NTSTATUS Codes
All system calls return a 32-bit
NTSTATUScode that contains the following:Severity
STATUS_SEVERITY_SUCCESS = 0STATUS_SEVERITY_INFORMATIONAL = 1STATUS_SEVERITY_WARNING = 2STATUS_SEVERITY_ERROR = 3
Customer Code (CC)
Single-bit flag that indicates if the status code is defined by Microsoft (value of 0)
Defined by a third-party (value of 1)
They are not required to do this
Facility
Component or subsystem associated with the status code
Third parties need to define their own facility and combine it with the customer code to differentiate themselves from Microsoft.
FACILITY_DEFAULT
0
The default used for common status codes
FACILITY_DEBUGGER
1
Used for codes associated with the debugger
FACILITY_NTWIN32
7
Used for codes that originated from the Win32 APIs
Status Code
16-bit number chosen to be unique for each facility.
Up to the person implementing to define what each one means
Last updated
