Content deleted Content added
Added some information from this reference where Mark Russinovich and Scott Hanselman speak of the NT API: https://shows.acast.com/scott-and-mark-learn-to/episodes/scott-mark-learn-to-undocumented-apis Tags: extraneous markup Visual edit |
|||
Line 37:
Unlike [[Win32]] applications, native applications instantiate within the Kernel runtime code ([[ntoskrnl.exe]]) and so they must have a different entry point ('''NtProcessStartup''', rather than '''(w)(Win)MainCRTStartup''' as is found in a Win32 application),<ref name="nativeapplications"/> obtain their command-line arguments via a pointer to an in-memory structure, manage their own memory using the '''Rtl''' heap API, (which the Win32 heap APIs are just wrappers around—no real difference there) and return execution with a call to '''RtlExitUserProcess''' (as opposed to '''ExitProcess'''). A common library linked with Native applications is nt.lib, which contains startup code for Native applications, similar to how the C runtime provides startup code for Win32 apps.<ref>{{Cite web |url=https://technet.microsoft.com/en-us/sysinternals/bb897447.aspx |title=Inside Native Applications |access-date=2017-08-26 |archive-date=2010-10-23 |archive-url=https://web.archive.org/web/20101023130328/http://technet.microsoft.com/en-us/sysinternals/bb897447.aspx |url-status=dead }}</ref>
Though most of the API is
== Win32 API ==
| |||