Using AddressSanitizer aka (ASan) is one of the effective approaches to find vulnerabilities for C/C++ applications. You have already knew that most of the "Use After Free" browser vulnerabilities were found by ASan (http://tinyurl.com/b33fhwa).
The installation is quite easy but takes time.You need to install LLVM and clung frontend to use Asan. If you want to use Asan with an application , you should compile it with clung and this sometimes fails due to makefile settings.
I caught a buffer overflow vulnerability while testing a http server that is mostly designed for embedded systems by using addresssanitizer, you need to be patient and try different variation of possibilities on frontend for an effective result.
Here you can find the output of an exception.
I suggest to use gdb while making tests , otherwise it might be hard to catch register and exploitable status of vulnerability. You can also find o ASan features and capabilities from the following presentation. (http://tinyurl.com/aycobo9)
The installation is quite easy but takes time.You need to install LLVM and clung frontend to use Asan. If you want to use Asan with an application , you should compile it with clung and this sometimes fails due to makefile settings.
I caught a buffer overflow vulnerability while testing a http server that is mostly designed for embedded systems by using addresssanitizer, you need to be patient and try different variation of possibilities on frontend for an effective result.
Here you can find the output of an exception.
I suggest to use gdb while making tests , otherwise it might be hard to catch register and exploitable status of vulnerability. You can also find o ASan features and capabilities from the following presentation. (http://tinyurl.com/aycobo9)
Upcoming GCC version 4.8 will include Asan with enabling -fsanitize=address during make.
No comments:
Post a Comment