You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: docs/sanitizers/asan-runtime.md
+4-4Lines changed: 4 additions & 4 deletions
Original file line number
Diff line number
Diff line change
@@ -87,11 +87,11 @@ For more information, see the [Differences with Clang 12.0](./asan.md#difference
87
87
> The option `windows_hook_rtl_allocators`, previously an opt-in feature while AddressSanitizer was experimental, is now enabled by default.
88
88
89
89
-`iat_overwrite`
90
-
String, set to `"error"` by default. This option manages the protection level from the runtime regarding [`Import Address Table` (IAT)](/windows/win32/debug/pe-format#import-address-table) overwrites for certain[`memoryapi.h`](/windows/win32/api/memoryapi/) functions. Possible values are `"error"`, `"protect"`, and `"ignore"`.
90
+
String, set to `"error"` by default. Possible values are `"error"`, `"protect"`, and `"ignore"`. Certain modules (commonly drivers) may overwrite the [`import address table`](/windows/win32/debug/pe-format#import-address-table)of different modules to provide custom implementations of certain functions for any reason. This option manages the protection level from the runtime regarding overwrites for specific[`memoryapi.h`](/windows/win32/api/memoryapi/) functions.
91
91
* The functions currently tracked for protection are [`VirtualAlloc`](/windows/win32/api/memoryapi/nf-memoryapi-virtualalloc), [`VirtualProtect`](/windows/win32/api/memoryapi/nf-memoryapi-virtualprotect), and [`VirtualQuery`](/windows/win32/api/memoryapi/nf-memoryapi-virtualquery).
92
-
* If set to `"error"`, the default value, the runtime will return an error whenever an overwrite is detected.
93
-
* If set to `"protect"`, the runtime will attempt to protect the binary from overwriting the IAT and proceed.
94
-
* If set to `"ignore"`, the runtime will not attempt to correct any IAT overwrite and proceed with execution.
92
+
* If set to `"error"`, the default value, the runtime will report an error whenever an overwrite is detected.
93
+
* If set to `"protect"`, the runtime will attempt to protect the binary from overwriting and proceed. This means the `memoryapi` definition of the function will always be used, regardless of the overwritten definition, from entry points into the runtime.
94
+
* If set to `"ignore"`, the runtime will not attempt to correct any overwrite and proceed with execution.
95
95
96
96
## <aname="intercepted_functions"></a> AddressSanitizer list of intercepted functions (Windows)
0 commit comments