Conversation

out of curiosity was playin with hardened_malloc to detect memory leak and from observation, seems that it can't detect memry leak issues if I understood it correctly? even I comp'd it with CONFIG_STATS which seems not understandable,here 🤔 Am I mising smtng?

simply executed the same PoC with

@openbsd

but observed similar behaviour with vm.malloc_conf=S , although I haven't printed the stats yet drijf.net/malloc/

Replying to

Please read github.com/GrapheneOS/har. It's a hardened memory allocator. It defends against exploitation of memory corruption bugs. It's also not intended as a debugging or auditing tool. Memory leaks aren't memory corruption bugs and aren't relevant to what it defends against.

github.com

hardened_malloc/README.md at main · GrapheneOS/hardened_malloc

Hardened allocator designed for modern systems. It has integration into Android's Bionic libc and can be used externally with musl and glibc as a dynamic library for use on other Linux-base...

5:21 PM · Sep 8, 2020Twitter Web App

Replying to

The stats about you posted also shows that a 16 byte allocation was allocated and freed, and a 32 byte allocation was allocated but not freed. A 12 byte allocation becomes a 20 byte allocation after reserving space for the 8 byte canary, and the next size after 16 bytes is 32.

Replying to

The stats feature was mainly implemented for full compatibility with the standard allocator (an extended jemalloc) on Android. The Android Runtime's garbage collector uses it and Bionic implements malloc_info for performance/memory analysis tools based on the same low-level APIs.

Show replies