DHard


DHard helps buggy programs run correctly
and protects them from a range of security vulnerabilities.

(what happened to "DieHard"? Sears' lawyers.)
Download DHard now.

 Do the following errors look familiar?

*** glibc detected *** double free or corruption
*** glibc detected *** free(): invalid pointer
*** glibc detected *** free(): invalid next size


DHard can help! See the FAQs and our technical paper for detailed information.

NEW! DHard protection for Mozilla Firefox on Windows (version 1.1, May 25, 2007):
Download and install, then quit Mozilla / Firefox, then run DHard from the program menu.

Out-of-the-box, two previous versions of Mozilla (versions 1.0.2 and 1.7.3) both crash when loading this page (no, your current version shouldn't crash). With DHard, they load and display correctly. See a video of DHard in action.

Those bugs have been fixed, but there will be more. DHard protects applications from as-yet unfixed bugs and security vulnerabilities that exploit them. Think of DHard as a new line of defense against hackers, together with anti-virus protection and firewalls.

Softpedia Clean

Download

Download and install this to protect Mozilla / Firefox on Windows. If you want to hear about new releases, sign up for the mailing list. If you are using a non-Windows system, then download DHard here.

More Information

UMass Amherst press release (December 26, 2006)

video interview with Ben Zorn on DieHard/RobustHeap

DHard eliminates — or greatly reduces the likelihood of — a class of bugs and security vulnerabilities called memory errors. DHard actually prevents certain kinds of errors from happening at all. It also reduces the probability that a bug will have any effect at all. DHard works by randomly locating program objects far apart from each other in memory. This scattering of memory objects all over memory not only makes some errors unlikely to happen, it also makes it virtually impossible for a hacker to know where vulnerable parts of the program's data are. This thwarts a wide class of exploits.

Technical Details

DHard prevents invalid and multiple frees and heap corruption, and probabilistically avoids buffer overflows, dangling pointer errors, and uninitialized reads. This sample program illustrates a wide range of errors that DHard prevents. For more details, see the following (technical) paper:

DieHard: Probabilistic Memory Safety for Unsafe Languages
Emery D. Berger and Benjamin G. Zorn, ACM SIGPLAN 2006 Conference on Programming Language Design and Implementation (PLDI 2006).

Or view this PowerPoint presentation.

DHard works in two modes: standalone and replicated. The standalone version replaces the memory manager with the DHard randomized memory manager. This randomization increases the odds that buffer overflows will have no effect, and reduces the risk of dangling pointers. The replicated version provides greater protection against errors by running several instances of the application simultaneously and voting on their output. Because each replica is randomized differently, each replica will likely have a different output if it has an error, and some replicas are likely to run correctly despite the error.

The standalone version works for Linux, Solaris, and Windows, while the replicated version currently only supports Linux or Solaris console applications.

Terms of use

DHard is Copyright (C) 2005-9 Emery Berger, University of Massachusetts Amherst, and is free for noncommercial use. For information on commercial licenses through the University of Massachusetts Amherst, please contact Emery Berger.

This work is supported in part by the National Science Foundation, Intel Corporation, and Microsoft Research. This material is based upon work supported by the National Science Foundation under Grant No CNS-0615211. Any opinions, findings and conclusions or recommendations expressed in this material are those of the author(s) and do not necessarily reflect the views of the National Science Foundation (NSF).