From bba47abf3e9ff8816ccf82afd903d55d7855c3ea Mon Sep 17 00:00:00 2001
From: DavidXanatos <xanatosdavid@gmail.com>
Date: Sun, 8 May 2022 15:36:03 +0200
Subject: [PATCH] 1.0.21

---
 CHANGELOG.md                 |  2 ++
 Sandboxie/core/dll/dllhook.c | 41 +++++++++++++++++++++++++++++++++++-
 2 files changed, 42 insertions(+), 1 deletion(-)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index cc21d8a4..1e36c6c3 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -14,6 +14,8 @@ This project adheres to [Semantic Versioning](http://semver.org/).
 
 ## [1.0.21 / 5.55.21] - 2022-05-02
 
+### Added
+- added "FuncSkipHook=FunctionName" option to allow to sellecively disable individual function hooks
 
 ### Changed
 - improved support certificate entry box
diff --git a/Sandboxie/core/dll/dllhook.c b/Sandboxie/core/dll/dllhook.c
index ec095766..6229b564 100644
--- a/Sandboxie/core/dll/dllhook.c
+++ b/Sandboxie/core/dll/dllhook.c
@@ -1,6 +1,6 @@
 /*
  * Copyright 2004-2020 Sandboxie Holdings, LLC 
- * Copyright 2020 David Xanatos, xanasoft.com
+ * Copyright 2020-2022 David Xanatos, xanasoft.com
  *
  * This program is free software: you can redistribute it and/or modify
  *   it under the terms of the GNU General Public License as published by
@@ -39,6 +39,8 @@ static void *SbieDll_Hook_CheckChromeHook(void *SourceFunc);
 
 ULONG_PTR  DLL_FindWow64Target(ULONG_PTR address);
 
+BOOLEAN SbieDll_FuncSkipHook(const char* func);
+
 //---------------------------------------------------------------------------
 // Variables
 //---------------------------------------------------------------------------
@@ -111,6 +113,9 @@ _FX void *SbieDll_Hook(
     BOOLEAN CallInstruction64 = FALSE;
 #endif _WIN64
 
+    if (SbieDll_FuncSkipHook(SourceFuncName))
+        return SourceFunc;
+
     //
     // validate parameters
     //
@@ -616,6 +621,40 @@ _FX void *SbieDll_Hook_CheckChromeHook(void *SourceFunc)
 }
 
 
+//---------------------------------------------------------------------------
+// SbieDll_FuncSkipHook
+//---------------------------------------------------------------------------
+
+
+BOOLEAN SbieDll_FuncSkipHook(const char* func)
+{
+    static const WCHAR* setting = L"FuncSkipHook";
+
+    static BOOLEAN Disable = FALSE;
+    if (Disable) return FALSE;
+
+    WCHAR buf[66];
+    ULONG index = 0;
+    while (1) {
+        NTSTATUS status = SbieApi_QueryConfAsIs(NULL, setting, index, buf, 64 * sizeof(WCHAR));
+        if (NT_SUCCESS(status)) {
+            WCHAR* ptr = buf;
+            for (const char* tmp = func; *ptr && *tmp && *ptr == *tmp; ptr++, tmp++);
+            if (*ptr == L'\0') //if (_wcsicmp(buf, func) == 0)
+                return TRUE;
+        }
+        else if (status != STATUS_BUFFER_TOO_SMALL)
+            break;
+        ++index;
+    }
+
+    // if there are no fucntions to skip configured, disable the check
+    if (index == 0) Disable = TRUE;
+
+    return FALSE;
+}
+
+
 //---------------------------------------------------------------------------
 // Dll_GetSettingsForImageName
 //---------------------------------------------------------------------------