A curated list of sanitizer resources.
Sanitizers are dynamic tools that detect software bugs through compiler instrumentation.
-
AddressSanitizer (Paper) - A fast address sanity checker.
- AddressSanitizer (Clang Documentation) - Official Clang docs.
- wiki/AddressSanitizer - Google sanitizers wiki.
- HOWTO: Use Address Sanitizer - Basic usage tutorial.
-
ASAN-- - Debloating Address Sanitizer.
-
FuZZan - Efficient sanitizer metadata design for fuzzing.
-
SANRAZOR - Reducing redundant sanitizer checks in C/C++ programs.
-
RetroWrite - Statically instrumenting COTS binaries for fuzzing and sanitization.
-
BoKASAN - Binary-only Kernel Address Sanitizer for effective kernel fuzzing.
-
SafePM - A sanitizer for persistent memory.
-
OBSan - An out-of-bound sanitizer to harden DNN executables.
-
ASanity - On bug shadowing by early ASan exits.
-
GWP-ASan - Sampling-Based Detection of Memory-Safety Bugs in Production.
-
GIANTSAN - Efficient memory sanitization with segment folding.
-
CMASan - Custom Memory Allocator-aware Address Sanitizer.
- UndefinedBehaviorSanitizer (Clang Documentation) - Official Clang docs.
- Improving Application Security with UndefinedBehaviorSanitizer and GCC - Oracle blog post.
- A Guide to Undefined Behavior in C and C++ - John Regehr's blog.
-
ThreadSanitizer (Paper) - Data race detection in practice.
- ThreadSanitizer (Clang Documentation) - Official Clang docs.
- wiki/ThreadSanitizer - Google sanitizers wiki.
-
BINTSAN - A Binary-level Thread Sanitizer or Why Sanitizing on the Binary Level is Hard.
-
MemorySanitizer (Paper) - Fast detector of uninitialized memory use in C++.
- MemorySanitizer (Clang Documentation) - Official Clang docs.
- wiki/MemorySanitizer - Google sanitizers wiki.
-
MTSan - A feasible and practical memory sanitizer for fuzzing COTS binaries.
-
FloatZone - Accelerating memory error detection using the floating point unit.
-
MSET - Evaluating the effectiveness of memory safety sanitizers
-
TypeSan - Practical type confusion detection.
-
HexType - Efficient detection of type confusion errors for C++.
-
CastSan - Efficient detection of polymorphic C++ object type confusions with LLVM.
-
EffectiveSan - Type and memory error detection using dynamically typed C/C++.
-
TCD - Statically detecting type confusion errors in C++ programs.
-
Type++ - Prohibiting type confusion with inline type information.
-
T-PRUNIFY - Pruning redundant sanitizer checks by developer-implemented type checks.
- DataFlowSanitizer (Clang Documentation) - A general data flow analysis framework.
-
AddressSanitizer (Rust Unstable Book) - AddressSanitizer for Rust.
-
HWAddressSanitizer (Rust Unstable Book) - Hardware-assisted ASan for Rust.
-
ERASan - Efficient Rust Address Sanitizer.
-
RustSan - Retrofitting AddressSanitizer for efficient sanitization of Rust.
- ThreadSanitizer (Rust Unstable Book) - ThreadSanitizer for Rust.
- MemorySanitizer (Rust Unstable Book) - MSan for Rust.
- MemTagSanitizer (Rust Unstable Book) - Memory tagging for Rust.
- NVIDIA: cuCatch - A debugging tool for efficiently catching memory safety violations in CUDA applications.
- AMD: Using the AddressSanitizer on a GPU - Beta release for AMD's GPU sanitizer.
- iGUARD - In-GPU advanced race detection.
-
DySan - Dynamically sanitizing motion sensor data through adversarial networks.
-
NeuralSanitizer - Detecting backdoors in neural networks.
Please refer to the guidelines at contributing.md for details.