the premise of "memory block controlled by the OS" isn't really true, malloc
isn't an OS call, it's a libc call and the malloc implementation is responsible
for carving up the memory region, entirely in userland. the fact that you can
read freed memory also applies to malloc (unless you zero it, which is literally
the same for arena allocators). there's no functional difference between the
two. in fact i would say that arena allocators actually reduce the attack
surface because large chunks of memory are easier to reason about