From 1bdc2dc2b2b9490190d38be9c383fb3cd8bc6103 Mon Sep 17 00:00:00 2001
From: FunkyFr3sh <cc.red.alert.1@googlemail.com>
Date: Sat, 31 Aug 2024 08:09:51 +0200
Subject: [PATCH] hook _invoke_watson

---
 inc/debug.h |  7 +++++++
 src/debug.c | 22 ++++++++++++++++++++++
 src/hook.c  |  3 +--
 3 files changed, 30 insertions(+), 2 deletions(-)

diff --git a/inc/debug.h b/inc/debug.h
index 72efcf1..058e27a 100644
--- a/inc/debug.h
+++ b/inc/debug.h
@@ -28,6 +28,13 @@ void dbg_dump_dds_blt_fast_flags(DWORD flags);
 void dbg_dump_dds_lock_flags(DWORD flags);
 char* dbg_mes_to_str(int id);
 
+__declspec(noreturn) void __cdecl dbg_invoke_watson(
+    _In_opt_z_ wchar_t const*,
+    _In_opt_z_ wchar_t const*,
+    _In_opt_z_ wchar_t const*,
+    _In_       unsigned int,
+    _In_       uintptr_t);
+
 extern double g_dbg_frame_time;
 extern DWORD g_dbg_frame_count;
 extern LPTOP_LEVEL_EXCEPTION_FILTER g_dbg_exception_filter;
diff --git a/src/debug.c b/src/debug.c
index 9c53e72..0e2c90e 100644
--- a/src/debug.c
+++ b/src/debug.c
@@ -88,6 +88,28 @@ LONG WINAPI dbg_exception_handler(EXCEPTION_POINTERS* exception)
 
     return EXCEPTION_EXECUTE_HANDLER;
 }
+
+__declspec(noreturn) void __cdecl dbg_invoke_watson(
+    wchar_t const* const expression,
+    wchar_t const* const function_name,
+    wchar_t const* const file_name,
+    unsigned int   const line_number,
+    uintptr_t      const reserved
+)
+{
+    UNREFERENCED_PARAMETER(expression);
+    UNREFERENCED_PARAMETER(function_name);
+    UNREFERENCED_PARAMETER(file_name);
+    UNREFERENCED_PARAMETER(line_number);
+    UNREFERENCED_PARAMETER(reserved);
+
+    TRACE("%s [%p]\n", __FUNCTION__, _ReturnAddress());
+
+    /* Force access violation to produce a dmp file for debugging */
+    *(int*)0 = 0;
+
+    TerminateProcess(GetCurrentProcess(), STATUS_INVALID_CRUNTIME_PARAMETER);
+}
 #endif
 
 void dbg_init()
diff --git a/src/hook.c b/src/hook.c
index 2889fdd..378b4a0 100644
--- a/src/hook.c
+++ b/src/hook.c
@@ -659,8 +659,7 @@ void hook_init()
 
             if (!IsDebuggerPresent())
             {
-                /* Force access violation to produce a dmp file for debugging (disables watson) */
-                PATCH_SET((void*)_invoke_watson, "\xC6\x05\x00\x00\x00\x00\x00");
+                patch_ljmp((void*)_invoke_watson, (void*)dbg_invoke_watson);
             }
         }
 #endif