A curated list of sanitizer resources.
Sanitizers are dynamic tools that detect software bugs through compiler instrumentation.
-
AddressSanitizer (Paper) - A fast address sanity checker.
- AddressSanitizer (Clang Documentation) - Official Clang docs.
- wiki/AddressSanitizer - Google sanitizers wiki.
- HOWTO: Use Address Sanitizer - Basic usage tutorial.
-
ASAN-- - Debloating Address Sanitizer.
- junxzm1990/ASAN-- - Repository for ASAN--.
-
RetroWrite - Statically instrumenting COTS binaries for fuzzing and sanitization.
- HexHive/retrowrite - RetroWrite implementation.
-
BoKASAN - Binary-only Kernel Address Sanitizer for effective kernel fuzzing.
- seclab-yonsei/BoKASAN - Repository for BoKASAN.
-
SafePM - A sanitizer for persistent memory.
- TUM-DSE/safepm - SafePM repository.
-
FuZZan - Efficient sanitizer metadata design for fuzzing.
- HexHive/FuZZan - FuZZan repository.
-
SANRAZOR - Reducing redundant sanitizer checks in C/C++ programs.
- SanRazor-repo/SanRazor - SanRazor repository.
-
OBSan - An out-of-bound sanitizer to harden DNN executables.
- yanzuochen/obsan - OBSan repository.
-
ASanity - On bug shadowing by early ASan exits.
-
CMASan - Custom Memory Allocator-aware Address Sanitizer.
-
GIANTSAN - Efficient memory sanitization with segment folding.
- UndefinedBehaviorSanitizer (Clang Documentation) - Official Clang docs.
- Improving Application Security with UndefinedBehaviorSanitizer and GCC - Oracle blog post.
- A Guide to Undefined Behavior in C and C++ - John Regehr's blog.
-
ThreadSanitizer (Paper) - Data race detection in practice.
- ThreadSanitizer (Clang Documentation) - Official Clang docs.
- wiki/ThreadSanitizer - Google sanitizers wiki.
-
BINTSAN - A Binary-level Thread Sanitizer or Why Sanitizing on the Binary Level is Hard.
-
MemorySanitizer (Paper) - Fast detector of uninitialized memory use in C++.
- MemorySanitizer (Clang Documentation) - Official Clang docs.
- wiki/MemorySanitizer - Google sanitizers wiki.
-
MTSan - A feasible and practical memory sanitizer for fuzzing COTS binaries.
-
FloatZone - Accelerating memory error detection using the floating point unit.
- vusec/floatzone - FloatZone repository.
-
MSET - Evaluating the effectiveness of memory safety sanitizers.
-
TypeSan - Practical type confusion detection.
- vusec/typesan - TypeSan repository.
-
CastSan - Efficient detection of polymorphic C++ object type confusions with LLVM.
-
HexType - Efficient detection of type confusion errors for C++.
- HexHive/HexType - HexType repository.
-
EffectiveSan - Type and memory error detection using dynamically typed C/C++.
- GJDuck/EffectiveSan - EffectiveSan repository.
-
TCD - Statically detecting type confusion errors in C++ programs.
-
Type++ - Prohibiting type confusion with inline type information.
- HexHive/typepp - Type++ repository.
-
T-PRUNIFY - Pruning redundant sanitizer checks by developer-implemented type checks.
- DataFlowSanitizer (Clang Documentation) - A general data flow analysis framework.
-
AddressSanitizer (Rust Unstable Book) - AddressSanitizer for Rust.
-
HWAddressSanitizer (Rust Unstable Book) - Hardware-assisted ASan for Rust.
-
ERASan - Efficient Rust Address Sanitizer.
- S2-Lab/ERASan - ERASan repository.
-
RustSan - Retrofitting AddressSanitizer for efficient sanitization of Rust.
- ThreadSanitizer (Rust Unstable Book) - ThreadSanitizer for Rust.
- MemorySanitizer (Rust Unstable Book) - MSan for Rust.
- MemTagSanitizer (Rust Unstable Book) - Memory tagging for Rust.
- NVIDIA: cuCatch - A debugging tool for efficiently catching memory safety violations in CUDA applications.
- AMD: Using the AddressSanitizer on a GPU - Beta release for AMD's GPU sanitizer.
- iGUARD - In-GPU advanced race detection.
- csl-iisc/iGUARD-SOSP21 - iGUARD repository.
- NeuralSanitizer - Detecting backdoors in neural networks.
- DySan - Dynamically sanitizing motion sensor data through adversarial networks.
- DynamicSanitizer/DySan - DySan repository.
Please refer to the guidelines at Contributing.md for details.