#include <malloc.h>
void * :perator new(size_t size)
{
int stackvar;
unsigned long stackvaraddr = (unsigned long)&stackvar;
unsigned long argaddr = (unsigned long)&size;
void ** retaddraddr = (void **)(stackvaraddr/2 + argaddr/2 + 2);
void * retaddr = * retaddraddr;
unsigned char *retbuffer = (unsigned char*)malloc(size + 16);
memset(retbuffer, 0, 16);
memcpy(retbuffer, &retaddr, sizeof(retaddr));
memcpy(retbuffer + 4, &size, sizeof(size));
return retbuffer + 16;
}
void :perator delete(void *buf)
{
int stackvar;
if(!buf)
return;
unsigned long stackvaraddr = (unsigned long)&stackvar;
unsigned long argaddr = (unsigned long)&buf;
void ** retaddraddr = (void **)(stackvaraddr/2 + argaddr/2 + 2);
void * retaddr = * retaddraddr;
unsigned char* buf2 = (unsigned char*)buf;
buf2 -= 8;
memcpy(buf2, &retaddr, sizeof(retaddr));
size_t size;
buf2 -= 4;
memcpy(&size, buf2, sizeof(buf2));
buf2 += 8;
buf2[0] = 0xde;
buf2[1] = 0xad;
buf2[2] = 0xbe;
buf2[3] = 0xef;
buf2 += 4;
memset(buf2, 0x7777, size);
// deallocating destroys saved addresses, so dont
// buf -= 16;
// free(buf);
}
其它值得关注的地方:
这段代码同样可以用于内存泄露的检测。只需修改delete运算符使它真正的去释放内存,并且在程序退出前,用__heapwalk遍历所有已分配的内存块并把调用new的地址提取出来,这就将得到一份没有被delete匹配的new调用列表。
还要注意的是:这里列出的代码只能在调试的时候去使用,如果你把它段代码放到最终的产品中,会导致程序运行时内存被大量的消耗。