Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

DBG: Fix function boundary computation when getting x64 stack frames #2255

merged 1 commit into from Nov 26, 2019


Copy link

now-raymond commented Nov 23, 2019

Fixes #2254.

The function end address in the RUNTIME_FUNCTION struct points to one byte beyond the last instruction of the function (like STL ranges).

The current lookup method results in incorrect stack frames on entry into a function "B" that starts immediately after another function "A", resulting in function A's unwind metadata incorrectly getting used to unwind the stack instead of function B's.

Existing behavior:
Find func where:
func.BeginAddress <= rva <= func.EndAddress

New behavior:
Find func where:
func.BeginAddress <= rva < func.EndAddress

RUNTIME_FUNCTION range: [BeginAddress, EndAddress)

Old code:
Find `func` where:
`func.BeginAddress <= rva <= func.EndAddress`

New code:
Find `func` where:
`func.BeginAddress <= rva < func.EndAddress`
@mrexodia mrexodia merged commit ec45189 into x64dbg:development Nov 26, 2019
1 check passed
1 check passed
continuous-integration/appveyor/pr AppVeyor build succeeded
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
None yet
2 participants
You can’t perform that action at this time.