Software Installation Notes
There are two main options for installing our heap protection system:
The second option is for those who do not wish to enable system-wide heap protection. Reasons for this may range from stability concerns to specific performance requirements, all of which is quite understandable. Thus, we have provided a script that utilizes the system loader's
We provide both source patches to glibc and binary packages for select OSes and architectures for both of these installation options. For those running an unsupported OS or architecture, a source rebuild of the system glibc is currently the only recourse. Please only attempt this if you are familiar with the procedures for compiling and installing glibc for your platform, since a false step can easily render your system inoperable. We are open to adding more OSes and architectures on an on-demand basis.
- system-wide heap protection through system glibc replacement
- alternative patched glibc image for selective per-application protection
The second option is for those who do not wish to enable system-wide heap protection. Reasons for this may range from stability concerns to specific performance requirements, all of which is quite understandable. Thus, we have provided a script that utilizes the system loader's
LD_PRELOAD functionality in order to substitute
a protected glibc image for the system image for individual applications.
Consequently, administrators can decide on their own what level of
protection they feel is necessary or required and implement that policy
with this capability. We provide both source patches to glibc and binary packages for select OSes and architectures for both of these installation options. For those running an unsupported OS or architecture, a source rebuild of the system glibc is currently the only recourse. Please only attempt this if you are familiar with the procedures for compiling and installing glibc for your platform, since a false step can easily render your system inoperable. We are open to adding more OSes and architectures on an on-demand basis.
Source Installation Procedure
To patch a glibc source tree with our heap protection system, you first need to
select the proper patch. We currently provide a generic patch against the vanilla
glibc source as downloadable from ftp.gnu.org and its mirrors.
Once the patch has been selected, the steps to patch a glibc source tree are simple. For example:
Once the patch has been selected, the steps to patch a glibc source tree are simple. For example:
$ cd glibc-2.3.2
$ patch -p1 <../heapprotect-2.3.2-1.4.diff
You will also need to provide the --enable-heap-protection configuration directive to the configure script to activate the heap protection code.
The rest of the glibc build should proceed as normal. Binary Installation Procedure
To install a binary heap-protected glibc image, you will generally need to first
select either a system-wide installation or a per-application installation. To
perform the first type of installation on a system, you should install a
For details on how to install binary packages on your OS, please refer to your vendor's documentation.
glibc-heapprotect package, while the second type
requires the installation of a glibc-heapprotect-selective package. For details on how to install binary packages on your OS, please refer to your vendor's documentation.
glibc heap protection v1.4 Changelog
- Seed __heap_magic with randomness, not time(NULL). Fixes issue raised by Eugene Tsyrklevich.
- Fix vmalloc chunk magic bug found by Kyle Sallee.
- Update tst-random to account for heap protection srandom() call, fixes tst-random test case failure found by Kyle Sallee.
glibc heap protection v1.4 Files
| File | Platform | Arch. |
|---|---|---|
| heapprotect-2.3.2-1.4.diff.gz | All | All |
| glibc-heapprotect-selective-2.3.2-27.9.7.2.i386.rpm | RedHat 9 | i386 |
| glibc-heapprotect-2.3.2-27.9.7.2.i386.rpm | RedHat 9 | i386 |
| glibc-heapprotect-2.3.2-27.9.7.2.i386.tgz | RedHat 9 | i386 |
glibc heap protection v1.3.1 Changelog
- Remove x86 assembly from protection macros.
- Fix compilation warnings regarding missing chunk pointer casts within protection macros.
glibc heap protection v1.3.1 Files
| File | Platform | Arch. |
|---|---|---|
| heapprotect-2.3.2-1.3.1.diff.gz | All | All |
| glibc-heapprotect-selective-2.3.2-11.9.2.i386.rpm | RedHat 9 | i386 |
| glibc-heapprotect-2.3.2-11.9.2.i386.rpm | RedHat 9 | i386 |
Sections
Overview of heap protection technique
Performance and detection capabilities
Source and binary packages
Recent Project News
The next version of dlmalloc (v2.8) is slated to
include a variant of the heap protection patch as a compile-time option. As a
result, the versions hosted here are now deprecated in favor of the officially
supported version in glibc.
A new release of our glibc heap protection patch is now available.
This update incorporates fixes for several issues, including a potentially
exploitable weak seeding of
__heap_magic discovered by Eugene
Tsyrklevich, and a vmalloc chunk magic bug reported by Kyle Sallee.
A new release of our glibc heap protection patch is now available.
This update fixes the inclusion of x86 assembly in a protection macro which
would cause builds to fail on non-x86 architectures. A number of compilation
warnings regarding missing chunk pointer casts within protection macros have
also been addressed.
An updated release of our heap protection patch for glibc is now available
for download.
This update fixes several packaging bugs spotted by Alexander Gabert of the gentoo hardened project which effectively
resulted in non-protected libraries being shipped in previous releases. All
current users are advised to upgrade to the latest release for this reason,
which is v1.3 at the time of this writing.