Do you know how to detect a memory leak? One good tool is LeakDiag, it can give detail information about memory leaked inside a process. Nice to know the this tool is available at Microsoft FTP site (click to download) :
You can find many other tools, but LeakDiag is a flexible one. LeakDiag uses Microsoft Research Detours technology to intercept calls to the memory allocators. It is not relying on the OS support for recording memory allocation stack traces.
Detours is an innovative research tools with the ability to easily instrument and extend existing OS and application functionality. Detours is a library for instrumenting arbitrary Win32 functions on x86, x64, and IA64 machines. Detours intercepts Win32 functions by re-writing the in-memory code for target functions. The Detours package also contains utilities to attach arbitrary DLLs and data segments (called payloads) to any Win32 binary. This is a powerful tool for sure!.
Detours is a library for intercepting arbitrary Win32 binary functions on x86 machines. Interception code occurs dynamically at runtime. Detours replaces the first few instructions of the target function with an unconditional jump to the user-provided detour function. Instructions from the target function are preserved in a trampoline function. The trampoline function consists of the instructions removed from the target function and an unconditional branch to the remainder of the target function. The detour function can either replace the target function or extend its semantics by invoking the target function as a subroutine
through the trampoline.
Detours are inserted at execution time. The code of the target function is modified in memory, not on disk, thus facilitating interception of binary functions at a very fine granularity. Detours is reusable. You can develop your own application utilize its libraries.
#include <windows.h>
#include <detours.h>
VOID (*DynamicTrampoline)(VOID) = NULL;
DETOUR_TRAMPOLINE(VOID WINAPI SleepTrampoline(DWORD),Sleep);
VOID WINAPI SleepDetour(DWORD dw)
{
return SleepTrampoline(dw);
}
VOID DynamicDetour(VOID)
{
return DynamicTrampoline();
}
void main(void)
{
VOID (*DynamicTarget)(VOID) = SomeFunction;
DynamicTrampoline =(FUNCPTR)DetourFunction((PBYTE)DynamicTarget,(PBYTE)DynamicDetour);
DetourFunctionWithTrampoline((PBYTE)SleepTrampoline,(PBYTE)SleepDetour);
// Execute the remainder of program.
DetourRemoveTrampoline(SleepTrampoline);
DetourRemoveTrampoline(DynamicTrampoline);
}
Detours is used widely within Microsoft and within the industry !. If you like low level stuff, play with it and share with others.
Thx - RAM