Techly NewsGet the app

Get the latest tech news

Exploring GrapheneOS secure allocator: Hardened Malloc


Exploring GrapheneOS secure allocator: Hardened Malloc

To enhance security, hardened malloc isolates metadata from user data in separate memory regions, holding it primarily within two main structures : Furthermore, the use of canaries and numerous guard pages complements its arsenal, especially on older devices without MTE, by quickly triggering exceptions in case of unwanted memory access. However, with MTE enabled, the protection becomes much more granular: even an overflow within the same slab (from one slot to another) is detected and blocked without the need to check canaries, making the exploitation of this type of vulnerability nearly impossible.

Get the Android app

Or read this on Hacker News

Read more on:

Photo of GrapheneOS

GrapheneOS

Photo of hardened malloc

hardened malloc

Photo of secure allocator

secure allocator

Related news:

News photo

Introduction to GrapheneOS

News photo

GrapheneOS accessed Android security patches but not allowed to publish sources

News photo

GrapheneOS and forensic extraction of data (2024)

« I Spent Three Nights Solving Listen Labs Berghain Challenge (and Got #16)
It's the last chance to get three free months of the Apple Music Family Plan »