3.1.4.1 Creating a ROP Input Buffer

The layout of the ROP input buffer and the ROP output buffer is specified in section 2.2.1.

A ROP input buffer is constructed by the client and sent to the server. The client packages its ROP requests together in the intended processing order and creates an associated Server object handle table.

When assembling a ROP input buffer, the client MUST use a Server object handle table large enough to include an entry for the largest index used by the ROP requests. Each entry that is referenced only as input for ROPs MUST be filled in with the handle of the Server object that is intended to be the input of the operation. Each entry that is referenced only as output SHOULD be filled in with the 0xFFFFFFFF value. Each entry that is referenced first as an output index and then as an input index SHOULD also be initialized to the 0xFFFFFFFF value.

Multiple ROPs in a ROP input buffer can use the same Server object handle table index. For example, a RopOpenFolder ROP (section 2.2.4.1) can specify index 1 as the location to place the handle for the folder Server object. In the same ROP input buffer, a RopGetContentsTable ROP (section 2.2.4.14) can specify index 1 as the location for the input Server object handle.