Hendrik Boom <hendrik@???> writes:

[...]

> After thet there are probably a variety of data structures that can
> keep track of all the allocations and free spaces. on the Lnuxes I've
> been using, malloc seems to keep its administrative data far removed
> from the memory it is allocating. So although it's easy to clobber
> one's data structures by indexing slightlly out of bounds one is
> less likely to clobber malloc's administrative data.

The 8 byte immediately in front of the allocated address are seemingly
used to hold the block size. Running this program with an argument of
256 cause free to make noises about heap corruption on my system.

-----
#include <stdlib.h>

int main(int argc, char **argv)
{
    char *p;

    p = malloc(atoi(argv[1]));
    p[-7] = 0;
    free(p);

    return 0;
}