Re: Detecting freed memory

From: Keith Thompson <kst-u@xxxxxxx>
Date: Thu, 01 Sep 2005 19:39:49 GMT

"EventHelix.com" <eventhelix@xxxxxxxxx> writes:
> There is no general way to do this.

To do what? Please provide context; don't assume that your readers
can easily see the parent article, or even the subject header.

If you want to post a followup via groups.google.com, don't use
the broken "Reply" link at the bottom of the article. Click on
"show options" at the top of the article, then click on the
"Reply" at the bottom of the article headers.

The parent article asked about how to detect, after a call to free(p),
that p is no longer a valid pointer. (Quick answer: you can't.)

> One way is to write your own
> wrappers around malloc and free and include different signatures in the
> buffer that can be checked.
>
> Microsoft Visual C++ compiler does something similar in a Debug build.
> When a buffer is freed, it copies a known signature pattern in all the
> bytes of the buffer.

It would also have to initialize newly malloc()ed memory with some
other pattern. Also, it can't easily handle cases like this:

p1 = malloc(SOME_SIZE);
...
free(p1);
...
p2 = malloc(SOME_SIZE);

After the second malloc(), p2 might very well point to the same chunk
of memory that p1 pointed to. p1 will appear to point to valid
memory; there's no good way to detect that this is merely accidental.

Tricks like writing 0xDEADBEEF into uninitialized memory can catch
some problems, but they can't catch everything.

--
Keith Thompson (The_Other_Keith) kst-u@xxxxxxx <http://www.ghoti.net/~kst>
San Diego Supercomputer Center <*> <http://users.sdsc.edu/~kst>
We must do something. This is something. Therefore, we must do this.
.

References:
- Detecting freed memory
  - From: Rob
- Re: Detecting freed memory
  - From: EventHelix.com

Prev by Date: Re: what's the prob with goto
Next by Date: Re: Specifying global array size with const int
Previous by thread: Re: Detecting freed memory
Next by thread: Re: Detecting freed memory
Index(es):
- Date
- Thread

Relevant Pages

Re: Fw: Buffer overflow in CIFS VFS.
... What I meant is that two fixed size memory pools rather variable size ... type of buffer or whatever needed info. ... access the header would move the pointer back by sizeof. ...
(Linux-Kernel)
Re: memory related concerns
... i have a situation where i receive data in a buffer and i ... utiltimate aim is to return the header of the linked list to the caller ... run out of memory simultaneously. ...
(comp.lang.c)
Re: memory related concerns
... i have a situation where i receive data in a buffer and i ... utiltimate aim is to return the header of the linked list to the caller ... run out of memory simultaneously. ...
(comp.lang.c)
Re: dynamic buffer size
... call BeginRead with a buffer big enough to hold the header. ... it may not save you any time or memory to do that since using ... There are packet definitions of variable length. ...
(microsoft.public.dotnet.languages.csharp)
Re: Discovering variable types...
... >- but I suppose MS expect us to use wrappers ... memory allocations for your variables from disk as well. ... >They most certainly are of fixed size, changing the size of a String ... >>me to keep buffer size and current postion right in the memory block. ...
(comp.lang.pascal.delphi.misc)