static UNICODE_STRING g_WindowsDirectory;
static UNICODE_STRING g_System32Directory;
static UNICODE_STRING g_SxsDirectory;
+static UNICODE_STRING g_LoadingShimDll;
ULONG g_ShimEngDebugLevel = 0xffffffff;
BOOL g_bComPlusImage = FALSE;
BOOL g_bShimDuringInit = FALSE;
{
DWORD n;
+ if (ModuleName == NULL && BaseAddress == NULL)
+ {
+ BaseAddress = NtCurrentPeb()->ImageBaseAddress;
+ }
+
for (n = 0; n < ARRAY_Size(&g_pHookArray); ++n)
{
PHOOKMODULEINFO pModuleInfo = ARRAY_At(&g_pHookArray, HOOKMODULEINFO, n);
}
Success = LdrGetDllHandle(NULL, NULL, &DllName, &DllHandle);
- RtlFreeUnicodeString(&DllName);
if (!NT_SUCCESS(Success))
{
- SHIMENG_FAIL("Unable to get module handle for %wZ\n", &DllName);
+ SHIMENG_FAIL("Unable to get module handle for %wZ (%p)\n", &DllName, DllBase);
+ RtlFreeUnicodeString(&DllName);
+
return NULL;
}
+ RtlFreeUnicodeString(&DllName);
return SeiFindHookModuleInfo(NULL, DllHandle);
}
PHOOKMODULEINFO HookModuleInfo;
FARPROC proc = ((GETPROCADDRESSPROC)g_IntHookEx[0].OriginalFunction)(hModule, lpProcName);
- if (!HIWORD(lpProcName))
+ if ((DWORD_PTR)lpProcName <= MAXUSHORT)
{
- sprintf(szOrdProcName, "#%lu", (DWORD)lpProcName);
+ sprintf(szOrdProcName, "#%Iu", (DWORD_PTR)lpProcName);
lpPrintName = szOrdProcName;
}
{
ULONG OldProtection = 0;
PVOID Ptr;
- ULONG Size;
+ SIZE_T Size;
NTSTATUS Status;
SHIMENG_INFO("Hooking API \"%s!%s\" for DLL \"%wZ\"\n", HookApi->LibraryName, HookApi->FunctionName, &LdrEntry->BaseDllName);
PIMAGE_IMPORT_DESCRIPTOR ImportDescriptor;
PBYTE DllBase = LdrEntry->DllBase;
- if (SE_IsShimDll(DllBase) || g_hInstance == LdrEntry->DllBase)
+ if (SE_IsShimDll(DllBase) || g_hInstance == LdrEntry->DllBase ||
+ (g_LoadingShimDll.Buffer && RtlEqualUnicodeString(&g_LoadingShimDll, &LdrEntry->BaseDllName, TRUE)))
{
SHIMENG_INFO("Skipping shim module 0x%p \"%wZ\"\n", LdrEntry->DllBase, &LdrEntry->BaseDllName);
return;
continue;
}
+ RtlInitUnicodeString(&g_LoadingShimDll, DllName);
RtlInitUnicodeString(&UnicodeDllName, FullNameBuffer);
if (NT_SUCCESS(LdrGetDllHandle(NULL, NULL, &UnicodeDllName, &BaseAddress)))
{
SHIMENG_WARN("Failed to load %wZ for %S\n", &UnicodeDllName, ShimName);
continue;
}
+ RtlInitUnicodeString(&g_LoadingShimDll, NULL);
/* No shim module found (or we just loaded it) */
if (!pShimModuleInfo)
{