IdSan: An identity-based memory sanitizer for fuzzing binaries
This addresses a specific limitation in fuzzing and security testing for binary programs, particularly on AArch64 architectures, but is incremental as it builds on existing sanitizer concepts with a focus on identity-based detection.
The authors tackled the problem of detecting memory overflows in binary programs without source code by introducing an identity-based memory sanitizer for AArch64 binaries, which can detect overflows of stack, global, and dynamically allocated memory when annotations or DWARF debugging information are provided.
Most memory sanitizers work by instrumenting the program at compile time. There are only a handful of memory sanitizers that can sanitize a binary program without source code. Most are location-based, and are therefore unable to detect overflows of global variables or variables on the stack. In this paper we introduce an identity-based memory sanitizer for binary AArch64 programs which does not need access to the source code. It is able to detect overflows of stack- and global variables if the user provides some annotations or DWARF debugging information is available, as well as dynamically allocated memory.