Browse by Tags


  • Blog Post: Understanding Pool Corruption Part 3 – Special Pool for Double Frees

    In Part 1 and Part 2 of this series we discussed pool corruption and how special pool can be used to identify the cause of such corruption.  In today’s article we will use special pool to catch a double free of pool memory.   A double free of pool will cause a system to blue screen, however...
  • Blog Post: Understanding Pool Corruption Part 2 – Special Pool for Buffer Overruns

    In our previous article we discussed pool corruption that occurs when a driver writes too much data in a buffer.  In this article we will discuss how special pool can help identify the driver that writes too much data.   Pool is typically organized to allow multiple drivers to store data in...
  • Blog Post: Understanding Pool Corruption Part 1 – Buffer Overflows

    Before we can discuss pool corruption we must understand what pool is.  Pool is kernel mode memory used as a storage space for drivers.  Pool is organized in a similar way to how you might use a notepad when taking notes from a lecture or a book.  Some notes may be 1 line, others may be...
Page 1 of 1 (3 items)