16. Additional Capabilities of Address Sanitizer

Exercise 16: Exploring Additional Capabilities of Address Sanitizer

In this lab, we will explore the Address Sanitizer tool and look at some of the functions that are not enabled by default.

Lab Tasks

  1. We saw some of the advantages of the Address Sanitizer tool earlier. Next, we will expand more on them.

  2. Go to Ub20 Fuzzing-AFL-ADV machine and login using studentpassword as Password.

  3. Use after return: The Address Sanitizer warns when a variable is used after it ceases to be within the scope of a function. However, it does not warn when the variable is used after the function return. This can, however, be enabled by adding detect_stack_use_after_return=1 to the ASAN_OPTIONS environment variable.

  4. Similar to the earlier instance, we will start with a sample program. In the home folder, you will see a file named file.c. The contents of the file are shown in the following screenshot.

    Screenshot

  5. Now that we have a sample to work with, let us compile it. Type gcc -O -fsanitize=address file.c -o file and press Enter.

    Screenshot

  6. Next, we can add detect_stack_use_after_return=1 to the ASAN_OPTIONS environment variable before running the program by entering env ASAN_OPTIONS="detect_stack_use_after_return=1" ./file.

    Screenshot

  7. As the above screenshot shows, without setting use after return, this bug would have not been caught.

  8. We have demonstrated one of the additional functions of the Address Sanitizer tool. So we can add the additional options to help us detect even more bugs!

  9. The lab objectives have been achieved.

Previous15. Fuzzing an Application with American Fuzzy Lop (AFL) and Capstone FrameworkNext17. Fuzzing an Application with Peach Framework

Last updated