That sounds interesting for sure, but I doubt that ASan can be used to prevent security exploits. Some classes of bugs I would assume are nearly impossible to exploit with ASan in place, but e.g. use-after-free can still be exploited, you just need more allocations to force the memory to be reallocated.
There is some other tool that aims to achieve that:http://www.cs.rutgers.edu/~santosh.nagarakatte/softbound/ However, I think it never went into the production stage and it only supports C, not C++. I think it would be worthwhile to pursue that approach for high security environments. Cheers, Chris On Tuesday, 26 January 2016 01:52:40 UTC+1, Hanno Böck wrote: > > Hi, > > I've been working on this for a while now and finally am able to share > it in a reasonably usable way: > I have created a Gentoo System with almost everything (except gcc, > glibc and a few deps) with asan: > > https://blog.hboeck.de/archives/879-Safer-use-of-C-code-running-Gentoo-with-Address-Sanitizer.html > > > Some docs in the Gentoo wiki: > https://wiki.gentoo.org/wiki/AddressSanitizer > > I hope people find this interesting and want to play with it. > > > -- > Hanno Böck > http://hboeck.de/ > > mail/jabber: [email protected] <javascript:> > GPG: BBB51E42 > -- You received this message because you are subscribed to the Google Groups "address-sanitizer" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. For more options, visit https://groups.google.com/d/optout.
