CppCon 2015 has ended
Back To Schedule
Monday, September 21 • 11:00am - 12:00pm
Beyond Sanitizers

Log in to save this to your schedule, view media, leave feedback and see who's attending!

At CppCon’2014 we presented the Sanitizers, a family of dynamic testing tools for C++. These tools allow you to find many stability and security bugs in C++ code, but they are only as good as your tests are. In this talk we will show how to improve your tests with guided fuzzing and how to protect your applications in production even if some bugs were not found. Fuzzing, or fuzz testing, is a surprisingly effective technique that allows you to discover new interesting test inputs. Coverage-guided fuzzing uses coverage-like code instrumentation to make fuzzing orders of magnitude more efficient. Taint-guided fuzzing goes even further by using taint tracking techniques. The next line of defense may be incorporated directly into production: the Control Flow Integrity instrumentation allows you to protect your program from corrupted function pointers (including pointers to virtual tables) and separating stack variables from the call stack protects from corrupted return addresses -- both with near-zero overhead. We will concentrate on particular tools implemented in the opensource LLVM toolchain (libFuzzer, DataFlowSanitizer, -fsanitize=cfi,safe_stack), but will also discuss several alternatives.

avatar for Kostya Serebryany

Kostya Serebryany

Software Engineer, Google
Konstantin (Kostya) Serebryany is a Software Engineer at Google. His team develops and deploys dynamic testing tools, such as AddressSanitizer and ThreadSanitizer. Prior to joining Google in 2007, Konstantin spent 4 years at Elbrus/MCST working for Sun compiler lab and then 3 years... Read More →

Monday September 21, 2015 11:00am - 12:00pm PDT
McClintock (404) Meydenbauer Center

Attendees (0)