[Bro-Dev] AddressSanitizer

Siwek, Jonathan Luke jsiwek at illinois.edu
Wed May 7 09:36:38 PDT 2014 

The problems below were detected by the AddressSanitizer [1] feature of LLVM which new-ish clang and gcc versions have a flag to enable.  It’s basically like valgrind, but not an external tool and also faster.  This should make it easy to integrate in to the existing automated test suites for Bro (though I’ll probably have to increase timeouts for time-sensitive tests by 2x).

It also comes with a LeakSanitizer feature to detect memory leaks, but it’s labeled experimental and only supported on x86_64 Linux at the moment.  Worked well for me, though, and the performance claims are interesting: no additional slowdown when used w/ ASan, and minimal performance cost if linked in independently.

- Jon

[1] http://clang.llvm.org/docs/AddressSanitizer.html

On May 7, 2014, at 11:14 AM, Jonathan Siwek <jsiwek at ncsa.illinois.edu> wrote:

> Repository : ssh://git@bro-ids.icir.org/bro
> 
> On branch  : master
> Link       : https://github.com/bro/bro/commit/012156e9f1eba5bed5f1aa853ae6db7809654dca
> 
>> ---------------------------------------------------------------
> 
> commit 012156e9f1eba5bed5f1aa853ae6db7809654dca
> Merge: b15bbf4 4ea8a4e
> Author: Jon Siwek <jsiwek at illinois.edu>
> Date:   Wed May 7 10:59:22 2014 -0500
> 
>    Merge branch 'topic/jsiwek/asan-fixes'
> 
> 
> 
>> ---------------------------------------------------------------
> 
> 012156e9f1eba5bed5f1aa853ae6db7809654dca
> CHANGES                                       | 18 +++++++++
> VERSION                                       |  2 +-
> src/Base64.cc                                 |  2 +-
> src/IPAddr.cc                                 | 58 +++++++++++++--------------
> src/file_analysis/Manager.cc                  |  3 +-
> src/file_analysis/analyzer/x509/X509.cc       | 11 +++++
> src/file_analysis/analyzer/x509/functions.bif | 24 +++++++----
> src/input/readers/Raw.cc                      |  9 ++---
> 8 files changed, 80 insertions(+), 47 deletions(-)
> 
> diff --cc CHANGES
> index 9bb4bf6,9bb4bf6..1853abf
> --- a/CHANGES
> +++ b/CHANGES
> @@@ -1,4 -1,4 +1,22 @@@
> 
> ++2.2-417 | 2014-05-07 10:59:22 -0500
> ++
> ++  * Change handling of atypical OpenSSL error case in x509 verification. (Jon Siwek)
> ++
> ++  * Fix memory leaks in X509 certificate parsing/verification. (Jon Siwek)
> ++
> ++  * Fix new []/delete mismatch in input::reader::Raw::DoClose(). (Jon Siwek)
> ++
> ++  * Fix buffer over-reads in file_analysis::Manager::Terminate() (Jon Siwek)
> ++
> ++  * Fix buffer overlows in IP address masking logic. (Jon Siwek)
> ++
> ++    That could occur either in taking a zero-length mask on an IPv6 address
> ++    (e.g. [fe80::]/0) or a reverse mask of length 128 on any address (e.g.
> ++    via the remask_addr BuiltIn Function).
> ++
> ++  * Fix new []/delete mismatch in ~Base64Converter. (Jon Siwek)
> ++
>  2.2-410 | 2014-05-02 12:49:53 -0500
> 
>    * Replace an unneeded OPENSSL_malloc call. (Jon Siwek)
> diff --cc VERSION
> index 861e918,861e918..cc5bc3b
> --- a/VERSION
> +++ b/VERSION
> @@@ -1,1 -1,1 +1,1 @@@
> --2.2-410
> ++2.2-417
> 
> _______________________________________________
> bro-commits mailing list
> bro-commits at bro.org
> http://mailman.icsi.berkeley.edu/mailman/listinfo/bro-commits
>

More information about the bro-dev mailing list