[4/4] ntdll: partially support HEAP_DISABLE_COALESCE_ON_FREE, allows us to detect use-after-free (take 2)
Dan Kegel
dank at kegel.com
Fri Nov 27 21:48:37 CST 2009
[Rest of series unchanged.
Change to this patch since originally posted:
Fixed a problem that showed up in a full run
of the wine test suite under valgrind; added
a test case to make sure we exercise all
paths through RtlReAllocate. A bit simpler, now, too.]
This adds something like support for
HEAP_DISABLE_COALESCE_ON_FREE.
If the GlobalFlags registry entry has the
200000 bit set, freed blocks are set
aside for a while rather than immediately
being released for reuse. This allows
us to poison them and check for use-after-free
or double-free errors, and report them as heap corruption.
If you're running Valgrind, you get an immediate error
and stack trace for any of these heap corruption events,
which was the motivation for the patch series.
But the patches are useful even without valgrind.
The number of blocks kept out of circulation is
5000 by default, but can be set via an environment
variable. It ought to have a limit on number of bytes,
too, but this seemed enough for the moment.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 0003-ntdll-partial-support-HEAP_DISABLE_COALESCE_ON_FREE.patch
Type: text/x-patch
Size: 20530 bytes
Desc: not available
URL: <http://www.winehq.org/pipermail/wine-patches/attachments/20091127/e9eca729/attachment-0001.bin>
More information about the wine-patches
mailing list