IdSan: An identity-based memory sanitizer for fuzzing binaries
Jos Craaijo
TL;DR
IdSan is a novel binary-only memory sanitizer for AArch64 that detects global, stack, and dynamic memory overflows without source code, using identity-based techniques and optional annotations or debugging info.
Contribution
It introduces an identity-based approach for binary memory sanitization that works without source code and detects overflows in global, stack, and dynamic memory.
Findings
Detects global, stack, and dynamic memory overflows in binaries
Operates without source code or recompilation
Utilizes annotations or debugging info for enhanced detection
Abstract
Most memory sanitizers work by instrumenting the program at compile time. There are only a handful of memory sanitizers that can sanitize a binary program without source code. Most are location-based, and are therefore unable to detect overflows of global variables or variables on the stack. In this paper we introduce an identity-based memory sanitizer for binary AArch64 programs which does not need access to the source code. It is able to detect overflows of stack- and global variables if the user provides some annotations or DWARF debugging information is available, as well as dynamically allocated memory.
Peer Reviews
No public reviews on file for this paper yet. If you reviewed it on a platform where reviews are public (OpenReview, ICLR, NeurIPS, ICML), you can paste yours below so the community can read it here.
Videos
No videos yet. Explain this paper in a talk, walkthrough, or lecture? Add one.
Taxonomy
TopicsSecurity and Verification in Computing · Parallel Computing and Optimization Techniques · Distributed systems and fault tolerance