On Tue, 26 Jan 2016 04:44:31 -0800 (PST) [email protected] wrote: > That sounds interesting for sure, but I doubt that ASan can be used to > prevent security exploits. Some classes of bugs I would assume are > nearly impossible to exploit with ASan in place, but e.g. > use-after-free can still be exploited, you just need more allocations > to force the memory to be reallocated.
Yes, actually Chris Evans has analyzed this in more detail a while back: http://scarybeastsecurity.blogspot.dk/2014/09/using-asan-as-protection.html (I've linked that in my blogpost) tl;dr asan prevents some bugs from being exploited, but not all :-) Preventing UAF exploitation in the ASAN model seems complicated. > There is some other tool that aims to achieve > that:http://www.cs.rutgers.edu/~santosh.nagarakatte/softbound/ > > However, I think it never went into the production stage and it only > supports C, not C++. I think it would be worthwhile to pursue that > approach for high security environments. Actually I had a look at softbound longer ago. But the two don't really compare. Softbound tries to guarantee a very strong notion of memory safety. But the price for that is that it's always been incomplete and thus it's esentially impossible to compile any real world applications with it. I once tried to get OpenSSL compiled with Softbound, I ended finding out that it doesn't support varargs. And with "doesn't support" it doesn't mean it doesn't protect them, it means if you use them in certain ways your code will just not work with Softbound. The impressive thing about asan is that it "really works", in "you can compile real software with it and in most cases it will just work". Thus I came to the conclusion that Softbound is interesting research, but in its current state not usable for real software. -- Hanno Böck http://hboeck.de/ mail/jabber: [email protected] GPG: BBB51E42 -- You received this message because you are subscribed to the Google Groups "address-sanitizer" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. For more options, visit https://groups.google.com/d/optout.
pgpeTBk9wrj97.pgp
Description: OpenPGP digital signature
