24,856
社区成员
发帖
与我相关
我的任务
分享C++检测内寸漏洞
// 这段代码在VC++6.0下编译通过, 部分想法来源于网上, 本着想法共享的原则, 写出来希望大家有
// 用!!用于C++检测内寸漏洞 MAKER LN
#include "stdafx.h"
#include <list>
using namespace std;
#ifdef _DEBUG
typedef struct
{
long address;
long size;
char file[1024];
long line;
char func[1024];
int deleteFlag;
} ALLOC_INFO;
typedef list<ALLOC_INFO *> AllocList;
AllocList *allocList;
void AddTrack(long addr, long asize, const char *fname, long lnum,
const char *funcname, int flag = 1)
{
ALLOC_INFO *info;
if(!allocList)
{
allocList = new(AllocList);
}
info = new(ALLOC_INFO);
info->address = addr;
strncpy(info->file, fname, 1023);
info->line = lnum;
info->size = asize;
info->deleteFlag = flag;
strncpy(info->func, funcname, 1023);
allocList->insert(allocList->begin(), info);
}
void RemoveTrack(long addr)
{
AllocList::iterator i;
if(!allocList)
return;
for(i = allocList->begin(); i != allocList->end(); i++)
{
if((*i)->address == addr)
{
if((*i)->deleteFlag == 1)
{
// new
allocList->remove((*i));
free((void*)addr);
}
break;
}
}
};
void RemoveTrackArray(long addr)
{
AllocList::iterator i;
if(!allocList)
return;
for(i = allocList->begin(); i != allocList->end(); i++)
{
if((*i)->address == addr)
{
if((*i)->deleteFlag == 2)
{
// new[] 1
allocList->remove((*i));
free((void*)addr);
}
else if((*i)->deleteFlag == 3)
{
// new[] 2
allocList->remove((*i));
}
break;
}
}
};
void OutputDebugString(char *buff)
{
printf(buff);
printf("\n");
}
void OutputUnfreed()
{
AllocList::iterator i;
long totalSize = 0;
char buf[1024];
if(!allocList)
{
return;
}
for(i = allocList->begin(); i != allocList->end(); i++)
{
if((*i)->deleteFlag == 1 || (*i)->deleteFlag == 2)
{
sprintf(buf, "Filename%-70s\nLine(%d), Function(%s), Address(%d) Size(%d) unfreed ",
(*i)->file, (*i)->line, (*i)->func, (*i)->address, (*i)->size);
OutputDebugString(buf);
totalSize += (*i)->size;
}
}
sprintf(buf, "----------------------------------------------------------- ");
OutputDebugString(buf);
sprintf(buf, "Total Unfreed: %d bytes ", totalSize);
OutputDebugString(buf);
};
#endif
#ifdef _DEBUG
long deleteNum = 0;
inline void * __cdecl operator new(unsigned int size,
const char *file, int line, const char *func)
{
void *ptr = (void *)malloc(size);
AddTrack((long)ptr, size, file, line, func);
return(ptr);
};
inline void __cdecl operator delete(void *p)
{
RemoveTrack((long)p);
};
inline void * __cdecl operator new[](unsigned int size,
const char *file, int line, const char *func)
{
void *ptr = (void *)malloc(size);
AddTrack((long)ptr, size, file, line, func, 2);
AddTrack((long)ptr, size, file, line, func, 3);
return(ptr);
};
inline void __cdecl operator delete[](void *p)
{
RemoveTrackArray((long)p);
RemoveTrackArray((long)p);
};
#endif
#ifndef __FUNCTION__
#define __FUNCTION__ "Undefined"
#endif
#ifdef _DEBUG
#define DEBUG_MSF_NEW new(__FILE__, __LINE__, __FUNCTION__)
#else
#define DEBUG_MSF_NEW new
#endif
#define new DEBUG_MSF_NEW
int main(int argc, char* argv[])
{
printf("Hello World!\n");
// char *p = new char[5];
int *p1 = new int;
int *p2 = new int;
int *p3 = new int;
int *p4 = new int;
int *p5 = new int;
int *p6 = new int;
int *p7 = new int;
int *p8 = new int[5];
int *p9 = new int[5];
delete p8;
delete p7;
delete[] p6;
delete p5;
delete[] p9;
OutputUnfreed();
return 0;
}
// 用!!用于C++检测内寸漏洞 MAKER LN
#include "stdafx.h"
#include <list>
using namespace std;
#ifdef _DEBUG
typedef struct
{
long address;
long size;
char file[1024];
long line;
char func[1024];
int deleteFlag;
} ALLOC_INFO;
typedef list<ALLOC_INFO *> AllocList;
AllocList *allocList;
void AddTrack(long addr, long asize, const char *fname, long lnum,
const char *funcname, int flag = 1)
{
ALLOC_INFO *info;
if(!allocList)
{
allocList = new(AllocList);
}
info = new(ALLOC_INFO);
info->address = addr;
strncpy(info->file, fname, 1023);
info->line = lnum;
info->size = asize;
info->deleteFlag = flag;
strncpy(info->func, funcname, 1023);
allocList->insert(allocList->begin(), info);
}
void RemoveTrack(long addr)
{
AllocList::iterator i;
if(!allocList)
return;
for(i = allocList->begin(); i != allocList->end(); i++)
{
if((*i)->address == addr)
{
if((*i)->deleteFlag == 1)
{
// new
allocList->remove((*i));
free((void*)addr);
}
break;
}
}
};
void RemoveTrackArray(long addr)
{
AllocList::iterator i;
if(!allocList)
return;
for(i = allocList->begin(); i != allocList->end(); i++)
{
if((*i)->address == addr)
{
if((*i)->deleteFlag == 2)
{
// new[] 1
allocList->remove((*i));
free((void*)addr);
}
else if((*i)->deleteFlag == 3)
{
// new[] 2
allocList->remove((*i));
}
break;
}
}
};
void OutputDebugString(char *buff)
{
printf(buff);
printf("\n");
}
void OutputUnfreed()
{
AllocList::iterator i;
long totalSize = 0;
char buf[1024];
if(!allocList)
{
return;
}
for(i = allocList->begin(); i != allocList->end(); i++)
{
if((*i)->deleteFlag == 1 || (*i)->deleteFlag == 2)
{
sprintf(buf, "Filename%-70s\nLine(%d), Function(%s), Address(%d) Size(%d) unfreed ",
(*i)->file, (*i)->line, (*i)->func, (*i)->address, (*i)->size);
OutputDebugString(buf);
totalSize += (*i)->size;
}
}
sprintf(buf, "----------------------------------------------------------- ");
OutputDebugString(buf);
sprintf(buf, "Total Unfreed: %d bytes ", totalSize);
OutputDebugString(buf);
};
#endif
#ifdef _DEBUG
long deleteNum = 0;
inline void * __cdecl operator new(unsigned int size,
const char *file, int line, const char *func)
{
void *ptr = (void *)malloc(size);
AddTrack((long)ptr, size, file, line, func);
return(ptr);
};
inline void __cdecl operator delete(void *p)
{
RemoveTrack((long)p);
};
inline void * __cdecl operator new[](unsigned int size,
const char *file, int line, const char *func)
{
void *ptr = (void *)malloc(size);
AddTrack((long)ptr, size, file, line, func, 2);
AddTrack((long)ptr, size, file, line, func, 3);
return(ptr);
};
inline void __cdecl operator delete[](void *p)
{
RemoveTrackArray((long)p);
RemoveTrackArray((long)p);
};
#endif
#ifndef __FUNCTION__
#define __FUNCTION__ "Undefined"
#endif
#ifdef _DEBUG
#define DEBUG_MSF_NEW new(__FILE__, __LINE__, __FUNCTION__)
#else
#define DEBUG_MSF_NEW new
#endif
#define new DEBUG_MSF_NEW
int main(int argc, char* argv[])
{
printf("Hello World!\n");
// char *p = new char[5];
int *p1 = new int;
int *p2 = new int;
int *p3 = new int;
int *p4 = new int;
int *p5 = new int;
int *p6 = new int;
int *p7 = new int;
int *p8 = new int[5];
int *p9 = new int[5];
delete p8;
delete p7;
delete[] p6;
delete p5;
delete[] p9;
OutputUnfreed();
return 0;
}
...全文
请发表友善的回复…
发表回复
coyprightbao 2004-09-21
- 打赏
- 举报
mark!
laomai 2004-09-21
- 打赏
- 举报
恩,不错,收藏!
bestvip 2004-09-21
- 打赏
- 举报
up!
yjh1982 2004-09-20
- 打赏
- 举报
new不会重入么?
q1q2q3q4ln 2004-09-20
- 打赏
- 举报
1 C:\Documents and Settings\Administrator\桌面\Untitled1.cpp
stdafx.h: No such file or directory.
我的DEV-C++提示如上错误,怎么办??????????
删除stdafx.h这一行!!
stdafx.h: No such file or directory.
我的DEV-C++提示如上错误,怎么办??????????
删除stdafx.h这一行!!
lengfenghongyu 2004-09-15
- 打赏
- 举报
学习,学习啊!
oo 2004-09-15
- 打赏
- 举报
不错
ccwd003 2004-09-15
- 打赏
- 举报
咦!VC中不是有源代码吗?头文件在crtdbg.h中,实现在dbgrpt.c中
yangwyun2000 2004-09-15
- 打赏
- 举报
1 C:\Documents and Settings\Administrator\桌面\Untitled1.cpp
stdafx.h: No such file or directory.
我的DEV-C++提示如上错误,怎么办??????????
stdafx.h: No such file or directory.
我的DEV-C++提示如上错误,怎么办??????????
zhuyie 2004-09-14
- 打赏
- 举报
研究一些原理是可以的,不过实际上所有流行编译器中的带的CRT都有这方面的支持,可以直接用。
SailorK 2004-09-13
- 打赏
- 举报
mark
如何知道内寸漏洞呢?
不要扔鸡蛋
i'm just a primer
如何知道内寸漏洞呢?
不要扔鸡蛋
i'm just a primer
tudou614 2004-09-13
- 打赏
- 举报
OutputUnfreed();
这句改一下,要不在DEV-CPP下编译会报错!!
void OutputUnfreed();
这句改一下,要不在DEV-CPP下编译会报错!!
void OutputUnfreed();
q1q2q3q4ln 2004-09-13
- 打赏
- 举报
只用于DEBUG找错!(TO HobbyOfC(Primer) )
holilyboy 2004-09-09
- 打赏
- 举报
收藏!
HobbyOfC 2004-09-09
- 打赏
- 举报
嗯!不错!以前也看过类似的做法,不过这样是不是速度就慢下来了。
