RtlInitializeContext - NtDoc

Native API online documentation, based on the System Informer (formerly Process Hacker) phnt headers 
#ifndef _NTRTL_H

/**
 * The RtlInitializeContext function initializes a CONTEXT structure.
 *
 * \param ProcessHandle Handle to the process to write the CONTEXT. (32bit only)
 * \param Context A pointer to a buffer within which to initialize a CONTEXT structure.
 * \param Parameter Optional parameter passed to the thread start routine.
 * \param InitialPc Initial instruction pointer (thread start routine).
 * \param InitialSp Initial stack pointer.
 * \return On 32bit, returns the status of NtWriteVirtualMemory. On 64bit, returns a constant value (0xf0e0d0c0a0908070).
 * \remarks The return value on 64bit systems is not an NTSTATUS; callers should ignore it.
 * \sa https://learn.microsoft.com/en-us/windows/win32/api/winbase/nf-winbase-initializecontext
 */
NTSYSAPI
NTSTATUS
NTAPI
RtlInitializeContext(
    _In_ HANDLE ProcessHandle,
    _Out_ PCONTEXT Context,
    _In_opt_ PVOID Parameter,
    _In_opt_ PVOID InitialPc,
    _In_opt_ PVOID InitialSp
    );

#endif

View code on GitHub

NtDoc

No description available.

Edit description on GitHub

NTinternals.net (undocumented.ntinternals.net)

Initialise CONTEXT structure for use with NtCreateThread.

See also

Edit description on GitHub