Gisle Vanem asked:
> > I prefer to avoid the ntdll.dll API when possible.
>
> Okay, what's wrong with that?
1) It's a violation of abstraction. Diagram:
Programs
|
Windows API (kernel32.dll etc.)
|
NT API (ntdll.dll)
|
NT kernel
Programs should use only topmost API layer.
When you use a mix between two or more layers, i.e. when you circumvent
the topmost API layer, in my experience this causes big problems in the
long run.
2) The code you pointed to uses the function NtQueryObject. However, the
Microsoft documentation
<https://docs.microsoft.com/en-us/windows/desktop/api/winternl/nf-winternl-ntqueryobject>
states "This function may be changed or removed from Windows without
further notice."
3) Probably code will run better on ReactOS or WINE if they don't use the
lower layers.
Bruno
