From 3f5102cc6f9c7bc4e59882e521d981fae648485e Mon Sep 17 00:00:00 2001
From: Kawe Mazidjatari <48657826+Mauler125@users.noreply.github.com>
Date: Tue, 27 Dec 2022 13:19:57 +0100
Subject: [PATCH] Detect possible return address in callstack

Also increased the number of frames to capture from 60 to 128, and skipped the last 2 frames.
---
 r5dev/public/utility/crashhandler.cpp | 25 +++++++++++++++++++++++--
 r5dev/public/utility/crashhandler.h   |  3 +--
 2 files changed, 24 insertions(+), 4 deletions(-)

diff --git a/r5dev/public/utility/crashhandler.cpp b/r5dev/public/utility/crashhandler.cpp
index 543de433..4bb82323 100644
--- a/r5dev/public/utility/crashhandler.cpp
+++ b/r5dev/public/utility/crashhandler.cpp
@@ -28,10 +28,30 @@ void CCrashHandler::FormatCrash()
 void CCrashHandler::FormatCallstack()
 {
 	m_svBuffer.append("callstack:\n{\n");
+
+	if (m_nCapturedFrames)
+	{
+		PEXCEPTION_RECORD pExceptionRecord = m_pExceptionPointers->ExceptionRecord;
+		if (m_ppStackTrace[m_nCapturedFrames - 1] == pExceptionRecord->ExceptionAddress)
+		{
+			PCONTEXT pContextRecord = m_pExceptionPointers->ContextRecord;
+			MEMORY_BASIC_INFORMATION mbi = { 0 };
+			SIZE_T t = VirtualQuery((LPCVOID)pContextRecord->Rsp, &mbi, sizeof(LPCVOID));
+
+			if (t >= sizeof(mbi)
+				&& !(mbi.Protect & PAGE_NOACCESS)
+				&& (mbi.Protect & PAGE_READONLY | PAGE_READWRITE)
+				&& (mbi.State & MEM_COMMIT))
+			{
+				m_svBuffer.append("\t// call stack ended; possible return address?\n");
+			}
+		}
+	}
 	for (WORD i = 0; i < m_nCapturedFrames; i++)
 	{
 		FormatExceptionAddress(reinterpret_cast<LPCSTR>(m_ppStackTrace[i]));
 	}
+
 	m_svBuffer.append("}\n");
 }
 
@@ -41,8 +61,8 @@ void CCrashHandler::FormatCallstack()
 void CCrashHandler::FormatRegisters()
 {
 	m_svBuffer.append("registers:\n{\n");
-
 	PCONTEXT pContextRecord = m_pExceptionPointers->ContextRecord;
+
 	FormatAPU("rax", pContextRecord->Rax);
 	FormatAPU("rbx", pContextRecord->Rbx);
 	FormatAPU("rcx", pContextRecord->Rcx);
@@ -60,6 +80,7 @@ void CCrashHandler::FormatRegisters()
 	FormatAPU("r14", pContextRecord->R14);
 	FormatAPU("r15", pContextRecord->R15);
 	FormatAPU("rip", pContextRecord->Rip);
+
 	FormatFPU("xmm0 ", &pContextRecord->Xmm0);
 	FormatFPU("xmm1 ", &pContextRecord->Xmm1);
 	FormatFPU("xmm2 ", &pContextRecord->Xmm2);
@@ -352,7 +373,7 @@ bool CCrashHandler::IsPageAccessible() const
 //-----------------------------------------------------------------------------
 void CCrashHandler::GetCallStack()
 {
-	m_nCapturedFrames = RtlCaptureStackBackTrace(0, NUM_FRAMES_TO_CAPTURE, m_ppStackTrace, NULL);
+	m_nCapturedFrames = RtlCaptureStackBackTrace(2, NUM_FRAMES_TO_CAPTURE, m_ppStackTrace, NULL);
 }
 
 //-----------------------------------------------------------------------------
diff --git a/r5dev/public/utility/crashhandler.h b/r5dev/public/utility/crashhandler.h
index e3fa82b4..b9be80e8 100644
--- a/r5dev/public/utility/crashhandler.h
+++ b/r5dev/public/utility/crashhandler.h
@@ -32,7 +32,6 @@ public:
 	//-------------------------------------------------------------------------
 	const char* ExceptionToString() const;
 	const char* ExceptionToString(DWORD nExceptionCode) const;
-
 	void SetExceptionPointers(EXCEPTION_POINTERS* pExceptionPointers) { m_pExceptionPointers = pExceptionPointers; };
 
 	void WriteFile();
@@ -55,7 +54,7 @@ private:
 private:
 	enum
 	{
-		NUM_FRAMES_TO_CAPTURE = 60
+		NUM_FRAMES_TO_CAPTURE = 128
 	};
 
 	PVOID m_hExceptionHandler;