DieHarder: Securing the Heap


August 23, 2011


Emery Berger


University of Massachusetts at Amherst


Heap-based attacks depend on a combination of memory management errors and an exploitable memory allocator. Many allocators include ad hoc countermeasures against particular exploits, but their effectiveness against future exploits has been uncertain. This paper presents the first formal treatment of the impact of allocator design on security. It analyzes a range of widely-deployed memory allocators, including those used by Windows, Linux, FreeBSD, and OpenBSD, and shows that they remain vulnerable to attack. It then presents DieHarder, a new allocator whose design was guided by this analysis. DieHarder provides the highest degree of security from heap-based attacks of any practical allocator of which we are aware, while imposing modest performance overhead. In particular, the Firefox web browser runs as fast with DieHarder as with the Linux allocator.


Emery Berger

Emery Berger is an Associate Professor in the Department of Computer Science at the University of Massachusetts Amherst. He graduated with a Ph.D. in Computer Science from the University of Texas at Austin in 2002. Professor Berger has been a Visiting Scientist at Microsoft Research and at the Universitat Politecnica de Catalunya (UPC) / Barcelona Supercomputing Center (BSC).

Professor Berger’s research spans programming languages, runtime systems, and operating systems, with a particular focus on systems that transparently improve reliability and performance. He is the creator of various widely-used software systems including Hoard, a fast and scalable memory manager that accelerates multithreaded applications (and on which the Mac OS X memory manager is based), and DieHard, an error-avoiding memory manager that directly influenced the design of the Windows 7 Fault-Tolerant Heap.

His honors include a Microsoft Research Fellowship (2001), an NSF CAREER Award (2003), a Lilly Teaching Fellowship (2006), and a Best Paper Award at FAST 2007. Professor Berger served as the General Chair of the Memory Systems Performance and Correctness workshop (MSPC 2008), Program Chair of the 2010 ACM SIGPLAN/SIGOPS International Conference on Virtual Execution Environments (VEE 2010), and is currently an Associate Editor of the ACM Transactions on Programming Languages and Systems. He has served on numerous program committees.

In his spare time, Professor Berger rides his bicycle, travels to foreign countries, converses in a variety of Romance languages, consumes copious amounts of espresso, and continues his work on a cure for the common cold (which he is certain must somehow involve coffee).