Author Topic: ASan: Address Sanitizer for MSVC Now Fully Supported  (Read 1474 times)

0 Members and 1 Guest are viewing this topic.

JeGX

  • Global Moderator
  • Hero Member
  • *****
  • Posts: 2774
    • Geeks3D.com
ASan: Address Sanitizer for MSVC Now Fully Supported
« on: March 09, 2021, 05:48:23 PM »
Starting in Visual Studio 2019 version 16.9, the Microsoft C/C++ compiler (MSVC) and IDE supports the AddressSanitizer.

The C & C++ languages are powerful, but can suffer from a class of bugs that affect program correctness and program security. Starting in Visual Studio 2019 version 16.9, the Microsoft C/C++ compiler (MSVC) and IDE supports the AddressSanitizer. AddressSanitizer (ASan) is a compiler and runtime technology that exposes many hard-to-find bugs with zero false positives:
- Alloc/dealloc mismatches and new/delete type mismatches
- Allocations too large for the heap
- calloc overflow and alloca overflow
- Double free and use after free
- Global variable overflow
- Heap buffer overflow
- Invalid alignment of aligned values
- memcpy and strncat parameter overlap
- Stack buffer overflow and underflow
- Stack use after return and use after scope
- Memory use after it's poisoned

Quote
We’re thrilled to announce that as of Visual Studio 2019 version 16.9, the C++ Address Sanitizer (ASan) for MSVC experience is fully supported.

The Address Sanitizer
The Address Sanitizer (ASan) is an immensely valuable technology for finding and fixing memory bugs.

It was originally designed and implemented for the LLVM/Clang compiler. Starting in version 16.1, we brought the technology to Visual Studio 2019 for targeting Linux, then added MSVC support in version 16.4. Now with version 16.9, we have altogether resolved over 50 customer-reported bugs and improved the user experience to the point where we are ready to announce that we are moving the ASan for Windows experience out of experimental state. We consider the feature stable and ready to use for production environments.

Links:
- Address Sanitizer for MSVC Now Generally Available
- AddressSanitizer Overview


I quickly tested ASan and think I will spend some time to review my code with it:

ASan: Address Sanitizer for MSVC