AD5020: RustEnableSanitizersMachO¶
Summary¶
| Property | Value |
|---|---|
| ID | AD5020 |
| Name | RustEnableSanitizersMachO |
| Category | Security |
| Severity | Note |
| Applies to | Mach-O (macOS, iOS) |
Description¶
Rust Mach-O binaries used for testing should consider using sanitizers to detect memory safety issues in unsafe code and FFI.
Note: This is an informational rule. Sanitizers are for development and testing.
How It Works¶
The rule checks for sanitizer runtime symbols:
- AddressSanitizer (
__asan_*) symbols - ThreadSanitizer (
__tsan_*) symbols - UndefinedBehaviorSanitizer runtime
Why This Matters¶
While Rust provides memory safety for safe code, unsafe blocks and C/C++ FFI can introduce bugs that sanitizers catch.
Sanitizer Support in Rust¶
| Sanitizer | macOS Support | Use Case |
|---|---|---|
| ASAN | Yes | Memory errors |
| TSAN | Yes | Data races |
| MSAN | No | Uninitialized memory |
| LSAN | With ASAN | Memory leaks |
Unsafe Code Coverage¶
unsafe {
// This code bypasses Rust's safety guarantees
// Sanitizers can catch bugs here
let ptr = libc::malloc(100);
std::ptr::write(ptr as *mut u8, 42);
libc::free(ptr);
// ASAN would catch use-after-free here:
// std::ptr::read(ptr as *mut u8);
}
FFI Considerations¶
| FFI Pattern | Risk | Sanitizer |
|---|---|---|
| C library calls | Memory errors | ASAN |
| Shared mutable state | Data races | TSAN |
| Custom allocators | Memory leaks | LSAN |
Resolution¶
Enable sanitizers in test builds:
# Nightly Rust with ASAN
RUSTFLAGS="-Zsanitizer=address" cargo +nightly build --target aarch64-apple-darwin
# Run tests with sanitizer
RUSTFLAGS="-Zsanitizer=address" cargo +nightly test