function GetCallerModule(const lpReturnAddress: PVOID = nil): HMODULE; stdcall; // If a return address is not specified (optional) GetCallerModule() will resolve it for you internally // On Delphi XE2+ you can supply the System.ReturnAddress() function for added accuracy when resolving the caller module { GetCallerModule() is useful in situations where you may want to know which module is calling a piece of code or a function. One could even modify the function's behavior dynamically at run-time based on this information and return failure if you were to restrict or filter out disallowed callers. E.g: Your software protection DLL exports an Authenticate() method and you want to restrict the caller of this function to SecureActivation.exe or maybe you have a Decryption() routine inside your main executable and don't want Hack.Dll calling your decryption routine thus compromising your "encrypted" sensitive data. } function Decrypt(lpCodeBlock: PVOID): Integer; stdcall; export; var lpModuleName: Array [0..MAX_PATH] of WChar; hMod: HMODULE; begin result := -1; hMod := GetCallerModule(); // Check if it's our current module calling this function and allow it if (hMod = hInstance) then // Call the real decryption routine after validation result := DecryptInternal(lpCodeBlock) else begin // Unknown module calling our decryption routine, Disallow ZeroMemory(@lpModuleName, sizeof(lpModuleName)); // Resolve module filename GetModuleFileNameW(hMod, @lpModuleName, sizeof(lpModuleName)); // Deny MessageBoxW(0, @lpModuleName, 'Unauthorized Caller', MB_ICONERROR); end; end;