Home

Awesome

LibRedFat -- A Hardened Malloc Implementation

LibRedFat is a hardened malloc/free implementation based on two complementary memory error detection technologies:

You can use LibRedFat to harden binaries without the need for recompilation or instrumentation.

Building

To build LibRedFat, simply run the script:

    $ ./build.sh

Usage

To test LibRedFat, simply replace the default malloc implementation using LD_PRELOAD, e.g.:

    $ LD_PRELOAD=$PWD/libredfat.so xterm

Alternatively, you can statically link libredfat.a into your program.

Protections

LibRedFat replaces several libc functions with hardened versions that check for memory errors, including:

Memory errors on heap pointers allocated using LibRedFat will be automatically detected by these replacement functions.

LibRedFat can be used in conjunction with the RedFat binary hardening system. For this, please see the RedFat project for more information.

Performance

Security and performance are a trade-off, and most existing malloc implementations are optimized for performance. In contrast, LibRedFat attempts to optimize towards security, provided that the performance impact is "reasonable".

As such, the runtime performance of LibRedFat should be somewhat similar to the default malloc/free implementation for most programs.

The memory performance of LibRedFat should be slightly worse than the default malloc/free implementation, mainly because of the use of poisoned redzones, low-fat pointer size binning, and a disjoint metadata for the freelists. It is recommended to profile each potential use case.

Options

LibRedFat supports various optional features that can be enabled using environment variables. Some features can also be statically enabled using the build.sh script (see build.sh --help for more information):

History

LibRedFat is derived (after heavy modification) from the liblowfat.so library, which is part of the LowFat project. Several new features have been added, including:

LibRedFat was originally developed as part of the RedFat project. However, libredfat.so can be used independently of RedFat as a hardened malloc implementation.

LibRedFat is beta quality software, and has not yet been properly tested. It is possible that there are bugs or security vulnerabilities, so should be independently accessed before use in production code. LibRedFat is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.

Further Reading

License

This software has been released under the MIT License.

Acknowledgements

This work was partially supported by the National Satellite of Excellence in Trustworthy Software Systems, funded by the National Research Foundation (NRF) Singapore under the National Cybersecurity R&D (NCR) programme.

This work was partially supported by the Ministry of Education, Singapore (Grant No. MOE2018-T2-1-142).