About handling Unicode strinsg you say:
when allocating buffers for unicode strings use sizeof(string)*sizeof(WCHAR).
It's not very clear and most of the type the sizeof will not give the expected result. I think it would be better to say to use (strlen(ansi_string)+1)*sizeof(WCHAR). But really, these days to convert an ANSI string to Unicode the recommended way is:
lenW = MultiByteToWideChar(CP_ACP, 0, strA, -1, NULL, 0); strW = HeapAlloc(GetProcessHeap(), 0, lenW * sizeof(WCHAR)); MultiByteToWideChar(CP_ACP, 0, strA, -1, strW, lenW );
Now I'm just nitpicking, a bit later you say:
Any function which expects a null terminated string requires a wide equivalent, as it's legal for wide strings to have null bytes in them.
I would rather say that wide strings *have* nul bytes in them. At least
99% of the time, and >95% of the time they have more than 50% nul
bytes!
Also:
Speaking of which, the contents of ntdll are undocumented
Some of it is documented though it may notb ethe most useful parts. But for instance, an MSDN search on RtlInitializeBitMap returns a man page with a bunch of other ntdll functions.
More generally while it's a good idea to say not to rely on MSDN too much, it should still be pointed out as a useful resource especially if you don't know what the API is supposed to do, whether it returns 0 or 1 on success, etc. For this reason I created a parameterized Mozilla shortcut. Now I just type stuff like 'msdn CreateProcess' as the URL...
http://search.microsoft.com/search/results.aspx?View=msdn&qu=%s