Moved internally used types to source file

include/Domito.h

@@ -1,67 +1,8 @@
 #pragma once
 
-// Structure representing a loaded module
+//
-typedef struct _SYSTEM_MODULE_INFORMATION_ENTRY
+// Custom allocator for function that allocate pool memory
-{
+// 
-	PVOID Unknown1;
-	PVOID Unknown2;
-	PVOID Base;
-	ULONG Size;
-	ULONG Flags;
-	USHORT Index;
-	USHORT NameLength;
-	USHORT LoadCount;
-	USHORT PathLength;
-	CHAR ImageName[256];
-} SYSTEM_MODULE_INFORMATION_ENTRY, * PSYSTEM_MODULE_INFORMATION_ENTRY;
-
-// Structure representing the loaded module information
-typedef struct _SYSTEM_MODULE_INFORMATION
-{
-	ULONG Count;
-	SYSTEM_MODULE_INFORMATION_ENTRY Module[1];
-} SYSTEM_MODULE_INFORMATION, * PSYSTEM_MODULE_INFORMATION;
-
-// Function prototype for ZwQuerySystemInformation
-NTSYSAPI NTSTATUS NTAPI ZwQuerySystemInformation(
-	ULONG SystemInformationClass,
-	PVOID SystemInformation,
-	ULONG SystemInformationLength,
-	PULONG ReturnLength
-);
-
-typedef struct _LDR_DATA_TABLE_ENTRY
-{
-	LIST_ENTRY64 InLoadOrderLinks;
-	PVOID ExceptionTable;
-	ULONG ExceptionTableSize;
-	PVOID GpValue;
-	PVOID NonPagedDebugInfo;
-	PVOID ImageBase;
-	PVOID EntryPoint;
-	ULONG SizeOfImage;
-	UNICODE_STRING FullImageName;
-	UNICODE_STRING BaseImageName;
-	ULONG Flags;
-	USHORT LoadCount;
-	USHORT TlsIndex;
-	LIST_ENTRY64 HashLinks;
-	PVOID SectionPointer;
-	ULONG CheckSum;
-	ULONG TimeDateStamp;
-	PVOID LoadedImports;
-	PVOID EntryPointActivationContext;
-	PVOID PatchInformation;
-} LDR_DATA_TABLE_ENTRY, * PLDR_DATA_TABLE_ENTRY;
-
-typedef PVOID(NTAPI* t_RtlImageDirectoryEntryToData)(
-	IN PVOID Base,
-	IN BOOLEAN MappedAsImage,
-	IN USHORT DirectoryEntry,
-	OUT PULONG Size
-	);
-
-
 typedef
 _IRQL_requires_same_
 _Function_class_(EVT_DOMITO_ALLOCATE_ROUTINE)

src/Domito.cpp

@@ -4,6 +4,68 @@
 #include "Domito.h"
 
 
+// Structure representing a loaded module
+typedef struct _SYSTEM_MODULE_INFORMATION_ENTRY
+{
+	PVOID Unknown1;
+	PVOID Unknown2;
+	PVOID Base;
+	ULONG Size;
+	ULONG Flags;
+	USHORT Index;
+	USHORT NameLength;
+	USHORT LoadCount;
+	USHORT PathLength;
+	CHAR ImageName[256];
+} SYSTEM_MODULE_INFORMATION_ENTRY, * PSYSTEM_MODULE_INFORMATION_ENTRY;
+
+// Structure representing the loaded module information
+typedef struct _SYSTEM_MODULE_INFORMATION
+{
+	ULONG Count;
+	SYSTEM_MODULE_INFORMATION_ENTRY Module[1];
+} SYSTEM_MODULE_INFORMATION, * PSYSTEM_MODULE_INFORMATION;
+
+// Function prototype for ZwQuerySystemInformation
+NTSYSAPI NTSTATUS NTAPI ZwQuerySystemInformation(
+	ULONG SystemInformationClass,
+	PVOID SystemInformation,
+	ULONG SystemInformationLength,
+	PULONG ReturnLength
+);
+
+typedef struct _LDR_DATA_TABLE_ENTRY
+{
+	LIST_ENTRY64 InLoadOrderLinks;
+	PVOID ExceptionTable;
+	ULONG ExceptionTableSize;
+	PVOID GpValue;
+	PVOID NonPagedDebugInfo;
+	PVOID ImageBase;
+	PVOID EntryPoint;
+	ULONG SizeOfImage;
+	UNICODE_STRING FullImageName;
+	UNICODE_STRING BaseImageName;
+	ULONG Flags;
+	USHORT LoadCount;
+	USHORT TlsIndex;
+	LIST_ENTRY64 HashLinks;
+	PVOID SectionPointer;
+	ULONG CheckSum;
+	ULONG TimeDateStamp;
+	PVOID LoadedImports;
+	PVOID EntryPointActivationContext;
+	PVOID PatchInformation;
+} LDR_DATA_TABLE_ENTRY, * PLDR_DATA_TABLE_ENTRY;
+
+typedef PVOID(NTAPI* t_RtlImageDirectoryEntryToData)(
+	IN PVOID Base,
+	IN BOOLEAN MappedAsImage,
+	IN USHORT DirectoryEntry,
+	OUT PULONG Size
+	);
+
+
 _Success_(return == STATUS_SUCCESS)
 _Must_inspect_result_
 _IRQL_requires_max_(PASSIVE_LEVEL)