Dynamic Memory Corruption (Process Heap)
This is a Mac OS X / GDB counterpart to Dynamic Memory Corruption (process heap) pattern (Volume 1, page 257) previously described for Windows platforms:
(gdb) bt #0 0x00007fff8479582a in __kill () #1 0x00007fff8e0e0a9c in abort () #2 0x00007fff8e1024ac in szone_error () #3 0x00007fff8e1024e8 in free_list_checksum_botch () #4 0x00007fff8e102a7b in small_free_list_remove_ptr () #5 0x00007fff8e106bf7 in szone_free_definite_size () #6 0x00007fff8e13f789 in free () #7 0x000000010afafe23 in main (argc=1, argv=0x7fff6abaeb08)
Here's the source code of the modeling application:
int main(int argc, const char * argv[])
{
char *p1 = (char *) malloc (1024);
printf(“p1
”, p1); = %p
char *p2 = (char *) malloc (1024);
printf(“p2
”, =p2);%p
char *p3 = (char *) malloc (1024);
printf(“p3
”, p3); = %p
char *p4 = (char *) malloc (1024);
printf(“p4
”, p4); = %p
char *p5 = (char *) malloc (1024);
printf(“p5
”, p5); = %p
char *p6 = (char *) malloc (1024);
printf(“p6
”, p6); = %p
char *p7 = (char *) malloc (1024);
printf(“p7
”, p7); = %p
free(p6);
free(p4);
free(p2);
printf(“Hello
”); Crash!
strcpy(p2, “Hello Crash!”);
strcpy(p4, “Hello Crash!”);
strcpy(p6, “Hello Crash!”);
p2 = (char *) malloc (512);
printf(“p2
”, p2); = %p
p4 = (char *) malloc (1024);
printf(“p4
”, p4); = %p
6 = (char *) malloc (512);
printf(“p6
”, p6); = %p
free (p7);
free (p6);
free (p5);
free (p4);
free (p3);
free (p2);
free (p1);
return 0;
}
..................Content has been hidden....................
You can't read the all page of ebook, please click here login for view all page.