Databases
StackOverflow2013
Postsdbo
PO
 

Note that there are some explanatory texts on larger screens.

plurals
  1. PO
    primarykey
    data
    text
    <p>Based on Michael Burr's comment above about the IMAGE_LOAD_CONFIG_DIRECTORY containing GlobalFlagSet I wrote the following code to demonstrate enabling the correct GlobalFlag to disable the Low Fragmentation Heap. One caveat about writing your own IMAGE_LOAD_CONFIG_DIRECTORY at compile time is that it disables SafeSEH.</p> <pre><code>// editloadconfig.cpp : Defines the entry point for the console application. // #include "stdafx.h" #include &lt;windows.h&gt; #include &lt;tchar.h&gt; #include &lt;stdio.h&gt; /* typedef struct { DWORD Size; DWORD TimeDateStamp; WORD MajorVersion; WORD MinorVersion; DWORD GlobalFlagsClear; DWORD GlobalFlagsSet; DWORD CriticalSectionDefaultTimeout; DWORD DeCommitFreeBlockThreshold; DWORD DeCommitTotalFreeThreshold; DWORD LockPrefixTable; // VA DWORD MaximumAllocationSize; DWORD VirtualMemoryThreshold; DWORD ProcessHeapFlags; DWORD ProcessAffinityMask; WORD CSDVersion; WORD Reserved1; DWORD EditList; // VA DWORD SecurityCookie; // VA DWORD SEHandlerTable; // VA DWORD SEHandlerCount; } IMAGE_LOAD_CONFIG_DIRECTORY32, *PIMAGE_LOAD_CONFIG_DIRECTORY32; */ extern "C" IMAGE_LOAD_CONFIG_DIRECTORY _load_config_used = { 0x48, 0, 0, 0,0, 0x00000020/*enable heap free checking*/}; // change the last value to 0 to not enable any globalflags #define HEAP_STANDARD 0 #define HEAP_LAL 1 #define HEAP_LFH 2 #define SIZE 100 int _tmain(int argc, _TCHAR* argv[]) { BOOL bResult; HANDLE hHeap; ULONG HeapInformation; void* allocb[0x12+1]; // based on "Understanding the LFH" paper at // http://www.google.com/url?sa=t&amp;rct=j&amp;q=&amp;esrc=s&amp;source=web&amp;cd=5&amp;ved=0CE0QFjAE&amp;url=http%3A%2F%2Fillmatics.com%2FUnderstanding_the_LFH.pdf&amp;ei=GlBvT9yrMKHy0gGHpLnaBg&amp;usg=AFQjCNGsvVtl54X7MWGyWYqiSrsdTBrbXQ int i = 0; for(i = 0; i &lt; 0x12; i++) { printf("Allocation 0x%02x for 0x%02x bytes\n", i, SIZE); allocb[i] = HeapAlloc(GetProcessHeap(), 0x0, SIZE); } printf("Allocation 0x%02x for 0x%02x bytes\n", i++, SIZE); printf("\tFirst serviced by the LFH\n"); allocb[i] = HeapAlloc(GetProcessHeap(), 0x0, SIZE); // LFH is now activated so the query below will return 0 or 2. // sample code from MSDN for querying heap information // // Get a handle to the default process heap. // hHeap = GetProcessHeap(); if (hHeap == NULL) { _tprintf(TEXT("Failed to retrieve default process heap with LastError %d.\n"), GetLastError()); return 1; } // // Query heap features that are enabled. // bResult = HeapQueryInformation(hHeap, HeapCompatibilityInformation, &amp;HeapInformation, sizeof(HeapInformation), NULL); if (bResult == FALSE) { _tprintf(TEXT("Failed to retrieve heap features with LastError %d.\n"), GetLastError()); return 1; } // // Print results of the query. // _tprintf(TEXT("HeapCompatibilityInformation is %d.\n"), HeapInformation); switch(HeapInformation) { case HEAP_STANDARD: _tprintf(TEXT("The default process heap is a standard heap.\n")); break; case HEAP_LAL: _tprintf(TEXT("The default process heap supports look-aside lists.\n")); break; case HEAP_LFH: _tprintf(TEXT("The default process heap has the low-fragmentation ") \ TEXT("heap enabled.\n")); break; default: _tprintf(TEXT("Unrecognized HeapInformation reported for the default ") \ TEXT("process heap.\n")); break; } return 0; } </code></pre>
    singulars
    1. This table or related slice is empty.
    1. PODisable LFH in Windows?
      singulars
      1. PTQuestion
    1. PTAnswer
    1. This table or related slice is empty.
    1. USjcopenha
    plurals
    1. This table or related slice is empty.
    1. This table or related slice is empty.
    1. This table or related slice is empty.
    1. This table or related slice is empty.
    1. VO
      singulars
      1. PO
      1. This table or related slice is empty.
      1. VTUpMod
    1. CONice - I thought dealing with this would require manual editing with a hex editor (or writing some program/script to do the editing). How did you find out to use `_load_config_used` to set up this structure in the PE image? I found only two references on MSDN: one was completely unrelated and the second was related but discussed only "safeseh" and used `_load_config_used` without really talking about what the purpose was (referring to the loadcfg.c CRT source for details).
      singulars
      1. PO
      1. USMichael Burr
    2. COOops, didn't source all of my material. This article, http://www.delphibasics.info/home/delphibasicsarticles/anin-depthlookintothewin32portableexecutablefileformat-part1 , lead me to the _load_config_used portion. Lucky google hit.
      singulars
      1. PO
      1. USjcopenha
    3. COLooking at `vc/crt/src/intel/loadcfg.c`, it's pretty easy to get the safeSEH support back by adding a few externs and dropping their addresses into the correct slots at the end of the `_load_config_used` struct.
      singulars
      1. PO
      1. USMichael Burr
 

Querying!

 
Guidance
A row detail

Detail views are divided into sections. All the information in the data section comes from columns in the selected row. The other sections display data from other, related rows.

Related data can be related in a to-one or a to-many fashion. Captions of data related in a to-many fashion link to a list view showing a filtered view of the table.

Try moving around until you find a non-empty to-many entry and click on the label to get to one. You can move back to the root by clicking on the database name in the header.

SQuiL has stopped working due to an internal error.

If you are curious you may find further information in the browser console, which is accessible through the devtools (F12).

Reload