windbg_stacktrace_log

```windbg
0:012> k
 # Child-SP          RetAddr               Call Site
00 000000b9`d2ffbd30 00007fff`67a76fec     lserver!CDataCoding::DecodeData
01 000000b9`d2ffbd70 00007fff`67a5c793     lserver!LKPLiteVerifyLKP+0x38
02 000000b9`d2ffbdc0 00007fff`67a343eb     lserver!TLSDBTelephoneRegisterLicenseKeyPack+0x163
03 000000b9`d2ffd7d0 00007fff`867052a3     lserver!TLSRpcTelephoneRegisterLKP+0x15b
04 000000b9`d2fff0c0 00007fff`8664854d     RPCRT4!Invoke+0x73
05 000000b9`d2fff120 00007fff`86647fda     RPCRT4!NdrStubCall2+0x30d
06 000000b9`d2fff3d0 00007fff`866b7967     RPCRT4!NdrServerCall2+0x1a
07 000000b9`d2fff400 00007fff`86673824     RPCRT4!DispatchToStubInCNoAvrf+0x17
08 000000b9`d2fff450 00007fff`866729e4     RPCRT4!RPC_INTERFACE::DispatchToStubWorker+0x194
09 000000b9`d2fff520 00007fff`86688d4a     RPCRT4!RPC_INTERFACE::DispatchToStub+0x1f4
0a 000000b9`d2fff7c0 00007fff`86688af1     RPCRT4!OSF_SCALL::DispatchHelper+0x13a
0b 000000b9`d2fff8e0 00007fff`86687809     RPCRT4!OSF_SCALL::DispatchRPCCall+0x89
0c 000000b9`d2fff910 00007fff`86686398     RPCRT4!OSF_SCALL::ProcessReceivedPDU+0xe1
0d 000000b9`d2fff9b0 00007fff`86697f4c     RPCRT4!OSF_SCONNECTION::ProcessReceiveComplete+0x34c
0e 000000b9`d2fffab0 00007fff`840377f1     RPCRT4!CO_ConnectionThreadPoolCallback+0xbc
0f 000000b9`d2fffb30 00007fff`867f7794     KERNELBASE!BasepTpIoCallback+0x51
10 000000b9`d2fffb80 00007fff`867f7e37     ntdll!TppIopExecuteCallback+0x1b4
11 000000b9`d2fffc00 00007fff`85b11fd7     ntdll!TppWorkerThread+0x547
12 000000b9`d2ffff60 00007fff`8683d9c0     KERNEL32!BaseThreadInitThunk+0x17
13 000000b9`d2ffff90 00000000`00000000     ntdll!RtlUserThreadStart+0x20
```
```C
void __fastcall CDataCoding::SetInputEncDataLen(CDataCoding *this)
{
  // ...
  dword_1800D61D0 = 35;
  v1 = log10_0((double)dword_1800D61C8) * 35.0;
  v2 = v1 / log10_0(2.0);
  v3 = (int)v2 + 1;
  v4 = 0;
  if ( v2 <= (double)(int)v2 )
    v3 = (int)v2;
  LOBYTE(v4) = (v3 & 7) != 0;
  LODWORD(dwBytes) = (v3 >> 3) + v4; // dwBytes is a fixed value 21
}
__int64 __fastcall CDataCoding::DecodeData(
        CDataCoding *this,
        const unsigned __int16 *a2,
        unsigned __int8 **a3,
        unsigned int *a4)
{
  // ...
  v4 = 0;
  v8 = 0;
  if ( a3 )
  {
    // dwBytes is a global variable with value 21
    v9 = dwBytes;
    *a3 = 0i64;
    *a4 = 0;
    ProcessHeap = GetProcessHeap();
    v11 = (unsigned __int8 *)HeapAlloc(ProcessHeap, 8u, v9);
    v12 = v11;
    if ( v11 )
    {
      memset_0(v11, 0, (unsigned int)dwBytes);
      while ( *a2 )
      {
        // Str is BCDFGHJKMPQRTVWXY2346789
        // a2 is user-controlled buffer
        v13 = wcschr_0(Str, *a2);
        if ( !v13 )
        {
          v4 = 13;
          v18 = GetProcessHeap();
          HeapFree(v18, 0, v12);
          return v4;
        }
        // here change the integer a2 from base 24 to base 10
        // but does not check the length of a2
        v14 = v13 - Str;
        v15 = v12;
        v16 = (unsigned int)(v8 + 1);
        do
        {
          v17 = dword_1800D61C8 * *v15 + v14;
          *v15++ = v17;
          LODWORD(v14) = v17 >> 8;
          --v16;
        }
        while ( v16 );
        if ( (_DWORD)v14 )
          v12[++v8] = v14;
        ++a2;
      }
      *a4 = dwBytes;
      *a3 = v12;
    }
    else
    {
      return 8;
    }
  }
  else
  {
    return 87;
  }
  return v4;
}
}
```