Is there a way to hook the malloc/free function call from a C application it self?
Asked
Active
Viewed 1.1k times
8
-
1Not overwrite. But you could wrap it in your own function if you wanted to. – AntonH Jul 22 '14 at 17:01
-
Then the problem is I cannot see the malloc and free calls from other libraries – Sujith Gunawardhane Jul 22 '14 at 17:02
-
2This is very platform-specific, you should specify what platform/toolchain you are working with. – Matteo Italia Jul 22 '14 at 17:02
-
Actually it is Linux/gcc – Sujith Gunawardhane Jul 22 '14 at 17:03
-
1Obviously you can't over write it. Because C won't support Function overloaading. – Sathish Jul 22 '14 at 17:03
-
1@Sujith Wherever it is, If you use C language you can't – Sathish Jul 22 '14 at 17:05
-
1The rule is that the code that calls malloc and the code that calls free should be in the same .so . So, expose your library's memory as opaque handles and manage them with code in your own library, similar to fopen/fclose for FILE. – Jul 22 '14 at 17:06
-
possibly linked question: (you should totally look at that :D) http://stackoverflow.com/questions/17803456/an-alternative-for-the-deprecated-malloc-hook-functionality-of-glibc – Andreas Grapentin Jul 22 '14 at 18:13
-
All those that say you can't - you can. @Sathish : overriding is not the same as overloading. – Clifford Jul 22 '14 at 18:14
-
@SujithGunawardhane : The point about Linux/GCC belongs in the question, rather than a comment. Edit the question. Comments should be considered temporary - the question needs to stand alone, and this is an important clarification. – Clifford Jul 22 '14 at 18:32
-
1You've asked one question in the title, and a different one in the body. Is this in fact two questions? Clarify by editing the question. – Clifford Jul 22 '14 at 18:33
8 Answers
6
malloc() and free() are defined in the standard library; when linking code, the linker will search the library only for symbols that are not already resolved by eailier encountered object code, and object files generated from compilation are always linked before any libraries.
So you can override any library function simply by defining it in your own code, ensuring that it has the correct signature (same name, same number and types of parameters and same return type).
Clifford
- 88,407
- 13
- 85
- 165
-
this is pretty close to the question, although the OP asked for malloc hooks, not re-implementations. (+1) – Andreas Grapentin Jul 22 '14 at 18:21
-
1@AndreasGrapentin : It is not clear to me what he may have meant by hooks, but it seems to be a slightly different question to that implied by the title. It seems he is asking two questions. – Clifford Jul 22 '14 at 18:29
5
Yes you can. Here's an example program. It compiles and builds with gcc 4.8.2 but does not do anything useful since the implementations are not functional.
#include <stdlib.h>
int main()
{
int* ip = malloc(sizeof(int));
double* dp = malloc(sizeof(double));
free(ip);
free(dp);
}
void* malloc(size_t s)
{
return NULL;
}
void free(void* p)
{
}
R Sahu
- 204,454
- 14
- 159
- 270
-
3for GNU/linux, glibc also exports `__libc_malloc` and friends, so you could call them from your malloc, and still use the glibc provided malloc and add your hook logic as needed. not portable though, and you would need `dlsym` for kind of more portable solutions – Andreas Grapentin Jul 22 '14 at 18:20
-
1At last someone who knows what they are talking about. That said, the code does *run*; it does not allocate. – Clifford Jul 22 '14 at 18:25
-
1@AndreasGrapentin : That depends on your needs. You could allocate a large static array and use it as a heap with your own allocation algorithm, then there are no OS dependencies. That is essentially how most OS'less embedded systems do it. – Clifford Jul 22 '14 at 18:27
-
@Clifford this is almost never a good idea in application code though. =) Embedded systems are an entirely different story of course. – Andreas Grapentin Jul 22 '14 at 18:29
-
1@AndreasGrapentin : true, but the fact that this was a question about GCC/Linux has not yet been stated in the question, only a later comment, and we cannot know why the question was being asked - hence the "it depends on your needs" qualification. In Linux at least you would loose significant flexibility and functionality, such as virtual memory, and a large static allocation may affect performance of other processes forced to swap - but the idea is out there (and I am an embedded systems developer). – Clifford Jul 22 '14 at 18:37
-
@Clifford again, very true. I think I was a bit influenced by the term "hook" in the body of the question - and a malloc hook is usually not a reimplementation =) This question needs some clarification. Glad you requested them in the comments above! – Andreas Grapentin Jul 22 '14 at 18:44
2
Not sure if this counts as "overwriting', but you can effectively change the behavior of code that calls malloc and free by using a macro:
#define malloc(x) my_malloc(x)
#define free(x) my_free(x)
void * my_malloc(size_t nbytes)
{
/* Do your magic here! */
}
void my_free(void *p)
{
/* Do your magic here! */
}
int main(void)
{
int *p = malloc(sizeof(int) * 4); /* calls my_malloc */
free(p); /* calls my_free */
}
ApproachingDarknessFish
- 14,133
- 7
- 40
- 79
2
You may need LD_PRELOAD mechanism to replace malloc and free.
Nguyễn Văn Phong
- 13,506
- 17
- 39
- 56
Bryan Huang
- 23
- 3
-
Could you add a little more information so readers don't need to google `LD_PRELOAD`? BTW, that's a very interesting trick, I'd not seen it used before. – Z4-tier Jan 23 '20 at 03:22
1
As many mentioned already, this is very platform specific. Most "portable" way is described in an accepted answer to this question. A port to non-posix platforms requires finding an appropriate replacement to dlsym.
Since you mention Linux/gcc, hooks for malloc would probably serve you the best.
-
the malloc hooks have been deprecated - instead, malloc and friends are exported as weak symbols allowing user code to override them. (see the question I linked in the comments above) – Andreas Grapentin Jul 22 '14 at 18:16
0
Depending on the platform you are using, you may be able to remove the default malloc/free from the library and add your own using the linker or librarian tools. I'd suggest you only do this in a private area and make sure you can't corrupt the original library.
TRKemp
- 518
- 2
- 6
-
dangerous and not necessary. EDIT: for gnu/linux at least =) – Andreas Grapentin Jul 22 '14 at 18:16
-
1You don't need to go that far - just define a function of the same name and the linker won't search the library for it. – Clifford Jul 22 '14 at 18:18
0
On the Windows platform there is a Detour library. It basically patches any given function on the assembler level. This allows interception of any C library or OS call, like CreateThread, HeapAlloc, etc. I used this library for overriding memory allocation functions in a working application.
This library is Windows specific. On other platforms most likely there are similar libraries.
Kirill Kobelev
- 10,252
- 6
- 30
- 51
-1
C does not provide function overloading. So you cannot override.
Pranit Kothari
- 9,721
- 10
- 61
- 137
-
4
-
@chris Yes true. But I think, as we can overload new in C++, we cannot overload malloc in C. – Pranit Kothari Jul 22 '14 at 17:12
-
1How would overloading `malloc` help with replacing it? Everything that calls `malloc` would still use the original unless you provided better matches for non-`size_t` arguments, and even then the calls with a `size_t` argument would still use the original. – chris Jul 22 '14 at 17:14
-
It really depends on what platform you are using. In embedded systems it's fairly common to write your own malloc(). – TRKemp Jul 22 '14 at 17:35
-
1hurry! tell the guys of dlmalloc, tcmalloc, jemalloc, and many others that they can't do that! – Javier Jul 22 '14 at 17:52
-
2Overload is not the same thing as override - in C or C++. And you can override any library code simply by defining it. – Clifford Jul 22 '14 at 18:17