CodeSanitizer.md (748B)
1 # Code Sanitizer 2 3 **Source:** Orion Fuzzing Paper 4 5 **Definition:** Code sanitizers are a dynamic program analysis tool that detects bugs from undefined or suspicious behavior by inserting instrumentation into code at runtime. 6 7 Code sanitizers are often used with fuzzers to detect both crashes and unexpected behavior. 8 9 ## Examples 10 11 Examples of issues caught by this approach may include: 12 13 - Undefined behavior 14 - Use after free 15 - Buffer overflows 16 17 ## Implementations 18 19 A few implementations of code sanitizers are: 20 21 - ASan (Google's address sanitizer) 22 - Uses shadow mapped memory to detect memory corruption 23 - KASan 24 - Kernel address sanitizer detects dynamic memory errors in the Linux kernel 25 - UBSan 26 - Used to detect undefined behavior