写作自由垃圾/删除 [英] Writing Garbage on free / delete

问题描述

一个动态内存分配的问题，是一个可删除 / 免费的内存块，仍然有指点指点进去。当一个取消引用这些指针之一，有机会，工作，但留一个容易记忆的东西损坏等可能

为了帮助这些问题的一些平台让删除 / 免费写的垃圾（类似 DEDEDEDE ）进入释放它作为一个释放的细胞之前释放堆单元。这意味着，当一个人试图取消引用现在的指针，释放细胞，可以或多或少总是期待一个data_abort例外，这应该引起程序崩溃。这将使用调试库时。该版本库没有这样做，因为性能的原因。

有人能告诉我，如果人能够获得这种使用的glibc或如何执行一些简单的操作做这个标准的Linux平台上的行为。我认为这将有助于我更容易找到一些错误很多。

我想补充一点，应该是微不足道的启用或禁用此行为对不同的构建。我能想到的最接近的是malloc的钩子，可惜的是免费不采取细胞大小作为参数。<​​/ P>

解决方案

以下code不正是我想要的：

 的#include＆LT;＆malloc.h所GT;无效的typedef（* free_hook_t）（无效*，常量无效*）;静态free_hook_t system_free_hook;静态无效my_free_hook（无效* PTR，常量无效*调用者）
     {
       __free_hook = system_free_hook;
       INT大小= malloc_usable_size（PTR）;
       memset的（PTR，写0xDE，大小）;
       免费（PTR）;
       __free_hook = my_free_hook;
     }静态无效init_free_hook（）
     {
     system_free_hook = __free_hook;
      __free_hook = my_free_hook;
     }/ *覆盖从C库初始化钩。 * /
无效（* __ malloc_initialize_hook）（无效）= init_free_hook;
 

这是完全独立所以在技术上可以根据需要包括或不包括。我错过了位是 malloc_usable_size 功能。

测试在Ubuntu 10.10，这也适用于C ++中，其中一个是使用新和删除

One of the issues with dynamic memory allocation is that one may delete/free a block of memory and still have pointers pointing into it. When one dereferences one of these pointers, chances are that things may "work" but leave one vulnerable to memory corruptions etc.

In order to help with these issues some platforms make delete / free write garbage (something like DEDEDEDE) into the freed heap cell before releasing it as a freed cell. This means that when one tries to now dereference a pointer to a freed cell, one can more or less always expect a data_abort exception which should cause the program to crash. This will when using the debug library. The release library does not do this because of performance reasons.

Could someone tell me if one can get this kind of behavior on standard Linux platforms using glibc or how to perform some simple operation to do this. I think it will help me find some bugs a lot more easily.

I would like to add that it should be trivial to enable or disable this behavior for different builds. The closest thing I can think of is malloc hooks, unfortunately free does not take the cell size as a parameter.

解决方案

The following code does exactly what I want:

#include <malloc.h>

typedef void (*free_hook_t)(void*, const void*);

static free_hook_t system_free_hook;

static void my_free_hook (void *ptr, const void *caller)
     {
       __free_hook = system_free_hook;
       int size = malloc_usable_size(ptr);
       memset(ptr,0xDE, size);
       free (ptr);
       __free_hook = my_free_hook;
     }

static void init_free_hook()
     {
     system_free_hook = __free_hook;
      __free_hook = my_free_hook;
     }

/* Override initializing hook from the C library. */
void (*__malloc_initialize_hook) (void) = init_free_hook;

It is totally stand alone so technically can be included or not as required. The bit I was missing was the malloc_usable_size function.

Testing on Ubuntu 10.10, this also works in C++ where one is using new and delete

这篇关于写作自由垃圾/删除的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！