1. Securing Systems and Attached Devices in Oracle Solaris 11.4
  2. Protecting Oracle Solaris System Integrity
  3. Protecting Against Malware With Security Extensions
  4. Preventing Process Heap Corruption Using adiheap

Preventing Process Heap Corruption Using adiheap

The SPARC M7, SPARC M8, SPARC S7, SPARC T7, and SPARC T8 processors support Application Data Integrity (ADI), a hardware feature that helps prevent software exploitation threats such as linear buffer overflows and stray pointer dereferences.

The adiheap security extension enables ADI usage by the malloc family of functions in the libc and libumem libraries. adiheap provides a reliable defense against linear buffer overflows and a valid mitigation against use-after-free issues. adiheap can also uncover subtle, latent bugs that have not yet affected the binary behavior, but can be triggered by an otherwise innocuous code change.

On systems where ADI is not supported or when adiheap is disabled, malloc memory allocation is unaffected. See the "ADI INTERACTION" section of the malloc(3C) man page.

adiheap is not enabled by default. Applications can enable adiheap through binary tagging, supported by the following linker option: 

-z sx=adiheap[=enable|disable]

The following output indicates that ADI protections are available on your hardware:

$ sxadm status
EXTENSION           STATUS                        FLAGS
adiheap             enabled (tagged-files)        u-c--
adistack            enabled (tagged-files)        u-c--
...

Note:

In the sxadm command, the model=all property value is currently not allowed for adiheap.