Dailydave mailing list archives

Previous By Date Next
Previous By Thread Next

RE: Understanding Windows Heap Overflows

From: "Dave Korn" <dave.korn () artimi com>
Date: Thu, 20 Oct 2005 20:03:35 +0100

Matt Conover wrote:

Also newer versions of windbg can be configured to prevent this:
"Processes created by the debugger behave slightly differently than
they would under normal conditions. " [...snip...] 


  Ah, of course, that'll be why I didn't see any change when I was doing it,
because the process in question was rpcss, and I was only attaching the
debugger to it long after it was started up by the system in the standard
way.  So that's a third way of forcing the use of the standard heap: launch
app first, then  attach it.


"Instead of using the standard
heap API, processes created by the debugger use a special debug heap.
On MicrosoftR Windows XP and later versions of Windows, you can force
a spawned process to use the standard heap instead of the debug heap
by using the _NO_DEBUG_HEAP environment variable
or the -hd command-line option"


  Incidentally, am I the only one who thinks that the default should be for
a process under debug to behave as exactly alike as possible to the way it
operates when it's not under debug?  Seems like the best possible way to
guarantee you'll get Heisenbugs.....


    cheers,
      DaveK
-- 
Can't think of a witty .sigline today....
Previous By Date Next
Previous By Thread Next

Current thread: