Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Heap corruption: What could the cause be?

Tags:

c++

memory-management

I am investigating a crash due to heap corruption. As this issue is non-trivial and involves analyzing the stack and dump results, I have decided to do a code review of files related to the crash.

To be frank, I don't have in-depth knowledge of when the heap could be corrupted.

I would appreciate if you could suggest scenarios which could lead to heap corruption.

Platform: Windows XP

Language: C++

Compiler: VC6

like image 519
Satbir Avatar asked Oct 01 '09 14:10

Satbir

People also ask

How do you find the source of heap corruption?

Check for heap corruptionTry using the Global Flags Utility (gflags.exe) or pageheap.exe. See /windows-hardware/drivers/debugger/gflags-and-pageheap.

How do I know if heap is corrupted?

Then you can sprinkle calls to CheckForHeapCorruption() throughout your code, so that when heap corruption occurs it will be detected at the next call to CheckForHeapCorruption() rather than some time later on.

What does it mean when the memory is corrupted?

Definition: Memory corruption can be described as the vulnerability that may occur in a computer system when its memory is altered without an explicit assignment. The contents of a memory location are modified due to programming errors which enable attackers to execute an arbitrary code.

1 Answers

Common scenarios include:

  • Writing outside the allocated space of an array (char *stuff = new char[10]; stuff[10] = 3;)
  • Casting to the wrong type
  • Uninitialized pointers
  • Typo error for -> and .
  • Typo error when using * and & (or multiple of either)

[EDIT] From the comments, a few more:

  • Mixing new [] and new with delete [] and delete
  • Missing or incorrect copy-constructors
  • Pointer pointing to garbage
  • Calling delete multiple times on the same data
  • Polymorphic baseclasses without virtual destructors
like image 79
cwap Avatar answered Oct 18 '22 15:10

cwap
Sign in to Comment

Related questions

How to compare vectors with Boost.Test?
JSONCPP Writing to files
Can I implement max(A, max(B, max(C, D))) using fold expressions?
Global variable "count" ambiguous
What is `CString`?
How to generate random variable names in C++ using macros?
std::unique_ptr, deleters and the Win32 API
Is it possible to use an arbitrary character as an operator?
C++ algorithm to calculate least common multiple for multiple numbers
Rare cases where MACROs must be used
C++ - Split string by regex
Does C and C++ guarantee the ASCII of [a-f] and [A-F] characters?
What happens when you deallocate a pointer twice or more in C++?
C for Java Programmer? [duplicate]
Why am I getting this redefinition of class error?
How to check if string ends with .txt
Is it OK to return a const reference to a private member?
Why doesn't this enum convert to int?
Combining a vector of strings
Returning two variables in a C++ function [duplicate]

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!