraceControl");
+    _ZwTraceControl = MmGetSystemRoutineAddress(&fnName);
+    if (_ZwTraceControl == NULL)
+    {
+        DbgPrint("%s\n", "System routine ZwTraceControl not found.");
+        retval++;
+    }
+    RtlInitUnicodeString(&fnName, L"ZwTraceEvent");
+    _ZwTraceEvent = MmGetSystemRoutineAddress(&fnName);
+    if (_ZwTraceEvent == NULL)
+    {
+        DbgPrint("%s\n", "System routine ZwTraceEvent not found.");
+        retval++;
+    }
+
+    return retval;
+}
+
+
+NTSTATUS NTAPI ZwTraceControl (_In_ ULONG FunctionCode, PVOID InBuffer, _In_ ULONG InBufferLen, PVOID OutBuffer, _In_ ULONG OutBufferLen, _Out_ PULONG ReturnLength)
+{
+    if (_ZwTraceControl == NULL)
+        return STATUS_PROCEDURE_NOT_FOUND;
+
+    return _ZwTraceControl (FunctionCode, InBuffer, InBufferLen, OutBuffer, OutBufferLen, ReturnLength);
+}
+
+NTSTATUS NTAPI ZwTraceEvent (_In_ HANDLE TraceHandle, _In_ ULONG Flags, _In_ ULONG FieldSize, _In_ PVOID Fields)
+{
+    if (_ZwTraceEvent == NULL)
+        return STATUS_PROCEDURE_NOT_FOUND;
+
+    return _ZwTraceEvent (TraceHandle, Flags, FieldSize, Fields);
+}