updating asan runtime documentation for iat_overwrite option

Author: zacklj89

docs/sanitizers/asan-runtime.md

@@ -86,6 +86,13 @@ For more information, see the [Differences with Clang 12.0](./asan.md#difference
 >
 > The option `windows_hook_rtl_allocators`, previously an opt-in feature while AddressSanitizer was experimental, is now enabled by default.
 
+- `iat_overwrite`
+String, set to `"error"` by default. This option manages the protection level from the runtime regarding [`Import Address Table` (IAT)](windows/win32/debug/pe-format#import-address-table) overwrites for certain [`memoryapi.h`](windows/win32/api/memoryapi/) functions. Possible values are `"error"`, `"protect"`, and `"ignore"`.
+  * The functions currently tracked for protection are [`VirtualAlloc`](windows/win32/api/memoryapi/nf-memoryapi-virtualalloc), [`VirtualProtect`](windows/win32/api/memoryapi/nf-memoryapi-virtualprotect), and [`VirtualQuery`](windows/win32/api/memoryapi/nf-memoryapi-virtualquery).
+  * If set to `"error"`, the default value, the runtime will return an error whenever an overwrite is detected.
+  * If set to `"protect"`, the runtime will attempt to protect the binary from overwriting the IAT and proceed.
+  * If set to `"ignore"`, the runtime will not attempt to correct any IAT overwrite and proceed with execution.
+
 ## <a name="intercepted_functions"></a> AddressSanitizer list of intercepted functions (Windows)
 
 The AddressSanitizer runtime hot-patches many functions to enable memory safety checks at runtime. Here's a non-exhaustive list of the functions that the AddressSanitizer runtime monitors.