7.2 How InstallLeapheapFiles Works

The NT system file KERNEL32.DLL implements the heap API functions (HeapAlloc etc.). The installer has to make a copy of the DLL with these functions replaced by their LeapHeap analogues. To achieve this it is not necessary to patch the code area of KERNEL32, instead the export table can be modified so as to forward the heap API calls to the LeapHeap implementation in 'leapheap.dll'. Forwarding incurs no performance penalty; it means that the loader, as part of dynamic linking, writes the address of the LeapHeap function instead of that of the KERNEL32 function into the import table of the executable.

Unfortunately there is a complication. The KERNEL32 heap functions are wrappers for code in a low-level DLL called NTDLL. No normal application is able to call the 'raw' functions directly, since they are not declared in any of the code libraries Microsoft ships with its application development tools, but some Microsoft system DLLs do. InstallLeapheapFiles scans the system directory for such files and makes copies of them in the LeapHeap directory. As it does so, it alters their import tables so that calls of the raw functions are diverted to LeapHeap. In a complementary process, the import table of 'leapheap.dll' is also reformed, and for technical reasons this DLL is copied to a file with a shorter name, 'lh.dll'.

As the file installer works, it reports which files it is processing. There are likely to be files in the Windows system directory which are of obsolescent formats and the installer reports these too as it skips them; the installer only coverts DLLs in the modern PE32 format.

The program concludes by stating which type of system it has installed files for, uniprocessor or multiprocessor. The difference is the presence or absence of the LOCK prefix in the file 'lh.dll'. You must not use the uniprocessor installation of LeapHeap on a multiprocessor machine. Should the program detect the system type incorrectly, it is possible to force the choice by re-running the program with an argument of "UNIPROCESSOR" or "MULTIPROCESSOR". After InstallLeapheapFiles has finished, the active files in the LeapHeap directory are the modified system DLLs and 'lh.dll', 'leapheap.dll' being redundant.

For Windows Server 2003, the modified system DLLs have to be moved into a subfolder of the LeapHeap directory or the application directory in order for the executable to pick them up when it is invoked.