Index: lib/scudo/scudo_allocator.cpp
===================================================================
--- lib/scudo/scudo_allocator.cpp
+++ lib/scudo/scudo_allocator.cpp
@@ -430,7 +430,8 @@
     }
     void *Ptr = reinterpret_cast<void *>(UserPtr);
     Chunk::storeHeader(Ptr, &Header);
-    // if (&__sanitizer_malloc_hook) __sanitizer_malloc_hook(Ptr, Size);
+    if (SCUDO_CAN_USE_HOOKS && &__sanitizer_malloc_hook)
+      __sanitizer_malloc_hook(Ptr, Size);
     return Ptr;
   }
 
@@ -480,7 +481,8 @@
     // the TLS destructors, ending up in initialized thread specific data never
     // being destroyed properly. Any other heap operation will do a full init.
     initThreadMaybe(/*MinimalInit=*/true);
-    // if (&__sanitizer_free_hook) __sanitizer_free_hook(Ptr);
+    if (SCUDO_CAN_USE_HOOKS && &__sanitizer_free_hook)
+      __sanitizer_free_hook(Ptr);
     if (UNLIKELY(!Ptr))
       return;
     if (UNLIKELY(!Chunk::isAligned(Ptr))) {
Index: lib/scudo/scudo_platform.h
===================================================================
--- lib/scudo/scudo_platform.h
+++ lib/scudo/scudo_platform.h
@@ -55,6 +55,12 @@
 # define SCUDO_CAN_USE_PUBLIC_INTERFACE 1
 #endif
 
+// Hooks in the allocation & deallocation paths can become a security concern if
+// implemented improperly, or if overwritten by an attacker. Use with caution.
+#ifndef SCUDO_CAN_USE_HOOKS
+# define SCUDO_CAN_USE_HOOKS 0
+#endif
+
 namespace __scudo {
 
 #if SANITIZER_CAN_USE_ALLOCATOR64