While malloc returns uninitialized memory, the operating system zeroes all memory given to the program (*) for security reasons. Therefore the first time malloc returns a certain block of memory, it is zeroed. This can lead to uninitialized memory bugs to apparently just work fine. This library changes that.
(*) This is sometimes not true in embedded environments
We wrap the system c library’s malloc function with our own. The block returned from malloc is then filled with random data from a cryptographic random number generator seeded from urandom.
Linux only
With a recent rust toolchain installed run
cargo build --release
in this repository
add this library to the LD_PRELOAD env var like:
LD_PRELOAD={path}/malloc-uninitialized.so {executable}where path is the path where the library is located and execuatble is the executable you want to run.
Support for realloc requires the unstable toolchain, as it depends on alloc, which is currently not usable on stable.
Enable the realloc feature like this:
cargo build --features=realloc