## CppCon 2020 September 13-18 ONLINE GOING VIRTUAL ## 2020 : The Year of Sanitizers? Victor Ciura Principal Engineer CAPHYON ## Abstract Clang-tidy is the go-to assistant for most C++ programmers in Remo to answer your questions live #sig_visual_studio on CppCon Slack ## 2020 : The Year of Sanitizers? ## V ignette in 3 parts Static Analysis Dynamic Analysis Warm Fuzzy Feelings ## Humans Depend tools (x64/x86) https://aka.ms/cpp/cfg-llvm ## Sanitizers  ## Sanitizers AddressSanitizer - detects addressability issues

# The final piece of advice Use the tools! ## So many tools 1. GDB 2. LLDB 3. Valgrind 4. Sanitizers 5. strace & ltrace 6. libc++ debug mode 7. time travel ## undo ## 。 ![Image](/uploads & drd cachegrind o massif • No need to recompile • Slow ## AddressSanitizer ## google/sanitizers AddressSanitizer, ThreadSanitizer, MemorySanitizer ![Image](/uploads/documents/5/b/b/1/5bb12 Essentially a compiler feature: ☐ Much faster runtime ○ Knows more stuff ## undo ## So many sanitizers |address|float-cast-overflow|nonnull-attribute| |---|---|---| |returns-nonnull-attribute|unreachable|vptr|

Memory Safety • Arithmetic Safety ### Sanitizers for C++ builds with CMake github.com/tipi-build/sanitizers-cmake sanitizers-cmake Public forked from arsenm/sanitizers-cmake Edit Pins Watch 0 ☐ master Add file ▼ 三 README.md ## sanitizers-cmake open issues 10 license MIT CMake module to enable sanitizers for binary targets. ## Sanitizers for C++ builds • AddressSanitizer (ASan) ## Using LLVM Sanitizers in your CMake project(safepp) find_package(Sanitizers MODULE REQUIRED) add_executable(use-after-free test/use-after-free.cpp) # enable sanitizers add_sanitizers(use-after-free)

yourself to go down tangents ##### KNOW THE TOOLS... AND USE THEM! 1. GDB 2. LLDB 3. Valgrind 4. Sanitizers 5. strace & ltrace 6. libc++ debug mode 7. time travel ## O  ## Essentially a compiler feature: ☐ Much faster runtime ☐ Knows more stuff ## SO MANY SANITIZERS |address|float-cast-overflow|nonnull-attribute| |---|---|---| |returns-nonnull-attribute|unreachable|vptr|

integer conversions as errors| ## Compiler Hardening Prioritize Memory, type and thread safety: sanitizers |Compiler Flag|Supported Since|Description| |---|---|---| |-fsanitize=address|GCC 4.8.0 Clang dev before CI: Limited CD in Medical Devices Rich IDE Use of AI tools Static analyzers/QG Sanitizers All new security hotspots are reviewed ✿ No new vulnerabilities are introduced ✓ New code has 09/p34_3.jpg) Code Review ## Continuous Testing Shift left: Stress test the SW Testing with Sanitizers Simulation testing SQA testing Performance testing HW testing Fuzzing Fault injection testing

[Image](/uploads/documents/8/c/f/1/8cf125232751351e69ec60ab6727c4d9/p12_1.jpg) ## Сборка: санитайзеры Sanitizers – библиотеки из поставки компиляторов, помогают найти проблемы в коде на C++ или Go. ## Виды: использование неинициализованной памяти ## Ссылки: Основной репозиторий: https://github.com/google/sanitizers > BnuTpu LLVM: http://compiler-rt.llvm.org/ ## Сборка: конфигурации |Компилятор|Тип сбор

debuggers (gdb, Ildb, msvc, udb, ...) • Time-travel debuggers (gdb, rr, liverecorder, udb, ...) • Sanitizers (asan, tsan, ubsan, ...) • Dynamic program analyzers (valgrind, callgrind, helgrind, ...) • Call debuggers (gdb, lldb, msvc, udb, ...) • Time-travel debuggers (gdb, rr, liverecorder, udb, ...) • Sanitizers (asan, tsan, ubsan, ...) • Dynamic program analyzers (valgrind, callgrind, helgrind, ...) • Call

with Conan and Artifactory 394 17.27 Using recipe revisions and lockfiles 396 17.28 Compiler sanitizers 397 # 18 Reference 403 18.1 Commands 403 18.2 conanfile.txt 484 18.3 conanfile.py 487 18.4 have a look to base lockfiles and lockfile bundles in the documentation. ## 17.28 Compiler sanitizers Sanitizers are tools that can detect bugs such as buffer overflows or accesses, dangling pointer or depending on if you are using clang or gcc, different sanitizers are supported. Here we explain different options on how to model and use sanitizers with your Conan packages. ## 17.28.1 Adding custom settings

client inside a conanfile 380 17.26 Use a generic CI with Conan and Artifactory 381 17.27 Compiler sanitizers 383 18 Reference 387 18.1 Commands 387 18.2 conanfile.txt 467 18.3 conanfile.py 469 18.4 Generators →mergedbuildinfo.json ``` You can check the complete conan_build_info reference. ## 17.27 Compiler sanitizers Sanitizers are tools that can detect bugs such as buffer overflows or accesses, dangling pointer or depending on if you are using clang or gcc, different sanitizers are supported. Here we explain different options on how to model and use sanitizers with your Conan packages. ## 17.27.1 Adding custom settings

with Conan and Artifactory 387 17.27 Using recipe revisions and lockfiles 389 17.28 Compiler sanitizers 390 18 Reference 395 18.1 Commands 395 18.2 conanfile.txt 475 18.3 conanfile.py 477 18.4 Generators have a look to base lockfiles and lockfile bundles in the documentation. ## 17.28 Compiler sanitizers Sanitizers are tools that can detect bugs such as buffer overflows or accesses, dangling pointer or depending on if you are using clang or gcc, different sanitizers are supported. Here we explain different options on how to model and use sanitizers with your Conan packages. ## 17.28.1 Adding custom settings