AD2045: EnableUBSanPE¶
Summary¶
| Property | Value |
|---|---|
| ID | AD2045 |
| Name | EnableUBSanPE |
| Category | Security |
| Severity | Note |
| Applies to | PE (Windows) |
Description¶
PE binaries used for testing should consider enabling UndefinedBehaviorSanitizer (UBSAN) to detect undefined behavior that can lead to security vulnerabilities.
Note: This is an informational rule. UBSAN is typically used in testing, not production.
How It Works¶
The rule checks for UBSAN runtime symbols:
__ubsan_handle_*functions- UBSAN runtime library linkage
- Type sanitizer metadata
Why This Matters¶
Undefined behavior in C/C++ can be exploited by attackers. UBSAN helps detect these issues before they become vulnerabilities.
What UBSAN Detects¶
| Issue | Security Impact |
|---|---|
| Signed overflow | Incorrect calculations, exploitable |
| Null dereference | Crashes, potential code execution |
| Divide by zero | Denial of service |
| Invalid shifts | Incorrect bitwise operations |
| Type mismatch | Memory corruption |
Undefined Behavior Examples¶
// Signed integer overflow (undefined!)
int overflow(int a, int b) {
return a + b; // What if result > INT_MAX?
}
// UBSAN catches this at runtime:
// runtime error: signed integer overflow: 2147483647 + 1
UBSAN Checks¶
| Check | Flag |
|---|---|
| Integer overflow | -fsanitize=signed-integer-overflow |
| Null pointer | -fsanitize=null |
| Alignment | -fsanitize=alignment |
| All UB | -fsanitize=undefined |
Compiler Support¶
| Compiler | UBSAN Support |
|---|---|
| Clang | Full |
| GCC | Full |
| MSVC | Limited (/RTCc) |
Resolution¶
Enable UBSAN in test builds: