# jemalloc ## Intro Jemalloc is a SMP enabled memory allocator originally designed for FreeBSD and widely used in many platforms such as Mozilla Firefox. {% embed url="" %} If you're used with ptmalloc, notice that the concept of chunk is an entirely different thing for jemalloc, which we won't go much into, and what you'd usually call a chunk we'll call a region from now on. To dive deeper into jemalloc's internals, I recommend this awesome read by huku and argp: {% embed url="" %} The main difference between jemalloc and ptmalloc or dlmalloc is that jemalloc doesn't have inline metadata along with each allocation. Allocations go into regions and malloc returns a pointer to the region, similar to what ptmalloc does with chunks, but, instead of allocating different size chunks next to each other containing a size header, jemalloc creates different spaces in memory for each region size, called runs, so only same-sized regions are allocated contiguously. If you ever encounter jemalloc in a CTF challenge the goal would likely be to allocate a region within the same run as some important structure and try to corrupt it as seen in the "Ancient House" challenge from InCTF2021: {% content-ref url="/pages/-MhAFsxIbaOoQ8-r-WlV" %} [Ancient House](/public/inctf/2021/ancient-house.md) {% endcontent-ref %} --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://0xten.gitbook.io/public/pwn/heap/jemalloc.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.