That was before the invention of fuzzing.
_FORTIFY_SOURCE is a rather weak but fast mitigation for a narrow class of security issues. AddressSanitizer is a bug finding tool (2x CPU overhead!), for a different and much wider class of issues. Edit: there is some…
That was before the invention of fuzzing.
_FORTIFY_SOURCE is a rather weak but fast mitigation for a narrow class of security issues. AddressSanitizer is a bug finding tool (2x CPU overhead!), for a different and much wider class of issues. Edit: there is some…