On 3/23/2016 1:23 PM, Doug Nebeker wrote: >> For obvious security reasons all allocations from the Operating System are >> pre-initialized to 0x00. > > Time to bash Windows, but according to the docs for HeapAlloc, memory is not > automatically initialized to 0 > > https://msdn.microsoft.com/en-us/library/windows/desktop/aa366597(v=vs.85).aspx > > This fits with my experience as well.
HeapAlloc doesn't, but VirtualAlloc does. VirtualAlloc is how you obtain pages of memory from the kernel (and those come zero-initialized); HeapAlloc is a user-mode heap manager further sub-allocating those pages. The garbage you see in uninitialized heap allocations came from your own process; you don't get to observe random data from other processes this way. -- Igor Tandetnik
