Heap corruption detection with Windows GFlags application

2018-06-29 12:01:59

I'm trying to enable page heap for a small application using GFlags but for some reason it doesn't work.

I've written a small C++ application that all it does is corrupt the heap memory:

int* a;
a= (int*)malloc(1);
*a= 8888800;
return 0;

When running this code the application does not crash. But with page heap enabled I would expect it to, at the third line.

I suspect I didn't not activate GFlags correctly but can't figure out the problem. After running the GFlags exe in the image file tab I copied the path to my exe and marked the enable page heap and stop on exception options. I checked in the CMD and saw the page heap was enabled. What could be the problem?

Page heap means that there's a protected page after the page where your variable is in. This also means that you have to access memory in that protected page to let it crash. You're not writing enough data to reach the end of a page.

Something like

int* a;
a= (int*)malloc(1);
*(a+4096)= 8888800;
return 0;

should work (not tested).

Keep in mind, that every single variable on the heap will require 8 kB of memory when page heap is turned on: 4 kB for the accessible page where the variable is in and 4 kB for the protected page that follows.

So all in all, page heap is not a good idea for applications in production but maybe for small test applications. where you need to nail down a buffer overflow (or underrun).

链接地址: http://www.djcxy.com/p/82350.html

上一篇: 在Linux x86 GAS程序集中是否可以创建没有系统调用的线程？

下一篇: 使用Windows GFlags应用程序检测堆损坏