SYSTEM_BIGPOOL_ENTRY

The SYSTEM_BIGPOOL_ENTRY structure is a recurring element in the SYSTEM_BIGPOOL_INFORMATION that a successful call to ZwQuerySystemInformation or NtQuerySystemInformation produces in its output buffer when given the information class SystemBigPoolInformation (0x42).

Documentation Status

The SYSTEM_BIGPOOL_ENTRY structure is not documented.

Layout

The SYSTEM_BIGPOOL_ENTRY is 0x0C or 0x18 bytes in 32-bit and 64-bit Windows, respectively.

Offset (x86) Offset (x64) Definition
0x00 0x00 
union {
    PVOID VirtualAddress;
    ULONG_PTR NonPaged : 1;
};
0x04 0x08 
ULONG_PTR SizeInBytes;
0x08 0x10 
union {
    UCHAR Tag [4];
    ULONG TagUlong;
};

This page was created on 9th July 2016 but was not published until 25th October 2016.

Copyright © 2016. Geoff Chappell. All rights reserved. Conditions apply.