Skip to main content
SpringerLink
Log in

Dynamic Program Analysis Tools in GCC and CLANG Compilers

  • Published:
Programming and Computer Software Aims and scope Submit manuscript

Abstract

Ever increasing software security requirements, the growing size of software projects, and the desire to reduce the time of software development and release require tools for the dynamic analysis that would detect vulnerabilities in С and С++ programs and prevent their exploitation. Two types of dynamic analysis tools implemented in the gcc and clang compilers are considered; these tools are called sanitizers. The sanitizers of the first type can detect memory access bugs, data type mismatch bugs, and other vulnerabilities that often remain unnoticed under conventional testing. A combination of sanitizers with testing on automatically generated random data help detect vulnerabilities more effectively. The sanitizers of the other type serve for preventing security threats for programs executed in production mode. These tools have low overheads; and they are designed for maintaining the integrity of the program control flow. The use of sanitizers to a large extent compensates for some drawbacks of С and С++, such as unsecure memory operation, unsecure work with data types, and others. However, a number of issues that are briefly discussed in the last section remain unresolved.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1.
Fig. 2.

Similar content being viewed by others

REFERENCES

  1. Lattner, C., What every C programmer should know about undefined behavior, http://blog.llvm.org/2011/05/ what-every-c-programmer-should-know_14.html

  2. Dudina, I.A. and Belevantsev, A.A., Using static symbolic execution to detect buffer overflows, Program. Comput. Software, 2017, vol. 43, no. 5, pp. 277–288.

    Article  MathSciNet  Google Scholar 

  3. Glenn, R.Luecke, Coyle, J., Hoekstra, J., Kraeva, M., Li, Y., Taborskaia, O., and Yanmei Wang., A survey of systems for detecting serial run-time errors, in Concurrency and Computation:Practice and Experience, 2006, pp. 1885–1907.

    Google Scholar 

  4. Rigger, M., Pekarek, D., and Mossenbock, H., Context-aware failure-oblivious computing as a means of preventing buffer overflows, Proc. of the 12th International Conference, NSS, 2018, pp. 376–390.

  5. Serebryany, K., Bruening, D., Potapenko, A., and Vyukov, D., AddressSanitizer: A fast address sanity checker, Proc. of the 2012 USENIX Annual Technical Conference, Berkeley, CA, 2012, pp. 309–318.

  6. AddressSanitizerComparisonOfMemoryTools. https://github.com/google/sanitizers/wiki /AddressSanitizerComparisonOfMemoryTools

  7. Stepanov, E., and Serebryany, K., MemorySanitizer: Fast detector of uninitialized memory use in C++, Proc. of the 2015 IEEE/ACM International Symposium on Code Generation and Optimization (CGO), 2015, pp. 46–55.

  8. ThreadSanitizerCppManual. https://github.com/google/sanitizers/wiki/ThreadSanitizerCppManual

  9. ThreadSanitizerPopularDataRaces. https://github.com/google/sanitizers/wiki/ThreadSanitizerPopularDataRaces

  10. Dietz, W., Li, P., and Regehr, J., Understanding integer overflow in C/C++. http://www.cs.utah.edu/ regehr/papers/tosem15.pdf

  11. Christey, S., Martin, R. A., Brown, M., Paller, A., and Kirby, D., 2011 CWE/SANS Top 25 Most Dangerous Software Errors. http://cwe.mitre.org/top25/

  12. Alizar, A., A universal fuzzer combining 15 different fuzzing applications developed, 2011. https://xakep.ru/2011/04/25/55501/

  13. Man‘es, V.J.M., Han, H., Han, C., Cha, S.K., Egele, M., Schwartz, E.J., and Woo, M., The Art, science, and engineering of fuzzing: A Survey. https://arxiv.org/pdf/1812.00140.pdf

  14. Sutton, M., Green, A., and Amini, P., Fuzzing, Brute Force Vulnerability Discovery, Pearson Education, 2007.

    Google Scholar 

  15. V'yukov, D.S., C++ Russia 2017: Fuzzing: The new unit testing. https://www.youtube.com/watch?vэ30Qzd6ylk

  16. Csmith. https://embed.cs.utah.edu/csmith/

  17. American fuzzy lop. http://lcamtuf.coredump.cx/afl

  18. OSS-Fuzz – Continuous fuzzing of open source software. https://github.com/google/oss-fuzz

  19. libFuzzer – A library for coverage-guided fuzz testing. http://llvm.org/docs/LibFuzzer.html

  20. PEACH Fuzzer. https://www.peach.tech/products/ peach-fuzzer/

  21. Gofuzz. https://github.com/google/gofuzz

  22. Abadi, M., Budiu, M., Erlingsson, U., and Ligatt,i J., Control-flow integrity principles, implementations, and applications, ACM Conf. on Computer and Communication Security (CCS), 2005, pp. 340–353.

  23. Kuznetsov, V., Szekeres, L., Payer, M., Candea, G., Sekar, R., and Song, D., Code-pointer integrity, Proc. of the 11th USENIX Symposium on Operating Systems Design and Implementation (OSDI), 2014, pp. 147–163.

  24. Tice, C., Roeder, T., Collingbourne, P., Checkoway, S., Erlingsson, U., Lozano, L., and Pike, G., Enforcing forward-edge control-flow integrity in GCC & LLVM, Proc. of the 23rd USENIX Conference on Security Symposium, SEC’14, 2014, pp. 941–955.

  25. Let’s talk about CFI: Clang edition. https://blog.trailofbits.com/2016/10/17/lets-talk-about-cfi-clang-edition/

  26. Getafix: How Facebook tools learn to fix bugs automatically. https://engineering.fb.com/developer-tools/getafix-how-facebook-tools-learn-to-fix-bugs-automatically/

  27. Nurmukhametov, A., Kurmangaleev, Sh., Kaushan, V., and Gaissaryan, S., Application of compiler transformations against software vulnerabilities exploitation, Trudy ISP RAN, 2014, vol. 26, no. 3, pp. 113–126.

    Google Scholar 

  28. Cheptsov, V. and Khoroshilov, A., Dynamic analysis of ARINC 653 RTOS with LLVM, Ivannikov Inst. for System Programming Open Conference, Moscow, 2018, pp. 9–15.

  29. Lee, W., Address Sanitizer on Myriad. https://docs.google.com/document/d/1oxmk0xUo jybDaQDAuTEVpHVMi5xQX74cJPyMJbaSaRM

  30. UB-2017. Part 1. https://habr.com/ru/post/341694/

  31. Song, D., Lettner, J., Rajasekaran, P., Na, Y., Volckaert, S., Larsen, P., and Franz, M., SoK: Sanitizing for security, 2019. https://oaklandsok.github.io/papers/song2019.pdf

  32. Updated field experience with Annex K – Bounds checking interfaces. http://www.open-std.org/jtc1/sc22/wg14/www/docs/n1969.htm

  33. Serebryany, K., Stepanov, E., Shlyapnikov, A., Tsyrklevich, V., and Vyukov, D., Memory tagging and how it improves C/C++ memory safety, Google, February 2018. https://arxiv.org/pdf/1802.09517.pdf

  34. Hardware-assisted AddressSanitizer design documentation. http://clang.llvm.org/docs/HardwareAssistedAddressSanitizerDesign.html

  35. Horgan, P., Understanding C/C++ strict aliasing. http://dbp-consulting.com/tutorials/StrictAliasing.html

Download references

Funding

The research was carried out in the scope of SRISA RAS State assignment (fundamental scientific research 47 GP), topic № 0065-2019-0002 “Research and implementation of programming platform for perspective multicore processors” (reg. № АААА-А19-119012290074-2).

Author information

Authors and Affiliations

  1. Scientific Research Institute for System Analysis, Russian Academy of Sciences, 117218, Moscow, Russia

    N. I. V’yukova, V. A. Galatenko & S. V. Samborskii

Authors
  1. N. I. V’yukova
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. V. A. Galatenko
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. S. V. Samborskii
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding authors

Correspondence to N. I. V’yukova, V. A. Galatenko or S. V. Samborskii.

Additional information

Translated by A. Klimontovich

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

V’yukova, N.I., Galatenko, V.A. & Samborskii, S.V. Dynamic Program Analysis Tools in GCC and CLANG Compilers. Program Comput Soft 46, 281–296 (2020). https://doi.org/10.1134/S0361768820010089

Download citation

  • Received:

  • Revised:

  • Accepted:

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1134/S0361768820010089

Search

Navigation