ID Number: Q32680
2.03 2.10 3.00
WINDOWS
docerr
Summary:
The ValidateFreeSpaces() function does not work as documented on page
4-454 of the "Microsoft Windows Software Development Kit Reference
Volume 1" for version 3.0.
More Information:
ValidateFreeSpaces() returns a void, not a LPSTR, as documented. Under
the debugging kernel, ValidateFreeSpaces() will RIP if it finds
overwritten free space; under the retail kernel, it does nothing.
To use ValidateFreeSpaces(), the WIN.INI file must include the
following statements:
[KERNEL]
EnableHeapChecking=1
EnableFreeChecking=1
If an application calls ValidateFreeSpaces() and it discovers an
error, it will RIP with a FatalExit code of 0x00ff, "FREE MEMORY
OVERWRITE AT," and the address of the byte that was overwritten as
Segment:Offset.
To build a fairly solid detector of wild pointers, an application
writer can use the following statements in the [KERNEL] section:
1. EnableHeapChecking=1 to cause the kernel to regularly check the
global arena.
2. EnableFreeChecking=1 to let ValidateFreeSpaces() check global free
space.
3. EnableSegmentChecksum=1 to cause the kernel to check for corrupted
code segments.
If the application then calls ValidateFreeSpaces() and
GlobalCompact(-1) regularly, it will catch almost all wild global
pointers. ValidateFreeSpaces() will check for any overwritten free
blocks, and GlobalCompact(-1) will move and discard memory, thereby
forcing heap and checksum checking.
Please note the following:
1. CCh is used for the free-space fill byte because it will cause the
debugger to breakpoint if a jump into free space is executed.
2. If EnableSegmentChecksum=1 is used, setting breakpoints may cause
spurious 0x0409 RIPs.
3. Setting all of these checks will noticeably slow the system.
4. If bad free spaces exist, check for fatal exit FFs and LLLLLLLs
before the address actually appears. A few fatal exits may have to
be ignored before the address appears.