Hook into Winsock API to detect socket and event handle leaks

datadiode · datadiode · commit b01470195a1b · 2025-05-05T08:46:44.000+02:00
diff --git a/setup/version.h b/setup/version.h
@@ -1,5 +1,5 @@
 
-#define VLDVERSION          L"2.8.1"
-#define VERSION_NUMBER      2,8,1,0
-#define VERSION_STRING      "2.8.1.0"
+#define VLDVERSION          L"2.8.2"
+#define VERSION_NUMBER      2,8,2,0
+#define VERSION_STRING      "2.8.2.0"
 #define VERSION_COPYRIGHT   "Copyright (C) 2005-2025"
diff --git a/setup/vld-setup.iss b/setup/vld-setup.iss
@@ -2,7 +2,7 @@
 ; SEE THE DOCUMENTATION FOR DETAILS ON CREATING INNO SETUP SCRIPT FILES!
 
 #define MyAppName "Visual Leak Detector"
-#define MyAppVersion "2.8.1"
+#define MyAppVersion "2.8.2"
 #define MyAppPublisher "VLD Team"
 #define MyAppURL "https://github.com/oneiric/vld"
 #define MyAppRegKey "Software\Visual Leak Detector"
diff --git a/src/dllspatches.cpp b/src/dllspatches.cpp
@@ -769,6 +769,16 @@ patchentry_t VisualLeakDetector::m_ntdllPatch [] = {
     NULL,                 NULL, NULL
 };
 
+patchentry_t VisualLeakDetector::m_winsockPatch [] = {
+    "socket",             NULL, _socket,
+    "accept",             NULL, _accept,
+    "connect",            NULL, _connect,
+    "closesocket",        NULL, _closesocket,
+    "WSACreateEvent",     NULL, _WSACreateEvent,
+    "WSACloseEvent",      NULL, _WSACloseEvent,
+    NULL,                 NULL, NULL
+};
+
 patchentry_t VisualLeakDetector::m_ole32Patch [] = {
     "CoGetMalloc",        NULL, _CoGetMalloc,
     "CoTaskMemAlloc",     NULL, _CoTaskMemAlloc,
@@ -842,6 +852,9 @@ moduleentry_t VisualLeakDetector::m_patchTable [] = {
     // NT APIs.
     "ntdll.dll",    FALSE,  0x0, m_ntdllPatch,
 
+    // Winsock APIs.
+    "ws2_32.dll",   FALSE,  0x0, m_winsockPatch,
+
     // COM heap APIs.
     "ole32.dll",    FALSE,  0x0, m_ole32Patch
 };
diff --git a/src/stdafx.h b/src/stdafx.h
@@ -3,6 +3,7 @@
 #include <cassert>
 #include <cerrno>
 #include <cstdio>
+#include <winsock2.h>
 #include <shlwapi.h>
 #if _WIN32_WINNT < 0x0600 // Windows XP or earlier, no GetProcessIdOfThread()
 #include <winternl.h>
diff --git a/src/vld.cpp b/src/vld.cpp
@@ -1350,6 +1350,7 @@ VOID VisualLeakDetector::mapBlock (HANDLE heap, LPCVOID mem, SIZE_T size, bool d
     blockinfo->reported = false;
     blockinfo->debugCrtAlloc = debugcrtalloc;
     blockinfo->ucrt = ucrt;
+    blockinfo->resource = IS_INTRESOURCE(heap);
 
     if (SIZE_MAX - m_totalAlloc > size)
         m_totalAlloc += size;
@@ -1672,6 +1673,9 @@ VOID VisualLeakDetector::reportConfig ()
 
 bool VisualLeakDetector::isDebugCrtAlloc( LPCVOID block, blockinfo_t* info )
 {
+    if (info->resource)
+        return false;
+
     // Autodetection allocations from statically linked CRT
     if (!info->debugCrtAlloc) {
         crtdbgblockheader_t* crtheader = (crtdbgblockheader_t*)block;
@@ -1908,7 +1912,7 @@ SIZE_T VisualLeakDetector::reportLeaks (heapinfo_t* heapinfo, bool &firstLeak, S
             info->callStack->dump(m_options & VLD_OPT_TRACE_INTERNAL_FRAMES);
 
         // Dump the data in the user data section of the memory block.
-        if (m_maxDataDump != 0) {
+        if (m_maxDataDump != 0 && size != 0) {
             Report(L"  Data:\n");
             if (m_options & VLD_OPT_UNICODE_REPORT) {
                 DumpMemoryW(address, (m_maxDataDump < size) ? m_maxDataDump : size);
diff --git a/src/vld.vcxproj b/src/vld.vcxproj
@@ -88,7 +88,7 @@
       <DisableSpecificWarnings>4201;4229;4091;4302;4311;4312;4127</DisableSpecificWarnings>
     </ClCompile>
     <Link>
-      <AdditionalDependencies>shlwapi.lib;%(AdditionalDependencies)</AdditionalDependencies>
+      <AdditionalDependencies>shlwapi.lib;ws2_32.lib;%(AdditionalDependencies)</AdditionalDependencies>
       <SubSystem>Windows</SubSystem>
     </Link>
     <Manifest>
@@ -107,7 +107,7 @@
       <EnablePREfast>false</EnablePREfast>
     </ClCompile>
     <Link>
-      <AdditionalDependencies>shlwapi.lib;%(AdditionalDependencies)</AdditionalDependencies>
+      <AdditionalDependencies>shlwapi.lib;ws2_32.lib;%(AdditionalDependencies)</AdditionalDependencies>
       <SubSystem>Windows</SubSystem>
     </Link>
     <Manifest>
@@ -135,7 +135,7 @@
       <OptimizeReferences>true</OptimizeReferences>
       <EnableCOMDATFolding>true</EnableCOMDATFolding>
       <SubSystem>Windows</SubSystem>
-      <AdditionalDependencies>shlwapi.lib;%(AdditionalDependencies)</AdditionalDependencies>
+      <AdditionalDependencies>shlwapi.lib;ws2_32.lib;%(AdditionalDependencies)</AdditionalDependencies>
     </Link>
     <Manifest>
       <AdditionalManifestFiles>vld.dll.dependency.x86.manifest</AdditionalManifestFiles>
@@ -161,7 +161,7 @@
       <EnableCOMDATFolding>true</EnableCOMDATFolding>
       <Profile>true</Profile>
       <SubSystem>Windows</SubSystem>
-      <AdditionalDependencies>shlwapi.lib;%(AdditionalDependencies)</AdditionalDependencies>
+      <AdditionalDependencies>shlwapi.lib;ws2_32.lib;%(AdditionalDependencies)</AdditionalDependencies>
     </Link>
     <Manifest>
       <AdditionalManifestFiles>vld.dll.dependency.x64.manifest</AdditionalManifestFiles>
diff --git a/src/vld_hooks.cpp b/src/vld_hooks.cpp
@@ -42,6 +42,11 @@ extern HANDLE           g_currentProcess;
 extern CriticalSection  g_heapMapLock;
 extern DbgHelp g_DbgHelp;
 
+// Heap handles are pointers, hence disjunct from numbers below 65536, which
+// hence can serve as pseudo heap handles for tracking non-memory resources.
+#define VLD_SOCKET_RESOURCE                             MAKEINTRESOURCE(1)
+#define VLD_WSAEVENT_RESOURCE                           MAKEINTRESOURCE(2)
+
 ////////////////////////////////////////////////////////////////////////////////
 //
 // Debug CRT and MFC IAT Replacement Functions
@@ -298,6 +303,171 @@ LPVOID VisualLeakDetector::_HeapReAlloc (HANDLE heap, DWORD flags, LPVOID mem, S
     return newmem;
 }
 
+////////////////////////////////////////////////////////////////////////////////
+//
+// Winsock IAT Replacement Functions
+//
+////////////////////////////////////////////////////////////////////////////////
+
+// _socket - Calls to socket are patched through to this function.
+//   This function invokes the real socket and then calls VLD's allocation
+//   tracking function with a pseudo heap handle of value VLD_SOCKET_RESOURCE.
+//
+//  Return Value:
+//
+//    Returns the return value from socket.
+//
+SOCKET VisualLeakDetector::_socket (int af, int type, int protocol)
+{
+    PRINT_HOOKED_FUNCTION2();
+    // Allocate the resource.
+    SOCKET s = socket(af, type, protocol);
+
+    if ((s == INVALID_SOCKET) || !g_vld.enabled())
+        return s;
+
+    if (!g_DbgHelp.IsLockedByCurrentThread()) // skip dbghelp.dll calls
+    {
+        CAPTURE_CONTEXT();
+        CaptureContext cc(socket, context_);
+        cc.Set(VLD_SOCKET_RESOURCE, reinterpret_cast<LPVOID>(s), NULL, 0);
+    }
+
+    return s;
+}
+
+// _accept - Calls to accept are patched through to this function.
+//   This function invokes the real accept and then calls VLD's allocation
+//   tracking function with a pseudo heap handle of value VLD_SOCKET_RESOURCE.
+//
+//  Return Value:
+//
+//    Returns the return value from accept.
+//
+SOCKET VisualLeakDetector::_accept (SOCKET s, struct sockaddr *addr, int *addrlen)
+{
+    PRINT_HOOKED_FUNCTION2();
+    // Allocate the resource.
+    s = accept(s, addr, addrlen);
+
+    if ((s == INVALID_SOCKET) || !g_vld.enabled())
+        return s;
+
+    if (!g_DbgHelp.IsLockedByCurrentThread()) // skip dbghelp.dll calls
+    {
+        CAPTURE_CONTEXT();
+        CaptureContext cc(accept, context_);
+        cc.Set(VLD_SOCKET_RESOURCE, reinterpret_cast<LPVOID>(s), NULL, 0);
+    }
+
+    return s;
+}
+
+// _connect - Calls to connect are patched through to this function.
+//   This function invokes the real connect and then calls VLD's allocation
+//   tracking function with a pseudo heap handle of value VLD_SOCKET_RESOURCE.
+//
+//  Return Value:
+//
+//    Returns the return value from connect.
+//
+SOCKET VisualLeakDetector::_connect (SOCKET s, const struct sockaddr *name, int namelen)
+{
+    PRINT_HOOKED_FUNCTION2();
+    // Allocate the resource.
+    s = connect(s, name, namelen);
+
+    if ((s == INVALID_SOCKET) || !g_vld.enabled())
+        return s;
+
+    if (!g_DbgHelp.IsLockedByCurrentThread()) // skip dbghelp.dll calls
+    {
+        CAPTURE_CONTEXT();
+        CaptureContext cc(connect, context_);
+        cc.Set(VLD_SOCKET_RESOURCE, reinterpret_cast<LPVOID>(s), NULL, 0);
+    }
+
+    return s;
+}
+
+// _closesocket - Calls to closesocket are patched through to this function.
+//   This function calls VLD's free tracking function with a pseudo heap handle
+//   of value VLD_SOCKET_RESOURCE and then invokes the real closesocket.
+//
+//  Return Value:
+//
+//    Returns the value returned by closesocket.
+//
+int VisualLeakDetector::_closesocket (SOCKET s)
+{
+    PRINT_HOOKED_FUNCTION2();
+
+    if (!g_DbgHelp.IsLockedByCurrentThread()) // skip dbghelp.dll calls
+    {
+        // Record the current frame pointer.
+        CAPTURE_CONTEXT();
+        context_.func = reinterpret_cast<UINT_PTR>(closesocket);
+
+        // Unmap the resource from the specified pseudo heap.
+        g_vld.unmapBlock(VLD_SOCKET_RESOURCE, reinterpret_cast<LPVOID>(s), context_);
+    }
+
+    return closesocket(s);
+}
+
+// _WSACreateEvent - Calls to WSACreateEvent are patched through to this
+//   function. This function invokes the real WSACreateEvent and then calls
+//   VLD's allocation tracking function with a pseudo heap handle of value
+//   VLD_HANDLE_RESOURCE.
+//
+//  Return Value:
+//
+//    Returns the return value from WSACreateEvent.
+//
+WSAEVENT VisualLeakDetector::_WSACreateEvent ()
+{
+    PRINT_HOOKED_FUNCTION2();
+    // Allocate the resource.
+    WSAEVENT hEvent = WSACreateEvent();
+
+    if ((hEvent == WSA_INVALID_EVENT) || !g_vld.enabled())
+        return hEvent;
+
+    if (!g_DbgHelp.IsLockedByCurrentThread()) // skip dbghelp.dll calls
+    {
+        CAPTURE_CONTEXT();
+        CaptureContext cc(WSACreateEvent, context_);
+        cc.Set(VLD_WSAEVENT_RESOURCE, hEvent, NULL, 0);
+    }
+
+    return hEvent;
+}
+
+// _WSACloseEvent - Calls to WSACloseEvent are patched through to this function.
+//   This function calls VLD's free tracking function with a pseudo heap handle
+//   of value VLD_HANDLE_RESOURCE and then invokes the real WSACloseEvent.
+//
+//  Return Value:
+//
+//    Returns the value returned by closesocket.
+//
+BOOL VisualLeakDetector::_WSACloseEvent (WSAEVENT hEvent)
+{
+    PRINT_HOOKED_FUNCTION2();
+
+    if (!g_DbgHelp.IsLockedByCurrentThread()) // skip dbghelp.dll calls
+    {
+        // Record the current frame pointer.
+        CAPTURE_CONTEXT();
+        context_.func = reinterpret_cast<UINT_PTR>(WSACloseEvent);
+
+        // Unmap the resource from the specified pseudo heap.
+        g_vld.unmapBlock(VLD_WSAEVENT_RESOURCE, hEvent, context_);
+    }
+
+    return WSACloseEvent(hEvent);
+}
+
 ////////////////////////////////////////////////////////////////////////////////
 //
 // COM IAT Replacement Functions
diff --git a/src/vldint.h b/src/vldint.h
@@ -111,6 +111,7 @@ struct blockinfo_t {
     bool       reported;
     bool       debugCrtAlloc;
     bool       ucrt;
+    bool       resource;
 };
 
 // BlockMaps map memory blocks (via their addresses) to blockinfo_t structures.
@@ -353,6 +354,14 @@ class VisualLeakDetector : public IMalloc
     static BYTE     __stdcall _RtlFreeHeap (HANDLE heap, DWORD flags, LPVOID mem);
     static LPVOID   __stdcall _RtlReAllocateHeap (HANDLE heap, DWORD flags, LPVOID mem, SIZE_T size);
 
+    // Winsock IAT replacement functions
+    static SOCKET   __stdcall _socket (int af, int type, int protocol);
+    static SOCKET   __stdcall _accept (SOCKET s, struct sockaddr *addr, int *addrlen);
+    static SOCKET   __stdcall _connect (SOCKET s, const struct sockaddr *name, int namelen);
+    static int      __stdcall _closesocket (SOCKET s);
+    static WSAEVENT __stdcall _WSACreateEvent ();
+    static BOOL     __stdcall _WSACloseEvent (WSAEVENT hEvent);
+
     // COM IAT replacement functions
     static HRESULT __stdcall _CoGetMalloc (DWORD context, LPMALLOC *imalloc);
     static LPVOID  __stdcall _CoTaskMemAlloc (SIZE_T size);
@@ -379,8 +388,9 @@ class VisualLeakDetector : public IMalloc
     static patchentry_t  m_kernelbasePatch [];
     static patchentry_t  m_kernel32Patch [];
     static patchentry_t  m_ntdllPatch [];
+    static patchentry_t  m_winsockPatch [];
     static patchentry_t  m_ole32Patch [];
-    static moduleentry_t m_patchTable [58];   // Table of imports patched for attaching VLD to other modules.
+    static moduleentry_t m_patchTable [59];   // Table of imports patched for attaching VLD to other modules.
     FILE                *m_reportFile;        // File where the memory leak report may be sent to.
     WCHAR                m_reportFilePath [MAX_PATH]; // Full path and name of file to send memory leak report to.
     const char          *m_selfTestFile;      // Filename where the memory leak self-test block is leaked.
