tag:blogger.com,1999:blog-3024470480937744884.post231707080051831081..comments2024-03-18T04:40:58.042-07:00Comments on Security: Using ASAN as a protectionChris Evanshttp://www.blogger.com/profile/01004765479735675808noreply@blogger.comBlogger3125tag:blogger.com,1999:blog-3024470480937744884.post-19731802978896841042016-01-26T05:40:10.706-08:002016-01-26T05:40:10.706-08:00Another problem is custom memory allocators on top...Another problem is custom memory allocators on top of standard malloc/new which are used by many popular packages (OpenSSL, EFL, JIT compilers, etc.). ASan by default only detects overflows in malloc buffer so overflows in intra-malloc-buffer chunks will go undetected. You can use special hooks to inform ASan about your allocator but this takes time and requires expertise.<br /><br />Another problem is overflow in struct padding area - this won't be detected as well due to design limitations.<br /><br />Best regards,<br />Yury GribovAnonymousnoreply@blogger.comtag:blogger.com,1999:blog-3024470480937744884.post-71572012502532665572014-10-12T12:52:45.911-07:002014-10-12T12:52:45.911-07:00Michael, you're right -- this would go undetec...Michael, you're right -- this would go undetected. It's solveable at compile-time by using the "each pointer has bounds" model and creating appropriate bounds whenever something addresses into "buf".Chris Evanshttps://www.blogger.com/profile/01004765479735675808noreply@blogger.comtag:blogger.com,1999:blog-3024470480937744884.post-83744897517735411902014-10-10T16:52:57.937-07:002014-10-10T16:52:57.937-07:00You mention handling linear buffer overflows: Does...You mention handling linear buffer overflows: Does the protection hold when the overflow is within an allocated object? For example, if you had <br /><br />struct foo {<br /> char buf[256];<br /> void (*f)(void);<br />};<br /><br />My impression is that there is no red zone between buf and f, and so no overflow will be detected, right?Michael Hickshttps://www.blogger.com/profile/11726720589912253649noreply@blogger.com