blob: 8510786e1516b56461128f151ff6245cd736e498 (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
|
/*++
Copyright (c) 1990 Microsoft Corporation
Module Name:
MEMORY.C
Abstract:
This file contains the routines that deal with memory management.
Author:
Rajen Shah (rajens) 12-Jul-1991
[Environment:]
User Mode - Win32, except for NTSTATUS returned by some functions.
Revision History:
--*/
//
// INCLUDES
//
#include <eventp.h>
//
// Implement my own tail-checking, since the system code requires a
// debugging build
//
//#define TAIL_CHECKING
#ifdef TAIL_CHECKING
#define CHECK_HEAP_TAIL_SIZE 16
#define CHECK_HEAP_TAIL_FILL 0xAB
#endif
PVOID
ElfpAllocateBuffer (
ULONG Size
)
/*++
Routine Description:
Allocate a buffer of the given size, and return the pointer in BufPtr.
Arguments:
Return Value:
Pointer to allocated buffer (or NULL).
Note:
--*/
{
PVOID BufPtr;
#ifdef TAIL_CHECKING
//
// Keep the offset of the pattern (so we don't have to have internal
// knowledge about the granularity of the heap block) and copy a
// known pattern after the end of the user's block
//
BufPtr = (PVOID *) MIDL_user_allocate ( Size
+ CHECK_HEAP_TAIL_SIZE + sizeof(DWORD));
*((PDWORD)BufPtr) = Size + sizeof(DWORD);
(PBYTE) BufPtr += sizeof(DWORD);
RtlFillMemory((PBYTE)BufPtr + Size,
CHECK_HEAP_TAIL_SIZE,
CHECK_HEAP_TAIL_FILL);
#else
BufPtr = (PVOID *) MIDL_user_allocate ( Size );
#endif
return (BufPtr);
}
VOID
ElfpFreeBuffer (
PVOID BufPtr)
/*++
Routine Description:
Frees a buffer previously allocated by AllocateBuffer.
Arguments:
Pointer to buffer.
Return Value:
NOTHING
Note:
--*/
{
#ifdef TAIL_CHECKING
{
DWORD i;
PBYTE pb;
//
// Back up to real start of block
//
(PBYTE)BufPtr -= sizeof(DWORD);
i = *((PDWORD)BufPtr);
pb = (PBYTE)BufPtr + i;
for (i = 0; i < CHECK_HEAP_TAIL_SIZE ; i++, pb++) {
if (*pb != CHECK_HEAP_TAIL_FILL) {
ElfDbgPrint(("[ELF] Heap has been corrupted at 0x%x\n",
BufPtr));
// Make it access violate
pb = (PBYTE) 0;
*pb = 1;
}
}
}
#endif
MIDL_user_free ( BufPtr );
return;
}
|