A curated list of sanitizer resources.
Sanitizers are dynamic tools that detect software bugs through compiler instrumentation, inserting runtime checks into the code during compilation. They are often paired with fuzzing, which uses random inputs to thoroughly test the instrumented code.
-
AddressSanitizer (Paper) - A fast address sanity checker.
- AddressSanitizer (Clang Documentation) - Official Clang (LLVM) docs for Address Sanitizer.
- wiki/AddressSanitizer - Address Sanitizer page in Google sanitizers wiki.
- HOWTO: Use Address Sanitizer - Basic usage tutorial for Address Sanitizer.
-
ASAN-- - Debloating Address Sanitizer.
-
FuZZan - Efficient sanitizer metadata design for fuzzing.
-
SANRAZOR - Reducing redundant sanitizer checks in C/C++ programs.
-
RetroWrite - Statically instrumenting COTS binaries for fuzzing and sanitization.
-
SafePM - A sanitizer for persistent memory.
-
BoKASAN - Binary-only Kernel Address Sanitizer for effective kernel fuzzing.
-
OBSan - An out-of-bound sanitizer to harden DNN executables.
-
ASanity - On bug shadowing by early ASan exits.
-
GWP-ASan - Sampling-Based Detection of Memory-Safety Bugs in Production.
-
GIANTSAN - Efficient memory sanitization with segment folding.
-
CMASan - Custom Memory Allocator-aware Address Sanitizer.
-
DFirmSan - DFirmSan: A lightweight dynamic memory sanitizer for Linux-based firmware
-
RangeSanitizer - Detecting Memory Errors with Efficient Range Checks
-
OLASan - Practical Object-Level Sanitizer with Aggregated Memory Access and Custom Allocator
- UndefinedBehaviorSanitizer (Clang Documentation) - Official Clang (LLVM) docs for Undefined Behavior Sanitizer.
- Improving Application Security with UndefinedBehaviorSanitizer and GCC - Basic usage tutorial for Undefined Behavior Sanitizer in Oracle blog.
- A Guide to Undefined Behavior in C and C++ - Basic usage tutorial for Undefined Behavior Sanitizer in John Regehr's blog.
-
ThreadSanitizer (Paper) - Data race detection in practice.
- ThreadSanitizer (Clang Documentation) - Official Clang (LLVM) docs for Thread Sanitizer.
- wiki/ThreadSanitizer - Thread Sanitizer page in Google sanitizers wiki.
-
BINTSAN - A Binary-level Thread Sanitizer or Why Sanitizing on the Binary Level is Hard.
-
MemorySanitizer (Paper) - Fast detector of uninitialized memory use in C++.
- MemorySanitizer (Clang Documentation) - Official Clang docs.
- wiki/MemorySanitizer - Google sanitizers wiki.
-
MTSan - A feasible and practical memory sanitizer for fuzzing COTS binaries.
-
FloatZone - Accelerating memory error detection using the floating point unit.
-
MSET - Evaluating the effectiveness of memory safety sanitizers
-
QMSan - QMSan: Efficiently Detecting Uninitialized Memory Errors During Fuzzing
-
Janitizer - Rethinking Binary Tools for Practical and Comprehensive Security
-
TypeSan - Practical type confusion detection.
-
HexType - Efficient detection of type confusion errors for C++.
-
CastSan - Efficient detection of polymorphic C++ object type confusions with LLVM.
-
EffectiveSan - Type and memory error detection using dynamically typed C/C++.
-
TCD - Statically detecting type confusion errors in C++ programs.
-
T-PRUNIFY - Pruning redundant sanitizer checks by developer-implemented type checks.
-
Type++ - Prohibiting type confusion with inline type information.
- DataFlowSanitizer (Clang Documentation) - A general data flow analysis framework.
-
AddressSanitizer (Rust Documentation) - Address Sanitizer for Rust.
-
HWAddressSanitizer (Rust Documentation) - Hardware-assisted Address Sanitizer for Rust.
-
ERASan - Efficient Rust Address Sanitizer.
-
RustSan - Retrofitting AddressSanitizer for efficient sanitization of Rust.
- ThreadSanitizer (Rust Documentation) - Thread Sanitizer for Rust.
- MemorySanitizer (Rust Documentation) - Memory Sanitizer for Rust.
- MemTagSanitizer (Rust Documentation) - Memory tagging for Rust.
- NVIDIA: cuCatch - A debugging tool for efficiently catching memory safety violations in CUDA applications.
- AMD: Using the AddressSanitizer on a GPU - Document for AMD's GPU sanitizer.
- iGUARD - In-GPU advanced race detection.
-
DySan - Dynamically sanitizing motion sensor data through adversarial networks.
-
NeuralSanitizer - Detecting backdoors in neural networks.
-
WBSan - WebAssembly Bug Detection for Sanitization and Binary-Only Fuzzing
Please refer to the guidelines at contributing.md for details.