Heap memory corruption

I have an application developed by a small-ish company. The application terminates roughly every day, I analyzed the crash dump and I see heap memory corruption was detected in myapplication.exe.. Vendor is out of ideas. Server is 2012R2, any suggestions on where I could start, thanks.
LVL 6
Sid_FAsked:
Who is Participating?
 
sarabandeCommented:
you can start to add a try-catch block in your main function. in the project settings make that the application also handles SEH exceptions what is heap or pointer errors.

in the catch block add a log write such that you know which function has caused the exception. if your main function has multiple statements you could increment a step variable such that you will know which statement caused the exception:

#include <errno.h>
...
int main()
{
     int step = 0;
     try
     {
            statement();
            step = 1;
            next_statement();
            step = 2;
            next_statement();
            step = 3;
            ....
     }
     catch ...
     {
            log_error("main", step, errno);
     }
  
}

Open in new window


if you find out that statement 2 is wrong you would do the same thing with the function called in statement 2.

and so on.

note, you could use macros at begin and end of eacxh functions to creating some kind of stack information when crashing. it is a little bit work but mostly worth the efforts.


Sara
0
 
ZoppoCommented:
Hi Sid_F,

without having the source code and being able to run it in a debugger there's not much you can do - often best one can do in such a situation is to help the vendor to find a way to reproduce the problem, so they probably can find the cause by debugging.

Depending on what the program does you can probably test some things to see if it becomes more stable, i.e. if the program uses some paths or lets the user enter some strings you can try to use very short paths/strings.

Heap corruptions often happen due to bugs like i.e. this one:
char* copy( const char* pszText )
{
 int len = strlen( pszText );
 char* pszCopy = new char[len];
 strncpy( pszCopy, pszText, len );
 pszCopy[len] = '\0';
 return pszCopy;
}

Open in new window

The allocated array is too small to store the terminating '\0', the allocation should be 'new char[len + 1]'. Similar things can happen in case extremely long paths are used - usually Windows-developers assume paths are not longer then 'MAX_PATH' constant. So probably somewhere a developer allocates a string for a path using 'new char [MAX_PATH + 1]', regardless whether the real pathname which is currently processed isn't longer than MAX_PATH or not.

This are only two examples of bugs which can lead to heap corruptions, there are many more possibilities.

ZOPPO
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.