Rust guarantees memory safety in safe code, yet unsafe code remains a significant source of vulnerabilities; existing detection tools—including ASan, ERASan, and RustSan—suffer from high runtime overhead and limited coverage across diverse memory-safety flaws. This paper proposes a lightweight hybrid approach: a static analysis framework grounded in Rust’s ownership model and pointer lifetime semantics to precisely identify high-risk pointers, followed by selective runtime instrumentation. Its key contribution is the first deep integration of ownership semantics into static analysis, enabling spatial and temporal safety checks exclusively on genuinely suspicious pointers. Evaluation shows the method incurs only 18.84% average runtime overhead and 0.81% memory overhead—substantially lower than state-of-the-art tools—while detecting multiple memory-safety vulnerabilities missed by ASan-like approaches, including use-after-free, dangling pointer dereferences, and iterator invalidation errors.

Rust is a memory-safe language, and its strong safety guarantees combined with high performance have been attracting widespread adoption in systems programming and security-critical applications. However, Rust permits the use of unsafe code, which bypasses compiler-enforced safety checks and can introduce memory vulnerabilities. A widely adopted approach for detecting memory safety bugs in Rust is Address Sanitizer (ASan). Optimized versions, such as ERASan and RustSan, have been proposed to selectively apply security checks in order to reduce performance overhead. However, these tools still incur significant performance and memory overhead and fail to detect many classes of memory safety vulnerabilities due to the inherent limitations of ASan. In this paper, we present LiteRSan, a novel memory safety sanitizer that addresses the limitations of prior approaches. By leveraging Rust's unique ownership model, LiteRSan performs Rust-specific static analysis that is aware of pointer lifetimes to identify risky pointers. It then selectively instruments risky pointers to enforce only the necessary spatial or temporal memory safety checks. Consequently, LiteRSan introduces significantly lower runtime overhead (18.84% versus 152.05% and 183.50%) and negligible memory overhead (0.81% versus 739.27% and 861.98%) compared with existing ASan-based sanitizers while being capable of detecting memory safety bugs that prior techniques miss.