Replacing the mmemory allocator for "CoGetMalloc" function
-
Problem description: I realized my own Memory allocator that is returned by calls to "CoGetMalloc" function (i use a hooked function) I created a DLL that on its initialization phase replaces the original memory allocator for the process (that loads this DLL), and points it to mine i return a pointer to my memory allocator instead of the default one. My memory allocator simulates the original, but uses my own heap. here's what i do: 1. I use a DLL injector EXE application which injects a dll to a process - the DLL name is sent as a parameter. 2. i added "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\MyProcess.exe" to the registry, and pointed it to the injector application with my DLL as its parameter. The flow if what i expect to happen is this: 1. I execute "MyProcess.exe" 2. "MyProcess.exe" process is created and does nothing 3. The injector is executed, and injects my dll to "MyProcess.exe" 4. The injector activates the loadlibrary function which calls the initialization section in my DLL 5. This section hooks to the "CoGetMalloc" function, which uses my own memory allocator. (anyone who calls it, will get my memory allocator from now on in this process) 6. the original "MyProcess.exe" is executed, but blindly using my memory allocator and heap instead of the default ones. What actually happens is that i get a crash after few times the "Alloc" method is invoked, but i can't understand why. "Alloc" is the only method that was called after launching "MyProcess.exe". Can anyone see the problem with this scenario? Thanks.