Dynamic Program Analysis Tools in GCC and CLANG Compilers

摘要

Ever increasing software security requirements, the growing size of software projects, and the desire to reduce the time of software development and release require tools for the dynamic analysis that would detect vulnerabilities in C and C++ programs and prevent their exploitation. Two types of dynamic analysis tools implemented in the gcc and clang compilers are considered; these tools are called sanitizers. The sanitizers of the first type can detect memory access bugs, data type mismatch bugs, and other vulnerabilities that often remain unnoticed under conventional testing. A combination of sanitizers with testing on automatically generated random data help detect vulnerabilities more effectively. The sanitizers of the other type serve for preventing security threats for programs executed in production mode. These tools have low overheads; and they are designed for maintaining the integrity of the program control flow. The use of sanitizers to a large extent compensates for some drawbacks of C and C++, such as unsecure memory operation, unsecure work with data types, and others. However, a number of issues that are briefly discussed in the last section remain unresolved.