Sanitizing 
All* The Things

Transcript

1. Sanitizing
 All* The Things tacow / September 2017 / @gregheo

2. ❓ ✋

3. None

4. ✅

5. None

6. ‣ ASAN ‣ TSAN

7. ‣ What? ‣ So what? ‣ How? ‣ Show me?

8. Address Sanitizer allocated buffer unallocated!

9. ‣ Buffer overflows ‣ Subtle bugs ‣ Security vulnerabilities

10. None

11. allocated buffer padding shadow memory poisoned poisoned OK

12. asan_malloc malloc asan_free free Shadow memory check Pointer access

13. Live Coding!

14. Address Sanitizer Memory corruption & errors Security & crashes Custom

    malloc & free

15. Thread Sanitizer memory buffer read write

16. ‣ Race conditions ‣ Very subtle and
 difficult-to-reproduce bugs ‣

    Thread mismatch errors
17. None

18. ‣ Thread ID ‣ Timestamp ‣ Read or write? ‣

    Bytes accessed
19. None

20. Live Coding!

21. Thread Sanitizer Data race detector Find race conditions & thread

    issues Thread IDs & timestamps

22. Address Sanitizer Memory corruption & errors Security & crashes Custom

    malloc & free
23. None

24. @gregheo