Determing available heap and stack space

[Ksbunker]

Ok so, im trying to write a procedure that resolves a pointer to either the heap space or the stack space, or alternatively global space. I have the following;

Code Select Expand

call @test
ret

@test:
push ebp
mov ebp, esp
mov eax, ebp
push eax
call IsPointerStack
nop
leave
retn


IsPointerStack uses ebx esi edi PROC pVoid:DWORD

assume fs:nothing
mov eax, fs:[04h]
m2m esi, eax
mov eax, fs:[08h]
m2m edi, eax
mov eax, pVoid
cmp eax, esi
jg @false
cmp eax, edi
jl @false
xor eax, eax
inc eax
ret
@false:
xor eax, eax
ret

IsPointerStack ENDP

I'm aware that fs:[4] and fs:[8] point to the base allocation and end allocation of the stack space. Is there a similiar means to finding the available space for the HEAP? If the informaiton is available via the FS that would be great, if not, im more than curious to hear the  method.

Cheers, Ks.

[Ksbunker]

OK, with a little bit of digging i've learned that the base address of the heap can be read using kernel32.GetProcessHeap which is;

Code Select Expand

@kernel32!GetProcessHeap:
MOV EAX,DWORD PTR FS:[18]
MOV EAX,DWORD PTR DS:[EAX+30]
MOV EAX,DWORD PTR DS:[EAX+18]
RET

Half of my problem solved. Just interested now in obtain the end address (or alternately, the size of the heap space).

Cheers, Ks.

[dedndave]

hmmmm
that is a good question - lol
i think you may assume 7FFFFFFF
although, i also think windows will shuffle things around if you ask for more
i would try a few experiments, but that gives you an address to play with

[ToutEnMasm]

Hello,
Why do simple when we can do complicated ?

Heap32ListFirst
Heap32ListNext

[Vortex]

Ksbunker,

Are you sure that your method is valid across different versions of Windows?