Well after looking at some bugs the other day I determined that my lack of knowledge on the heap was a problem. To mitigate this I’m going to include a lot of links that pertain to heap information. This way I can come back to review it and become more familiar with this aspect of memory management. Links are in no particular order. Please note not all the techniques here are valid with the latest technology but this should be a good start on understanding the heap and it’s implications when dealing with exploitation. Please add more links to heap knowledge in comments if you know some must reads.
MALLOC DES-MALEFICARUM (phrack BlackAngel)
Ben Hawkes Vista Heap Attacks good overview of heap layout/attack vectors and recipes as he calls them to setup your heap state.
Low Fragmentation Heap by Chris Valasek given in Argentina at ektoparty? Same one was delivered at Blackhat USA 2010
Advanced Doug lea’s malloc exploits Phrack
Max’s Vudoo Paper in Phrack
Dion Blazakis JIT Spraying
Once upon a free() Phrack
HeapDraw visualization tool for seeing the output of memory allocations in your target application.
Heap Massage by Gera
Yet another free() article at phrack
Sean Heelan TCMalloc Scripts importance of scripts and heap information
Reliable windows heap exploits
Double free vulnerabilities
Huku’s phrack article on another free()
Runtime detection of heap overflows
Heaps About Heaps by Insomniac Security