FreeGuard: A Faster Secure Heap Allocator
FreeGuard is a fast, scalable, and memory-efficient memory allocator that works for a range of applications on Unix-compatible systems.
FreeGuard is a drop-in replacement for malloc that can dramatically improve application performance, especially for multithreaded programs running on multiprocessors and multicore CPUs. No source code changes are necessary: just link it in or set the proper environment variable (see Building FreeGuard, below).
FreeGuard is distributed under the GPL (v2.0), and can also be licensed for commercial use.
Because of the restrictions imposed by the GPL license (you must make your code open-source), commercial users of FreeGuard can purchase non-GPL licenses through the University of Texas at San Antonio. To obtain a license, please contact Tongping Liu directly (email@example.com) and copy Sam Silvestro (firstname.lastname@example.org).
To build FreeGuard, simply run
% make SSE2RNG=1
This will incorporate Intel's fast, SSE2-optimized random number generator (RNG) into FreeGuard, which will dramatically increase its performance in some applications.
Alternatively, when built with no additional flags (i.e., simply
will utilize the default C library rand() function instead.
You can then use FreeGuard by either linking it to your executable, or
by setting the
LD_PRELOAD environment variable, as in:
% export LD_PRELOAD=/path/to/libfreeguard.so
After doing so, all executables run in the same shell will automatically utilize FreeGuard. Alternatively, we can specify that only a given application be linked to FreeGuard, like so:
% LD_PRELOAD=/path/to/libfreeguard.so /app/to/run
For technical details of FreeGuard, please refer to FreeGuard: A Faster Secure Heap Allocator, by Sam Silvestro, Hongyu Liu, Corey Crosser, Zhiqiang Lin, and Tongping Liu. The 24th ACM Conference on Computer and Communications Security (CCS'17). Dallas, TX, October 2017.