Google's AddressSanitizer detects memory bugs in Android native code. It does require, however, that the target binary (i.e., executable or library) be recompiled with whatever flags and settings it needs:
AddressSanitizer (ASan) is a fast compiler-based tool for detecting memory bugs in native code.
Is there a tool that can detect Android memory bugs without requiring any recompilation of the target binary? Here are some thoughts of what such a tool would look like:
- The tool should intercept/hook the relevant memory-related functions in
libc.so(e.g., malloc, free, calloc, realloc), similar to Frida's ability to intercept any native code function. - The tool should work by its being injected into a process space. From that point, everything should "just work".
- It should also intercept both hardware faults and software exceptions (e.g., segmentation faults) to detect a memory bug.
- It would be reasonable to assume this tool would not be as powerful as compiler-based AddressSanitizer, but that's to be expected.
https://github.com/frida/frida-gum
Helper libraries for developers needing highly granular:
Heap allocation tracking and leak checking.
https://github.com/frida/frida-gum/tree/master/libs/gum/heap
Profiling with worst-case inspector callback.
https://github.com/frida/frida-gum/blob/7e4c5b547b035ae05d2f9e160652101bf741e6c3/libs/gum/prof/gumprofiler.h#L40-L42 https://github.com/frida/frida-gum/tree/master/libs/gum/prof