Path: utzoo!utgpu!news-server.csri.toronto.edu!rpi!think.com!zaphod.mps.ohio-state.edu!wuarchive!udel!rochester!pt.cs.cmu.edu!ralf
From: Ralf.Brown@B.GP.CS.CMU.EDU
Newsgroups: comp.os.msdos.programmer
Subject: Re: Memory allocation error
Message-ID: <283e4a03@ralf>
Date: 25 May 91 11:26:59 GMT
Organization: Carnegie Mellon University School of Computer Science
Lines: 21
In-Reply-To: <1991May24.235640.17077@proto.com>
Originator: ralf@B.GP.CS.CMU.EDU

In article <1991May24.235640.17077@proto.com>, joe@proto.com (Joe Huffman) wrote:
}
}You can trash from 'magic position' to 'high memory' that has been given to 
}you by a valid memory allocation call, free it, exit your program and get a
}nasty message telling you to reboot.  If you were to trash all of it then
}it is detected and everything is fine.
}
}It's a bug in DOS 4.01 (and probably others).

Actually, it's COMMAND.COM's overwrite check which is too simplistic.  All it
does is add up all the bytes of the transient portion's memory (modulo 64K)
and compare that to the checksum made when it first loaded.  So any random
trashing has a one-in-64K chance of being undetected; any form of scrambling
which only rearranges the bytes will never be detected.


-- 
{backbone}!cs.cmu.edu!ralf  ARPA: RALF@CS.CMU.EDU   FIDO: Ralf Brown 1:129/53
BITnet: RALF%CS.CMU.EDU@CARNEGIE   AT&Tnet: (412)268-3053 (school)   FAX: ask
DISCLAIMER?  Did  | It isn't what we don't know that gives us trouble, it's
I claim something?| what we know that ain't so.  --Will Rogers