郑州一核酸点推vip服务 年费320元_中国有哪些跨境电商平台_seo策划_个人网站模板免费下载

PRTL_ATOM_TABLE_ENTRY
RtlpHashStringToAtom(
    IN PRTL_ATOM_TABLE p,
    IN PWSTR Name,
    OUT PRTL_ATOM_TABLE_ENTRY **PreviousAtom OPTIONAL,
    OUT PULONG NameLength
    )
{
    ULONG Length, Hash;
    WCHAR c;
    PWCH s;
    RTL_ATOM Atom;
    PRTL_ATOM_TABLE_ENTRY *pa, a;

    if (((ULONG_PTR)Name & -0x10000) == 0) {
        Atom = (RTL_ATOM)(USHORT)PtrToUlong(Name);
        a = NULL;
        if (Atom >= RTL_ATOM_MAXIMUM_INTEGER_ATOM) {
            a = RtlpAtomMapAtomToHandleEntry( p,
                                              (ULONG)(Atom & (USHORT)~RTL_ATOM_MAXIMUM_INTEGER_ATOM)
                                            );
            }

        if (ARGUMENT_PRESENT( PreviousAtom )) {
            *PreviousAtom = NULL;
            }

        return a;
        }

    s = Name;
    Hash = 0;
    while (*s != UNICODE_NULL) {
        c = RtlUpcaseUnicodeChar( *s++ );
        Hash = Hash + (c << 1) + (c >> 1) + c;
        }
    Length = (ULONG) (s - Name);
    if (Length > RTL_ATOM_MAXIMUM_NAME_LENGTH) {
        pa = NULL;
        a = NULL;
        }
    else {
        pa = &p->Buckets[ Hash % p->NumberOfBuckets ];

第二部分：hash值的算法

    Hash = 0;
    while (*s != UNICODE_NULL) {
        c = RtlUpcaseUnicodeChar( *s++ );
        Hash = Hash + (c << 1) + (c >> 1) + c;
        }

T    54    126
R    52    11F
U    55    129
E    45    F1
45F/25=1E*25+9
e13d6010+0x10+9*4=e13d6044        

第三部分：#define RTL_ATOM_TABLE_DEFAULT_NUMBER_OF_BUCKETS 37

        pa = &p->Buckets[ Hash % p->NumberOfBuckets ];

1: kd> dv
              p = 0xe13d6010
           Name = 0x00000014

1: kd> dx -r1 ((ntkrnlmp!_RTL_ATOM_TABLE *)0xe13d6010)
((ntkrnlmp!_RTL_ATOM_TABLE *)0xe13d6010)                 : 0xe13d6010 [Type: _RTL_ATOM_TABLE *]
    [+0x000] Signature        : 0x6d6f7441 [Type: unsigned long]   
    [+0x004] PushLock         [Type: _EX_PUSH_LOCK]
    [+0x008] ExHandleTable    : 0xe140afb8 [Type: _HANDLE_TABLE *]
    [+0x00c] NumberOfBuckets  : 0x25 [Type: unsigned long]
    [+0x010] Buckets          [Type: _RTL_ATOM_TABLE_ENTRY * [1]]

#define RTL_ATOM_TABLE_SIGNATURE (ULONG)'motA'

1: kd> dt nt!_RTL_ATOM_TABLE_ENTRY  e13e6560
   +0x000 HashLink         : (null)
   +0x004 HandleIndex      : 0x11
   +0x006 Atom             : 0xc011
   +0x008 ReferenceCount   : 1
   +0x00a Flags            : 0x1 ''
   +0x00b NameLength       : 0x4 ''
   +0x00c Name             : [1] 0x54

1: kd> dx -id 0,0,896d1020 -r1 (*((ntkrnlmp!unsigned short (*)[1])0xe13e656c))
(*((ntkrnlmp!unsigned short (*)[1])0xe13e656c))                 [Type: unsigned short [1]]
    [0]              : 0x54 [Type: unsigned short]

1: kd> db 0xe13e656c
e13e656c  54 00 72 00 75 00 65 00-00 00 00 00 05 08 02 00  T.r.u.e.........

第四部分：

1: kd> dd 0xe13d6010
e13d6010  6d6f7441 00000002 e140afb8 00000025
e13d6020  e15eb990 e1601760 e19e5148 00000000
e13d6030  00000000 e18379d8 e15bd048 00000000
e13d6040  00000000 e13e6560 e160e4f0 e160e4c8
e13d6050  e1622990 e1622950 e160c388 00000000
e13d6060  00000000 e1693838 e15ad170 e15abcc8

第五部分：哈希表的一个例子

1: kd> dt nt!_RTL_ATOM_TABLE_ENTRY e13d6050
   +0x000 HashLink         : 0xe1622990 _RTL_ATOM_TABLE_ENTRY
   +0x004 HandleIndex      : 0x2950
   +0x006 Atom             : 0xe162
   +0x008 ReferenceCount   : 0xc388
   +0x00a Flags            : 0x60 '`'
   +0x00b NameLength       : 0xe1 ''
   +0x00c Name             : [1] 0
1: kd> dx -id 0,0,896d1020 -r1 ((ntkrnlmp!_RTL_ATOM_TABLE_ENTRY *)0xe1622990)
((ntkrnlmp!_RTL_ATOM_TABLE_ENTRY *)0xe1622990)                 : 0xe1622990 [Type: _RTL_ATOM_TABLE_ENTRY *]
    [+0x000] HashLink         : 0xe194ebd0 [Type: _RTL_ATOM_TABLE_ENTRY *]
    [+0x004] HandleIndex      : 0x15 [Type: unsigned short]
    [+0x006] Atom             : 0xc015 [Type: unsigned short]
    [+0x008] ReferenceCount   : 0x1 [Type: unsigned short]
    [+0x00a] Flags            : 0x1 [Type: unsigned char]
    [+0x00b] NameLength       : 0x5 [Type: unsigned char]
    [+0x00c] Name             [Type: unsigned short [1]]
1: kd> dx -id 0,0,896d1020 -r1 ((ntkrnlmp!_RTL_ATOM_TABLE_ENTRY *)0xe194ebd0)
((ntkrnlmp!_RTL_ATOM_TABLE_ENTRY *)0xe194ebd0)                 : 0xe194ebd0 [Type: _RTL_ATOM_TABLE_ENTRY *]
    [+0x000] HashLink         : 0x0 [Type: _RTL_ATOM_TABLE_ENTRY *]
    [+0x004] HandleIndex      : 0x1f [Type: unsigned short]
    [+0x006] Atom             : 0xc01f [Type: unsigned short]
    [+0x008] ReferenceCount   : 0x1 [Type: unsigned short]
    [+0x00a] Flags            : 0x0 [Type: unsigned char]
    [+0x00b] NameLength       : 0x14 [Type: unsigned char]
    [+0x00c] Name             [Type: unsigned short [1]]
1: kd> dx -id 0,0,896d1020 -r1 (*((ntkrnlmp!unsigned short (*)[1])0xe194ebdc))
(*((ntkrnlmp!unsigned short (*)[1])0xe194ebdc))                 [Type: unsigned short [1]]
    [0]              : 0x43 [Type: unsigned short]
1: kd> db  0xe194ebdc
e194ebdc  43 00 41 00 64 00 64 00-72 00 65 00 73 00 73 00  C.A.d.d.r.e.s.s.
e194ebec  43 00 6f 00 6d 00 62 00-6f 00 45 00 78 00 5f 00  C.o.m.b.o.E.x._.
e194ebfc  54 00 68 00 69 00 73 00-00 00 54 89 09 06 09 0c  T.h.i.s...T.....
e194ec0c  43 4d 44 61 01 00 14 00-76 6b 00 00 22 00 00 00  CMDa....vk.."...