
Isolation Alloc - akalin
https://struct.github.io/iso_alloc.html
======
rwmj
A better link might be to the security properties (it is linked from the
current page).
[https://github.com/struct/isoalloc/blob/master/README.md#sec...](https://github.com/struct/isoalloc/blob/master/README.md#security-
properties)

It sounds a little bit like ElectricFence, although that project was more
focused on finding memory bugs rather than security.

It would be good to consider which of these features is lightweight enough
that it might be pulled into the glibc allocator. glibc is already doing good
work with various hardening features
([https://access.redhat.com/blogs/766093/posts/1976213](https://access.redhat.com/blogs/766093/posts/1976213)).
However I don't think they PROT_NONE internal data structures yet.

~~~
chrisrohlf
IsoAlloc author here. Thanks for reading the post and linking to the security
properties. I plan to expand on those in an additional post and how I
implemented them.

You're right that Electric Fence takes a different approach and is more geared
towards finding bugs and isn't really suitable as a general purpose allocator.
The easiest way to describe it is taking some allocations and placing them on
their own page of memory, surrounding them with guard pages, and then setting
the page PROT_NONE upon free so that any access results in a segfault. For a
more modern attempt at this check out GWP ASAN which is doing something very
similar but in Chrome across millions of installs
[https://chromium.googlesource.com/chromium/src.git/+/master/...](https://chromium.googlesource.com/chromium/src.git/+/master/docs/gwp_asan.md)

As for the allocator in glibc, a lot of its internal data structures either
live on the same pages as user chunks or write meta data to free chunks. So
using aggressive strategies like page permissions to protect that data is
often not an option.

------
saagarjha
I am curious what the overhead of this allocator is when compared to e.g.
glibc’s.

------
heinrich5991
If the author is here: I find the text hard to read. In reader view, the code
formatting is broken.

