0

I have some crashes and I suspect this is due to some stack corruption.Dump memory of the stack with dd in windbg I have some special values:

0:000> dd esp 00000084`67b9fd30
00000084`67b96cc0  67b96d00 00000084 89194aa8 00007ff7
00000084`67b96cd0  cdcdcdcd cdcdcdcd cccccccc cccccccc
00000084`67b96ce0  cccccccc cccccccc cccccccc cccccccc
00000084`67b96cf0  cccccccc cccccccc cccccccc cccccccc
00000084`67b96d00  67b96d40 00000084 89194978 00007ff7
00000084`67b96d10  cdcdcdcd cdcdcdcd cccccccc cccccccc
00000084`67b96d20  cccccccc cccccccc cccccccc cccccccc
00000084`67b96d30  cccccccc cccccccc cccccccc cccccccc
00000084`67b96d40  67b96e10 00000084 891a942f 00007ff7
00000084`67b96d50  cdcdcdcd cdcdcdcd 67b96dd8 00000084

As far as I know, 0xcdcdcdcd cdcdcdcd is special values on heap when program is compiled with debug option on msvc.

If this is a abnormal situation, what is the common reasons for this?

maidamai
  • 712
  • 9
  • 26
  • https://stackoverflow.com/questions/127386/in-visual-studio-c-what-are-the-memory-allocation-representations has a list of the special values. You might be taking an uninitialised heap value and assigning it to a local variable - i.e. `int local_var = *heap_ptr` – James Picone Sep 03 '19 at 01:53
  • @JamesPicone So it is a abnormal situation to have such values on stack?I mean it is an error at least. – maidamai Sep 03 '19 at 02:01
  • No, it is not abnormal. – Eljay Sep 03 '19 at 02:07
  • @Eljay Can you explain it a little bit? it's not some random value, I have many such values on my stack. – maidamai Sep 03 '19 at 02:42
  • Possible duplicate of [When and why will an OS initialise memory to 0xCD, 0xDD, etc. on malloc/free/new/delete?](https://stackoverflow.com/questions/370195/when-and-why-will-an-os-initialise-memory-to-0xcd-0xdd-etc-on-malloc-free-new) – phuclv Sep 03 '19 at 04:59

1 Answers1

1

0xCCCCCCCC marks uninitialized stack memory, so it's normal for it to be on the stack. It shouldn't ever be read by your program though since that means you're reading uninitialized memory. 0xCDCDCDCD marks uninitialized heap memory, so having it on the stack shows that you've probably read uninitialized heap memory somewhere and copied it to the stack which isn't good.

eesiraed
  • 4,626
  • 4
  • 16
  • 34