Profile

Cover photo
410 followers|41,781 views
AboutPostsPhotosVideos

Stream

AddressSanitizer

Shared publicly  - 
 
More bugs found in Mozilla with the help of +AddressSanitizer 
https://www.mozilla.org/en-US/security/advisories/mfsa2015-16/
(There are more of those in the Feb 24 announcement)
2
Add a comment...

AddressSanitizer

Shared publicly  - 
 
Video of the CppCon talk on +AddressSanitizer, ThreadSanitizer, MemorySanitizer, and UBSanitizer
CppCon 2014: Kostya Serebryany "Sanitize your C++ code"
7
7
Dmitry Vyukov's profile photoLennart Kolmodin's profile photo
Add a comment...

AddressSanitizer

Shared publicly  - 
 
CppCon will have a talk about +AddressSanitizer and other sanitizers on Sept 11. Join us in  Bellevue, WA, USA or watch the video later.

http://cppcon2014.sched.org/event/4e65c661da86ef31958c5efa9ee57f40#.VADyLGCx3UY
9
Add a comment...

AddressSanitizer

Shared publicly  - 
 
If you haven't tried +AddressSanitizer 's sibling, ThreadSanitizer -- try it now. 
http://googletesting.blogspot.ru/2014/06/threadsanitizer-slaughtering-data-races.html
by Dmitry Vyukov, Synchronization Lookout, Google, Moscow Hello, I work in the Dynamic Testing Tools team at Google. Our team develops tools like AddressSanitizer, MemorySanitizer and ThreadSanitizer which find various kinds ...
7
5
Sergey Sikorskiy's profile photoShanika Kuruppu's profile photo
Add a comment...
In their circles
3 people
Have them in circles
410 people
Natasha Serebryanaya's profile photo
Jwan Ebrahiim's profile photo
сергей медведев's profile photo
Agustin March's profile photo
Ryo Hashimoto's profile photo
KEREN CAG FINANCE's profile photo
Mark Abraham's profile photo
Yuri Gribov's profile photo
Aniri Aniginip's profile photo

AddressSanitizer

Shared publicly  - 
tl;dr With a reasonably simple fuzzing setup I was able to rediscover the Heartbleed bug. This uses state-of-the-art fuzzing and memory protection technology (american fuzzy lop and Address Sanitizer), but it doesn't require any prior knowledge about specifics of the Heartbleed bug or the TLS ...
17
3
Paweł Krawczyk's profile photoDeniz Adrian (zined)'s profile photoManu Sridharan's profile photoHenry Kleynhans's profile photo
 
Here's another one I've found using ASAN http://trac.nginx.org/nginx/ticket/732 not really security related but still a bug
Add a comment...

AddressSanitizer

Shared publicly  - 
 
Security content of iTunes 10.7 mentions AddressSanitizer 41 times. 
Great work by the Google Chrome Security Team and many independent researchers. 
https://support.apple.com/en-sa/HT5485
2
1
Konstantin Serebryany's profile photo
Add a comment...

AddressSanitizer

Shared publicly  - 
 
+AddressSanitizer together with the fresh libc++ are now capable of detecting "container-overflow" bugs. https://code.google.com/p/address-sanitizer/wiki/ContainerOverflow

Once such bug has just been discovered and fixed in Chromium.
https://code.google.com/p/chromium/issues/detail?id=409051
AddressSanitizer: a fast memory error detector
10
3
Abdulla Kamar's profile photoMichał Makowski's profile photo
Add a comment...

AddressSanitizer

Shared publicly  - 
 
One of the largest C++ events of the year is coming: http://cppcon.org

One of the talks at cppcon will be about +AddressSanitizer and other sanitizers. 
1
3
Andrei Lopatenko's profile photoTimur Safin's profile photo
Add a comment...

AddressSanitizer

Shared publicly  - 
 
Did you know that +AddressSanitizer  can find stack-use-after-return bugs (with a special run-time switch)?

One of such bugs was recently found in +LibreOfficehttp://whatofhow.wordpress.com/2014/05/22/stacked-bugs/
6
2
John Regehr's profile photoOndřej Surý's profile photo
Add a comment...
People
In their circles
3 people
Have them in circles
410 people
Natasha Serebryanaya's profile photo
Jwan Ebrahiim's profile photo
сергей медведев's profile photo
Agustin March's profile photo
Ryo Hashimoto's profile photo
KEREN CAG FINANCE's profile photo
Mark Abraham's profile photo
Yuri Gribov's profile photo
Aniri Aniginip's profile photo
Story
Tagline
AddressSanitizer, a fast memory error detector