Developing a sanitizer
A sanitizer is a kind of technique that checks certain runtime properties of the code (probe
) that's inserted by the compiler. People usually use a sanitizer to ensure program correctness or enforce security policies. To give you an idea of how a sanitizer works, let's use one of the most popular sanitizers in Clang as an example – the address sanitizer.
An example of using an address sanitizer
Let's assume we have some simple C code, such as the following:
int main(int argc, char **argv) { int buffer[3]; for (int i = 1; i < argc; ++i) buffer[i-1] = atoi(argv[i]); for (int i = 1; i < argc; ++i) printf("%d ", buffer[i-1]); printf("\n"); return 0; }
The preceding code converted the command-line arguments into integers and stored them in a buffer of size 3. Then, we printed them out.
You should...