top | item 42547730

(no title)

r9295 | 1 year ago

An idea I that I considered implementing was to instrument parser libraries (png/pdf etc) with address sanitizer (for iMessage/Chrome/Webkit) and run the instrumented version for 5% of all parsing operations. If we get enough people to use this, exploits may be easier to discover?

discuss

saagarjha|1 year ago

Google and Apple already do this to some extent: https://arxiv.org/html/2311.09394v2/#S5