Skip to content
/ fatalloc Public

Fault tolerant memory allocator that “fixes” minor heap overruns

License

Notifications You must be signed in to change notification settings

yvt/fatalloc

Repository files navigation

fatalloc

“Fault tolerant” memory allocator for Linux

This library provides a drop-in replacement for the standard C allocation functions. Add libfatalloc.so to LD_PRELOAD to “fix” minor heap overruns in faulty software.

Using this library has a negative impact on security and may lead to loss of data, financial damage, strangelet creation, maximum overdrive, Xindi attacks, or death. Use at your own peril.

Inspired by Windows Fault Tolerant Heap. Written in Rust(🚀).

Why the security impact?

While reducing the likelihood of application crashes may seem appealing to some people, it doesn't necessarily mean bugs are actually fixed if done in a wrong way. In fact, application crashes are symptoms of underlying bugs and meant to stop the faulty program that is already straying from the designed behavior from going even worse, e.g., incurring permanent damage to your files, impeding an Iranian nuclear program, violating the right to privacy, or even taking human lives. Modern binary exploit mitigation techniques, such as ShadowCallStack and Control Flow Guard, are often designed to immediately abort the faulting program at the first sign of security violation. The heap implementations in modern operating systems evolved as well to detect heap usage errors and thwart potential heap-based exploits¹. All this library does is to undo these efforts.

¹ Mark E. Russinovich, David A. Solomon, Alex Ionescu, Windows Internals, Part 2 (6th edition), pp 224–225.

Features

  • Real-time memory allocator with good throughput (implemented by rlsf)
  • Insert padding around allocations to mitigate heap overruns
  • Ignore invalid deallocation requests
  • Delay deallocation to nullify brief use-after-free

Usage

Nix Flake

export LD_PRELOAD=(nix build --no-link --print-out-paths github:yvt/fatalloc)/lib/libfatalloc.so)
faulty-program

To cross-build for x86 (32-bit) applications:

export LD_PRELOAD=(nix build --no-link --print-out-paths github:yvt/fatalloc#defaultPackage.i686-linux)/lib/libfatalloc.so)

Traditional Linux

Go to the Actions tab, select the latest CI run, and download a precompiled binary from the Artifacts section.

Note: You must be logged in to GitHub to download artifacts.

License

This program is licensed under the GNU Lesser General Public License version 3 or later.

About

Fault tolerant memory allocator that “fixes” minor heap overruns

Topics

Resources

License

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published