ok, i will start from the very beginning^^
Let me return the favour and show you how things could go amiss. Imagine variable OverWriteMe to be a counter or an index
program overwrite;
{$MODE OBJFPC}{$H+}
(*
Example of overwriting values using wrong pointermath and FPC which is
unable to 'catch' that (just like in any other programming language for that
matter, except perhaps some scripting languages).
*)
uses
SysUtils;
type
PSomeBlock = ^TSomeblock;
TSomeBlock = record
next : PSomeBlock;
Arr : ^LongWord;
end;
var
SomeArray : array[0..100] of LongWord;
OverWriteMe : LongWord;
SomeBlock : TSomeBlock;
First : PSomeBlock;
StartInt : ^LongWord;
ValueToWrite: LongWord;
index : integer;
begin
ValueToWrite := $11223344;
OverWriteMe := $12345678; // Initialize variable that get's overwriten
SomeArray[0] := $12345678; // Some value
SomeBlock.Next := nil; // init
SomeBlock.Arr := @SomeArray[0]; // Point to some integer inside array
first := @SomeBlock; // first points to first block
WriteLn( 'ValueToWrite.Value = $', HexStr(ValueToWrite,8) );
WriteLn( 'OverWriteMe.Value = $', HexStr(OverWriteMe,8) );
WriteLn( 'OverWriteMe.Address = $', HexStr(Addr(OverWriteMe)) );
WriteLn( 'first.Value (ptr) = $', HexStr(First) );
WriteLn( 'SomeBlock.Arr.Value (ptr) = $', HexStr(SomeBlock.Arr) );
try
StartInt := first^.Arr;
WriteLn( 'StartInt.Value (ptr) = $', HexStr(StartInt) );
// Calc some mailformed index
index := Addr(OverWriteMe) - StartInt;
WriteLn( 'index.value = #', index, ' (pointer math at work for you)');
WriteLn( 'SizeOf(LongWord) = ', SizeOf(LongWord));
WriteLn('OverWriteMe.Address - StartInt.Address = ', Addr(OverWriteMe) - Pointer(StartInt), ' bytes');
WriteLn('Want to attempt to write to address $', HexStr(StartInt + index));
// actually write to the address with wrongly calculated index
// PLongWord(StartInt + index)^ := ValueToWrite;
(StartInt + index)^ := ValueToWrite;
WriteLn('Done ! Now let''s show some magic');
// Display the content of SomeValue variable
Writeln('OverWriteMe.Value = $', HexStr(OverWriteMe,8));
WriteLn('Seems that we are still alive ?');
except
on E: Exception do
begin
WriteLn('Oops exception occured ');
ShowException(ExceptObject, ExceptAddr);
end;
end;
end.
And the idea of the Write(index, value) function is:
The problem is ... even showing your write routine that will not help because things only manifests itself there. There is something going wrong elsewhere, or the write function is making wrong assumption that rely on what is happening behind the scenes.
However, since the error seems to manifests itself in the write function, you can use that function to inform yourself on the blocks being in use, all the pointers (and if they are all pointing inside valid memory blocks etc) and everything else that might have gone wrong.
For instance, in your quick mock-up of the write function no any checking is done on validity of the pointers, not any checking if the counter is within bounds. The same is true for your index.
So in order to 'catch' what's going wrong, start with checking some values and if they are in valid range (if not, print out the values and try to trace back where they are originating from).
edit: typo corrected in source, we are indexing longwords, not pointers.