Hi to all, I'm open-sourcing my heap-only ASan solution for binaries based on QEMU-user, QEMU-AddressSanitizer.
https://github.com/andreafioraldi/qasan Nothing special, I was just inspired by the ASan paper that, in the conclusion, states that is possible to implement ASan with binary translation. Actually, I link QEMU with a patched ASan DSO without interceptor (I don't want to instrument QEMU itself and have a unneeded slowdown) and instrument accesses with TCG. Hooks are forwarded via a fake syscall. It is just for fuzzing, don't expect meaningful stacktraces (use instead malloc_context_size=0), it includes all AFL++ patches. More info in the small blogpost that I written about it: https://andreafioraldi.github.io/articles/2019/12/20/sanitized-emulation-with-qasan.html Ofc contributions are welcome ;) Regards, Andrea -- You received this message because you are subscribed to the Google Groups "address-sanitizer" group. To unsubscribe from this group and stop receiving emails from it, send an email to address-sanitizer+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/address-sanitizer/56cd982e-abf5-45fa-93b7-5394f0efd156%40googlegroups.com.