[RTL][NTDLL] Add some function stubs

- LdrSetAppCompatDllRedirectionCallback
- RtlCancelTimer
- RtlCreateServiceSid
- RtlQueryProcessHeapInformation
- RtlQueueApcWow64Thread
- RtlSetTimer
- RtlUnhandledExceptionFilter2
- RtlpNotOwnerCriticalSection

sdk/lib/rtl/amd64/stubs.c

@@ -113,4 +113,16 @@ RtlRestoreContext(
     UNIMPLEMENTED;
 }
 
+NTSTATUS
+NTAPI
+RtlQueueApcWow64Thread(
+    _In_ HANDLE ThreadHandle,
+    _In_ PKNORMAL_ROUTINE ApcRoutine,
+    _In_opt_ PVOID NormalContext,
+    _In_opt_ PVOID SystemArgument1,
+    _In_opt_ PVOID SystemArgument2)
+{
+    UNIMPLEMENTED;
+    return STATUS_NOT_IMPLEMENTED;
+}
 

sdk/lib/rtl/critical.c

@@ -801,4 +801,11 @@ RtlIsCriticalSectionLockedByThread(PRTL_CRITICAL_SECTION CriticalSection)
            CriticalSection->RecursionCount != 0;
 }
 
+VOID
+NTAPI
+RtlpNotOwnerCriticalSection(PRTL_CRITICAL_SECTION CriticalSection)
+{
+    RtlRaiseStatus(STATUS_RESOURCE_NOT_OWNED);
+}
+
 /* EOF */

sdk/lib/rtl/exception.c

@@ -311,6 +311,21 @@ RtlUnhandledExceptionFilter(IN struct _EXCEPTION_POINTERS* ExceptionInfo)
     return ERROR_CALL_NOT_IMPLEMENTED;
 }
 
+/*
+ * @unimplemented
+ */
+LONG
+NTAPI
+RtlUnhandledExceptionFilter2(
+    _In_ PEXCEPTION_POINTERS ExceptionInfo,
+    _In_ ULONG Flags)
+{
+    /* This is used by the security cookie checks, and also called externally */
+    UNIMPLEMENTED;
+    PrintStackTrace(ExceptionInfo);
+    return ERROR_CALL_NOT_IMPLEMENTED;
+}
+
 /*
  * @implemented
  */

sdk/lib/rtl/heap.c

@@ -3995,4 +3995,20 @@ RtlMultipleFreeHeap(IN PVOID HeapHandle,
     return 0;
 }
 
+/*
+ * Info:
+ * - https://securityxploded.com/enumheaps.php
+ * - https://evilcodecave.wordpress.com/2009/04/14/rtlqueryprocessheapinformation-as-anti-dbg-trick/
+ */
+struct _DEBUG_BUFFER;
+
+NTSTATUS
+NTAPI
+RtlQueryProcessHeapInformation(
+    IN struct _DEBUG_BUFFER *DebugBuffer)
+{
+    UNIMPLEMENTED;
+    return STATUS_NOT_IMPLEMENTED;
+}
+
 /* EOF */

sdk/lib/rtl/i386/thread.c

@@ -77,4 +77,20 @@ RtlInitializeContext(IN HANDLE ProcessHandle,
     ThreadContext->Esp -= sizeof(PVOID);
 }
 
+NTSTATUS
+NTAPI
+RtlQueueApcWow64Thread(
+    _In_ HANDLE ThreadHandle,
+    _In_ PKNORMAL_ROUTINE ApcRoutine,
+    _In_opt_ PVOID NormalContext,
+    _In_opt_ PVOID SystemArgument1,
+    _In_opt_ PVOID SystemArgument2)
+{
+    return NtQueueApcThread(ThreadHandle,
+                            ApcRoutine,
+                            NormalContext,
+                            SystemArgument1,
+                            SystemArgument2);
+}
+
 /* EOF */

sdk/lib/rtl/sid.c

@@ -404,4 +404,18 @@ RtlConvertSidToUnicodeString(IN PUNICODE_STRING String,
     return STATUS_SUCCESS;
 }
 
+/*
+ * @unimplemented
+ */
+NTSTATUS
+NTAPI
+RtlCreateServiceSid(
+    _In_ PUNICODE_STRING ServiceName,
+    _Out_writes_bytes_opt_(*ServiceSidLength) PSID ServiceSid,
+    _Inout_ PULONG ServiceSidLength)
+{
+    UNIMPLEMENTED;
+    return STATUS_NOT_IMPLEMENTED;
+}
+
 /* EOF */

sdk/lib/rtl/timerqueue.c

@@ -463,6 +463,26 @@ NTSTATUS WINAPI RtlCreateTimer(HANDLE TimerQueue, PHANDLE NewTimer,
     return status;
 }
 
+NTSTATUS
+WINAPI
+RtlSetTimer(
+    HANDLE TimerQueue,
+    PHANDLE NewTimer,
+    WAITORTIMERCALLBACKFUNC Callback,
+    PVOID Parameter,
+    DWORD DueTime,
+    DWORD Period,
+    ULONG Flags)
+{
+    return RtlCreateTimer(TimerQueue,
+                          NewTimer,
+                          Callback,
+                          Parameter,
+                          DueTime,
+                          Period,
+                          Flags);
+}
+
 /***********************************************************************
  *              RtlUpdateTimer   (NTDLL.@)
  *
@@ -557,6 +577,16 @@ NTSTATUS WINAPI RtlDeleteTimer(HANDLE TimerQueue, HANDLE Timer,
     return status;
 }
 
+/*
+ * @implemented
+ */
+NTSTATUS
+NTAPI
+RtlCancelTimer(HANDLE TimerQueue, HANDLE Timer)
+{
+    return RtlDeleteTimer(TimerQueue, Timer, NULL);
+}
+
 /*
  * @implemented
  */