/*++ Copyright (c) 2001 Microsoft Corporation Module Name: VJEDeltaSetup.cpp Abstract: This app' setup program has a MYDLL.DLL, it has memory corruption in it's IsAdmin(). Fixing this by provide a new procedure IsAdmin(). (Copy/Paste from PSDK) History: 06/12/2001 xiaoz create --*/ #include "precomp.h" // // app's private Prototype // typedef BOOL (WINAPI *_pfn_IsAdmin)(void); IMPLEMENT_SHIM_BEGIN(VJEDeltaSetup) #include "ShimHookMacro.h" APIHOOK_ENUM_BEGIN APIHOOK_ENUM_ENTRY(IsAdmin) APIHOOK_ENUM_END /*++ New function to check whethe currently login as Admin, Copy/Paste from PSDK --*/ BOOL APIHOOK(IsAdmin)( void ) { PSID pSID = NULL; SID_IDENTIFIER_AUTHORITY SIDAuth = SECURITY_NT_AUTHORITY; BOOL IsMember; HANDLE hToken = INVALID_HANDLE_VALUE; TOKEN_OWNER SIDforOwner; BOOL bRet = FALSE; // // Open a handle to the access token for the calling process. // if (!OpenProcessToken(GetCurrentProcess(), TOKEN_QUERY | TOKEN_ADJUST_DEFAULT, &hToken )) { goto Cleanup; } // // Create a SID for the BUILTIN\Administrators group. // if (!AllocateAndInitializeSid(&SIDAuth, 2, SECURITY_BUILTIN_DOMAIN_RID, DOMAIN_ALIAS_RID_ADMINS, 0, 0, 0, 0, 0, 0, &pSID)) { pSID = NULL; goto Cleanup; } // // Check if the administrator group SID is enabled in current process token // if (!CheckTokenMembership(NULL, pSID, &IsMember)) { goto Cleanup; } if (IsMember) { bRet = TRUE; } Cleanup: if (pSID) { FreeSid(pSID); } if (hToken != INVALID_HANDLE_VALUE) { CloseHandle(hToken); } return bRet; } /*++ Register hooked functions --*/ HOOK_BEGIN APIHOOK_ENTRY(MYDLL.DLL, IsAdmin) HOOK_END IMPLEMENT_SHIM_END