CN105335657B - A kind of program bug detection method and device - Google Patents
A kind of program bug detection method and device Download PDFInfo
- Publication number
- CN105335657B CN105335657B CN201510896795.3A CN201510896795A CN105335657B CN 105335657 B CN105335657 B CN 105335657B CN 201510896795 A CN201510896795 A CN 201510896795A CN 105335657 B CN105335657 B CN 105335657B
- Authority
- CN
- China
- Prior art keywords
- value
- target
- field information
- detection
- program
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
- G06F21/56—Computer malware detection or handling, e.g. anti-virus arrangements
- G06F21/566—Dynamic detection, i.e. detection performed at run-time, e.g. emulation, suspicious activities
Abstract
The embodiment of the invention discloses a kind of program bug detection methods, comprising: the structure of the input file of target program is parsed, obtain include at least one field information of the input file field information set;The aiming field information for identification length is found out from the field information of the field information set;The length value that the aiming field information indicates is replaced with into preconfigured target detection value, and Hole Detection is carried out to the target program according to the target detection value.The embodiment of the invention also discloses a kind of program bug detection devices.Using the embodiment of the present invention, be able to solve due to the test data scale of generation it is big caused by bug excavation low efficiency the problem of.
Description
Technical field
The present invention relates to field of information security technology more particularly to a kind of program bug detection method and device.
Background technique
Currently, the rapid development of information technology brings convenience, but simultaneously, present in a large amount of loopholes but also
Current safety situation is increasingly serious, and various Hole Detection technologies are come into being as a result,.Fuzz testing (Fuzz testing) is exactly
One such Research on Discovering Software Vulnerabilities is done at random when carrying out discovering software vulnerabilities by the input file to software
Insertion such as successively does 0~0xFF transformation to each byte, generates test data, load the test data by the software, and pass through
Monitor whether the software collapses or occur exception to detect whether that there are potential loopholes.However, by 0 is done to each byte~
0xFF transformation, the test data that this allows for generation is larger, causes Hole Detection efficiency lower.
Summary of the invention
The technical problem to be solved by the embodiment of the invention is that providing a kind of program bug detection method and device, use
In solve the problems, such as due to the test data scale of generation it is big caused by Hole Detection low efficiency.
In order to solve the above-mentioned technical problem, the embodiment of the invention provides a kind of program bug detection methods, comprising:
The structure of the input file of target program is parsed, obtain include the input file at least one field
The field information set of information;
The aiming field information for identification length is found out from the field information of the field information set;
The length value that the aiming field information indicates is replaced with into preconfigured target detection value, and according to the mesh
It marks test value and Hole Detection is carried out to the target program.
It is optionally, described that Hole Detection is carried out to the target program according to the target detection value, comprising:
The field in the input file is modified according to the target detection value, obtains the target detection value pair
The test data answered;
The test data is run, in the target program to carry out Hole Detection to the target program.
Optionally, the method also includes:
The file format of different files is obtained in advance, and configures survey corresponding with this document format for each file format
Examination value;
The length value by aiming field information instruction replaces with preconfigured target detection value, comprising:
It determines the corresponding destination file format of the input file, and finds out survey corresponding with the destination file format
Examination value;
Using the test value found out as target detection value, and the length value that the aiming field information indicates is replaced
It is changed to the target detection value.
Optionally, preconfigured target detection is replaced in the length value by aiming field information instruction
Value, and according to the target detection value to the target program carry out Hole Detection after, the method also includes:
The exception information of the generation of target program described in the detection process of the Hole Detection is obtained, and is determined described different
The corresponding test value of normal information;
According to the corresponding test value of the exception information, to the test value corresponding with the destination file format of configuration into
Row updates.
Optionally, the target detection value is preconfigured boundary value.
Correspondingly, the embodiment of the invention also provides a kind of program bug detection devices, comprising:
Parsing module, the structure for the input file to target program parse, and obtain including the input file
At least one field information field information set;
Searching module, for finding out the target word for identification length from the field information of the field information set
Segment information;
The length value of replacement module, the aiming field information instruction for finding out the searching module replaces with
Preconfigured target detection value;
Detection module, for carrying out Hole Detection to the target program according to the target detection value.
Optionally, the detection module includes:
Data generating unit is obtained for being modified according to the target detection value to the field in the input file
To the corresponding test data of the target detection value;
Processing unit, the test data generated for running the data generating unit in the target program,
To carry out Hole Detection to the target program.
Optionally, described device further include:
Preset module for obtaining the file format of different files in advance, and is the configuration of each file format and this article
The corresponding test value of part format;
The replacement module is specifically used for:
It determines the corresponding destination file format of the input file, and finds out survey corresponding with the destination file format
Examination value;
Using the test value found out as target detection value, and the length value that the aiming field information indicates is replaced
It is changed to the target detection value.
Optionally, described device further include:
Data obtaining module, for obtaining the abnormal letter of the generation of target program described in the detection process of the Hole Detection
Breath, and determine the corresponding test value of the exception information;
Update module, the corresponding test value of the exception information for being obtained according to the data obtaining module, to matching
The test value corresponding with the destination file format set is updated.
Optionally, the target detection value is preconfigured boundary value.
The implementation of the embodiments of the present invention has the following beneficial effects:
In embodiments of the present invention, it can be parsed by the structure of the input file to target program, obtain the input
Multiple field informations of file, and the aiming field information for identification length is found out from multiple field information, thus
The length value that the aiming field information indicates is replaced with into preset test value, and the target program is carried out according to the test value
Hole Detection, so that the scale of the test data of generation is effectively reduced, to effectively improve the detection efficiency of program bug.
Detailed description of the invention
In order to more clearly explain the embodiment of the invention or the technical proposal in the existing technology, to embodiment or will show below
There is attached drawing needed in technical description to be briefly described, it should be apparent that, the accompanying drawings in the following description is only this
Some embodiments of invention for those of ordinary skill in the art without creative efforts, can be with
It obtains other drawings based on these drawings.
Fig. 1 is a kind of flow diagram of program bug detection method provided in an embodiment of the present invention;
Fig. 2 is the flow diagram of another program bug detection method provided in an embodiment of the present invention;
Fig. 3 is a kind of structural schematic diagram of program bug detection device provided in an embodiment of the present invention;
Fig. 4 is the structural schematic diagram of another program bug detection device provided in an embodiment of the present invention;
Fig. 5 is a kind of structural schematic diagram of terminal device provided in an embodiment of the present invention.
Specific embodiment
Following will be combined with the drawings in the embodiments of the present invention, and technical solution in the embodiment of the present invention carries out clear, complete
Site preparation description, it is clear that described embodiments are only a part of the embodiments of the present invention, instead of all the embodiments.It is based on
Embodiment in the present invention, it is obtained by those of ordinary skill in the art without making creative efforts every other
Embodiment shall fall within the protection scope of the present invention.
The embodiment of the invention discloses a kind of program bug detection method, device and terminal devices, are able to solve due to life
At test data scale it is big caused by bug excavation low efficiency the problem of.It is described in detail individually below.
Referring to Fig. 1, Fig. 1 is a kind of flow diagram of program bug detection method provided in an embodiment of the present invention.Tool
Body, as shown in Figure 1, the described program leak detection method of the embodiment of the present invention may comprise steps of:
101, the structure of the input file of target program is parsed, obtain include the input file at least one
The field information set of field information.
Wherein, the target program is the program for needing to carry out Hole Detection, which can be for the target journey
The sample file of sequence progress Hole Detection.Optionally, which can match in advance according to the type information of the target program
It sets to obtain.
It should be noted that the method for the embodiment of the present invention can be applied particularly to terminal device, (such as such as smart phone
Android phone, iOS mobile phone etc.), tablet computer, mobile internet device (Mobile Internet Devices, referred to as
" MID "), in the terminal devices such as PC, the embodiment of the present invention is without limitation.To realize to being installed on the terminal device
The Hole Detection of program software.
102, the aiming field information for identification length is found out from the field information of the field information set.
It include multiple field informations in the input file, such as identifying the length of file content length in specific embodiment
Spend field information, attribute field information of attribute (such as color, font) for identifying file content etc..It as a result, can be from
The length field information i.e. aiming field information for identifying file content length is found out in multiple field information, goes forward side by side one
Step parsing obtains the length value of this document content of aiming field information instruction.
103, the length value that the aiming field information indicates is replaced with into preconfigured target detection value, and according to institute
It states target detection value and Hole Detection is carried out to the target program.
In specific embodiment, it can be pre-configured with the test value of some length values for being used to replace field information instruction, such as
By certain boundary values, such as 10,0x10,20,0x20,100 are as the test value.Specifically, being used to identify finding out this
The aiming field information of length and after parsing and obtaining the length value of aiming field information instruction, can pass through the preset mesh
Mark test value such as the boundary value replace the length value of aiming field information instruction, to carry out journey according to the target detection value
Sequence Hole Detection, and the even more transformation of 0~0xFF no longer is done to each byte, so that improving Hole Detection efficiency.
In embodiments of the present invention, it can be parsed by the structure of the input file to target program, obtain the input
Multiple field informations of file, and the aiming field information for identification length is found out from multiple field information, thus
The length value that the aiming field information indicates is replaced with into preset test value, and the target program is carried out according to the test value
Hole Detection, so that the scale of the test data of generation is effectively reduced, to effectively improve the detection efficiency of program bug.
Further, referring to Fig. 2, Fig. 2 is the stream of another program bug detection method provided in an embodiment of the present invention
Journey schematic diagram.Specifically, as shown in Fig. 2, the described program leak detection method of the embodiment of the present invention may comprise steps of:
201, the structure of the input file of target program is parsed, obtain include the input file at least one
The field information set of field information.
202, the aiming field information for identification length is found out from the field information of the field information set.
Wherein, the target program is the program for needing to carry out Hole Detection, which can be preconfigured
The sample file of Hole Detection is carried out to the target program.
Specifically, then may be used needing to do a certain application program i.e. target program Hole Detection (also known as bug excavation)
Sample file is chosen for the target program and is loaded into the target program, and can be to sample file, that is, input file structure
Parsed, parsing obtain include multiple field informations in the input file field information set.For example, the target program
For office software, which is word document, then the word for identifying text excursion can be parsed from the word document
Segment information, the field information for identifying file content length and the attribute for identifying file content (such as color, font
Deng) field information etc..To which terminal device can find out the field letter for identification length from multiple field information
Breath is aiming field information, and further parsing obtains the length value of this document content of aiming field information instruction.Wherein,
The aiming field information for identification length can be one or more, and if multiple, then parsing obtains each mesh respectively
The length value of marking-up segment information instruction.
203, the length value that the aiming field information indicates is replaced with into preconfigured target detection value, wherein institute
Stating target detection value is preconfigured boundary value.
Specifically, cause since program generally occurs within loophole all and is because not controlling input and output boundary, and program
In exploitation, some boundary values generally can be all used.Therefore, it can be pre-configured with some for replacing the length of field information instruction
The boundary value of value, i.e. target detection value, such as 10,0x10,20,0x20,100,0x100.
Optionally, the file format of different files can be also obtained in advance, and is the configuration of each file format and this document
The corresponding test value of format.The preset of test value such as boundary value is carried out according to file format.It is then described by the target word
The length value of segment information instruction replaces with preconfigured target detection value, can be with specifically: determines that the input file is corresponding
Destination file format, and find out test value corresponding with the destination file format;The test value found out is made
For target detection value, and the length value that the aiming field information indicates is replaced with into the target detection value.
204, the field in the input file is modified according to the target detection value, obtains the target detection
It is worth corresponding test data.
205, the test data is run, in the target program to carry out Hole Detection to the target program.
Specifically, obtaining the length value of aiming field information instruction in parsing and determining the target detection value of replacement
After boundary value, the length value which indicates can be replaced with the boundary value, thus according to the boundary value
Field in the input file is modified, such as when boundary value is 10,0x10,20,0x20, then it can be in input file
Field be 0,0x10,20,0x20 transformation, generate the corresponding test data of the input file, and run in the target program
The test data detects the program bug of the target program to realize, and no longer takes turns doing 0~0xFF transformation, this just makes
It obtains and is reduced by the test data scale that the transformation generates, to improve Hole Detection efficiency.Further, in order to promote this
The boundary value and its neighbouring value, can be also used as the target detection value by the validity of Hole Detection result, for example, by 9,10,
11,0xF, 0x10,0x11,0x1F, 0x20,0x21 are used as the target detection value.For example, single byte byte is come
It says, 256 groups of test datas (Fuzz data) can be generated using the conventional random mode for generating data, and through the embodiment of the present invention
Based on boundary value replacement Hole Detection scheme, then only can generate 48 groups of test datas, effectively reduce test data scale,
And the validity of Hole Detection is ensured simultaneously.
It is further alternative, preconfigured target is replaced in the length value by aiming field information instruction
Test value, and according to the target detection value to the target program carry out Hole Detection after, terminal device can also obtain institute
The exception information of the generation of target program described in the detection process of Hole Detection is stated, and determines the corresponding survey of the exception information
Examination value;According to the corresponding test value of the exception information, the test value corresponding with the destination file format of configuration is carried out
It updates.It is operated by the update, so that improving the accuracy according to the preset target detection value of this document format.
Further, after carrying out Hole Detection to target program according to the target detection value, terminal device can also be given birth to
At the examining report for the exception information that the target program in the detection process including the Hole Detection generates, in order to dependence test
Personnel carry out loophole maintenance according to the examining report.
In embodiments of the present invention, it can be parsed by the structure of the input file to target program, obtain the input
Multiple field informations of file, and the aiming field information for identification length is found out from multiple field information, thus
The length value that the aiming field information indicates is replaced with into preset boundary value, and according to the boundary value in the input file
Field is modified, and the test data is run in the target program after obtaining the corresponding test data of the boundary value, thus real
Now to the Hole Detection of the target program, so that effectively reducing the scale of the test data of generation, and program is effectively improved
Hole Detection efficiency.
Referring to Fig. 3, Fig. 3 is a kind of structural schematic diagram of program bug detection device provided in an embodiment of the present invention.Tool
Body, as shown in figure 3, the described program Hole Detection device of the embodiment of the present invention may include parsing module 11, searching module
12, replacement module 13 and detection module 14.Wherein,
The parsing module 11, the structure for the input file to target program parse, and obtain including described defeated
Enter the field information set of at least one field information of file.
Wherein, the target program is the program for needing to carry out Hole Detection, which can be for the target journey
The sample file of sequence progress Hole Detection.Optionally, which can match in advance according to the type information of the target program
It sets to obtain.
It should be noted that the described device of the embodiment of the present invention can specifically be set to terminal device, (such as such as smart phone
Android phone, iOS mobile phone etc.), tablet computer, mobile internet device (Mobile Internet Devices, referred to as
" MID "), in the terminal devices such as PC, the embodiment of the present invention is without limitation.To realize to being installed on the terminal device
The Hole Detection of program software.
The searching module 12, for finding out from the field information of the field information set for identification length
Aiming field information.
It include multiple field informations in the input file, such as identifying the length of file content length in specific embodiment
Spend field information, attribute field information for identifying file content attribute etc..Searching module 12 can be from the parsing mould as a result,
Block 11 parses the length field information i.e. target word found out in obtained multiple field informations for identifying file content length
Segment information.
The replacement module 13, the length of the aiming field information instruction for finding out the searching module 12
Value replaces with preconfigured target detection value.
The detection module 14, for carrying out Hole Detection to the target program according to the target detection value.
Optionally, the target detection value is preconfigured boundary value.
It can be pre-configured in specific embodiment, in the terminal device some for replacing the length value of field information instruction
Test value, such as by certain boundary values, such as 10,0x10,20,0x20,100 are as the test value.Specifically, searching mould
After block 12 finds out this for the aiming field information of identification length, replacement module 13 can parse to obtain aiming field letter
The length value of instruction is ceased, and replaces the length of aiming field information instruction by the preset target detection value such as boundary value
Value, so that detection module 14 can carry out program bug detection according to the target detection value, and 0 no longer is done to each byte~
0xFF even more transformation, so that improving Hole Detection efficiency.
In embodiments of the present invention, it can be parsed by the structure of the input file to target program, obtain the input
Multiple field informations of file, and the aiming field information for identification length is found out from multiple field information, thus
The length value that the aiming field information indicates is replaced with into preset test value, and the target program is carried out according to the test value
Hole Detection, so that the scale of the test data of generation is effectively reduced, to effectively improve the detection efficiency of program bug.
Further, referring to Fig. 4, Fig. 4 is the knot of another program bug detection device provided in an embodiment of the present invention
Structure schematic diagram.Specifically, as shown in figure 4, the described device of the embodiment of the present invention may include the journey in above-mentioned Fig. 3 corresponding embodiment
Parsing module 11, searching module 12, replacement module 13 and the detection module 14 of sequence Hole Detection device.Further, at this
In inventive embodiments, the detection module 14 be may particularly include:
Data generating unit 141, for being modified according to the target detection value to the field in the input file,
Obtain the corresponding test data of the target detection value;
Processing unit 142, the test generated for running the data generating unit 141 in the target program
Data, to carry out Hole Detection to the target program.
Specifically, then may be used needing to do a certain application program i.e. target program Hole Detection (also known as bug excavation)
It chooses and sample file and is loaded into the target program for the target program, and by parsing module 11 to the sample file, that is, defeated
The structure for entering file is parsed, parsing obtain include multiple field informations in the input file field information set.Example
Such as, which is office software, which is word document, then parsing module 11 can be parsed from the word document
Out for identifying the field information of text excursion, the field information for identifying file content length and for identifying in file
The field information of the attribute (such as color, font etc.) of appearance.To which searching module 12 can be looked into from multiple field information
The field information i.e. aiming field information for identification length is found out, and further parsing obtains the target by replacement module 13
The length value of this document content of field information instruction, it is rear real to be replaced based on preset target detection value to the length value
Existing Hole Detection.Wherein, which can then distinguish for one or more if multiple
Parsing obtains the length value of each aiming field information instruction.
Further, cause since program generally occurs within loophole all and is because not controlling input and output boundary, and journey
Sequence generally can all use some boundary values in exploitation.Therefore, it can be pre-configured in the terminal device some for replacing field
The boundary value of the length value of information instruction, i.e. target detection value, such as 10,0x10,20,0x20,100,0x100.Exist as a result,
Replacement module 13 parses the length value for obtaining aiming field information instruction and the target detection value such as boundary for determining replacement
After value, the length value which indicates can be replaced with the boundary value, so that data generating unit 141 can root
The field in the input file is modified according to the boundary value, such as when boundary value is 10,0x10,20,0x20, then it can be right
Field in input file does 0,0x10,20,0x20 transformation, generates the corresponding test data of the input file, processing unit 142
The test data can then be run in the target program, the program bug of the target program is detected to realize, and no longer according to
Secondary to do 0~0xFF transformation, this allows for the test data scale generated by the transformation reduction, to improve Hole Detection effect
Rate.It further, can also be by the boundary value and its neighbouring value as should in order to promote the validity of the Hole Detection result
Target detection value, for example by 9,10,11,0xF, 0x10,0x11,0x1F, 0x20,0x21 are used as the target detection value.To
Test data scale is effectively reduced, but validity is not substantially reduced.
Optionally, in embodiments of the present invention, described device can further comprise also (not shown):
Preset module 15 is configured and is somebody's turn to do for obtaining the file format of different files in advance, and for each file format
The corresponding test value of file format;
The replacement module 13 can be specifically used for:
It determines the corresponding destination file format of the input file, and finds out survey corresponding with the destination file format
Examination value;
Using the test value found out as target detection value, and the length value that the aiming field information indicates is replaced
It is changed to the target detection value.
Further alternative, in embodiments of the present invention, described device may also include (not shown):
Data obtaining module 16, for obtaining the exception of the generation of target program described in the detection process of the Hole Detection
Information, and determine the corresponding test value of the exception information;
Update module 17, the corresponding test value of the exception information for being obtained according to the data obtaining module 16,
The test value corresponding with the destination file format of configuration is updated.
Further, detection module 14 may be used also after carrying out Hole Detection to target program according to the target detection value
The examining report for the exception information that the target program generates in the detection process including the Hole Detection is generated, in order to correlative measurement
Examination personnel carry out loophole maintenance according to the examining report.
In embodiments of the present invention, it can be parsed by the structure of the input file to target program, obtain the input
Multiple field informations of file, and the aiming field information for identification length is found out from multiple field information, thus
The length value that the aiming field information indicates is replaced with into preset boundary value, and according to the boundary value in the input file
Field is modified, and the test data is run in the target program after obtaining the corresponding test data of the boundary value, thus real
Now to the Hole Detection of the target program, so that effectively reducing the scale of the test data of generation, and program is effectively improved
Hole Detection efficiency.
Referring to Fig. 5, Fig. 5 is a kind of structural schematic diagram of terminal device provided in an embodiment of the present invention.Specifically, as schemed
Shown in 5, the terminal device of the embodiment of the present invention may include: at least one processor 100, at least one input unit
200, at least one output device 300, the equal components of memory 500.Wherein, these components by one or more bus 400 into
Row communication connection.It will be understood by those skilled in the art that the structure of terminal device shown in Fig. 5 is not constituted to of the invention real
The restriction of example is applied, it is also possible to hub-and-spoke configuration either busbar network, can also include more more or fewer than illustrating
Component perhaps combines certain components or different component layouts.Wherein:
Processor 100 is the control centre of terminal device, utilizes each of various interfaces and the entire terminal device of connection
A part by running or execute the program and/or module that are stored in memory 500, and calls and is stored in memory 500
Interior data, to execute the various functions and processing data of terminal device.Processor 100 can be by integrated circuit
(Integrated Circuit, abbreviation IC) composition, such as the IC that can be encapsulated by single are formed, can also be by more of connection
The encapsulation IC of identical function or different function and form.For example, processor 100 can only include central processing unit
(Central Processing Unit, abbreviation CPU) is also possible to CPU, digital signal processor (digital signal
Processor, abbreviation DSP), graphics processor (Graphic Processing Unit, abbreviation GPU) and various control chips
Combination.In embodiments of the present invention, CPU can be single operation core, also may include multioperation core.
Input unit 200 may include touch screen, keyboard, camera of standard etc., also may include wireline interface, wireless
Interface etc..
Output device 300 may include display screen, loudspeaker etc., also may include wireline interface, wireless interface etc..
Memory 500 can be used for storing software program and module, processor 100, input unit 200 and output device
300 by calling the software program and module that are stored in memory 500, thereby executing the various function applications of terminal device
And realize data processing.Memory 500 mainly includes program storage area and data storage area, wherein program storage area can be deposited
Application program needed for storing up operating system, at least one function etc.;Data storage area, which can be stored, uses institute according to terminal device
The data etc. of creation.In embodiments of the present invention, operating system can be android system, iOS system or Windows operation
System etc..
Specifically, processor 100 calls the application program being stored in memory 500, for executing following steps:
The structure of the input file of target program is parsed, obtain include the input file at least one field
The field information set of information;
The aiming field information for identification length is found out from the field information of the field information set;
The length value that the aiming field information indicates is replaced with into preconfigured target detection value, and according to the mesh
It marks test value and Hole Detection is carried out to the target program.
Optionally, processor 100 calls the application program being stored in memory 500 to execute described according to target survey
Examination value carries out Hole Detection to the target program, specifically executes following steps:
The field in the input file is modified according to the target detection value, obtains the target detection value pair
The test data answered;
The test data is run, in the target program to carry out Hole Detection to the target program.
Optionally, processor 100 calls the application program being stored in memory 500, is also used to execute following steps:
The file format of different files is obtained in advance, and configures survey corresponding with this document format for each file format
Examination value;
Processor 100 calls the application program being stored in memory 500 execution is described to refer to the aiming field information
The length value shown replaces with preconfigured target detection value, specifically executes following steps:
It determines the corresponding destination file format of the input file, and finds out survey corresponding with the destination file format
Examination value;
Using the test value found out as target detection value, and the length value that the aiming field information indicates is replaced
It is changed to the target detection value.
Optionally, processor 100 calls the application program being stored in memory 500 to execute described by the aiming field
The length value of information instruction replaces with preconfigured target detection value, and according to the target detection value to the target program
After carrying out Hole Detection, it is also used to execute following steps:
The exception information of the generation of target program described in the detection process of the Hole Detection is obtained, and is determined described different
The corresponding test value of normal information;
According to the corresponding test value of the exception information, to the test value corresponding with the destination file format of configuration into
Row updates.
Optionally, the target detection value is preconfigured boundary value.
In embodiments of the present invention, it can be parsed by the structure of the input file to target program, obtain the input
Multiple field informations of file, and the aiming field information for identification length is found out from multiple field information, thus
The length value that the aiming field information indicates is replaced with into preset test value, and the target program is carried out according to the test value
Hole Detection, so that the scale of the test data of generation is effectively reduced, to effectively improve program bug detection efficiency.
In the description of this specification, reference term " one embodiment ", " some embodiments ", " specific embodiment " " show
The description of example ", " specific example " or " some examples " etc. mean specific features described in conjunction with this embodiment or example, structure,
Material or feature are included at least one embodiment or example of the invention.In the present specification, above-mentioned term is shown
The statement of meaning property is necessarily directed to identical embodiment or example.Moreover, specific features, structure, material or the spy of description
Point may be combined in any suitable manner in any one or more of the embodiments or examples.In addition, without conflicting with each other,
Those skilled in the art can be by different embodiments or examples described in this specification and different embodiments or examples
Feature is combined.
In addition, term " first ", " second " are used for descriptive purposes only and cannot be understood as indicating or suggesting relative importance
Or implicitly indicate the quantity of indicated technical characteristic.Define " first " as a result, the feature of " second " can be expressed or
Implicitly include at least one this feature.In the description of the present invention, the meaning of " plurality " is at least two, such as two, three
It is a etc., unless otherwise specifically defined.
Any process described otherwise above or method description are construed as in flow chart or herein, and expression includes
It is one or more for realizing specific logical function or process the step of executable instruction code module, segment or portion
Point, and the range of the preferred embodiment of the present invention includes other realization, wherein can not press shown or discussed suitable
Sequence, including according to related function by it is basic simultaneously in the way of or in the opposite order, Lai Zhihang function, this should be of the invention
Embodiment person of ordinary skill in the field understood.
Expression or logic and/or step described otherwise above herein in flow charts, for example, being considered use
In the order list for the executable instruction for realizing logic function, may be embodied in any computer-readable medium, for
Instruction execution system, device or equipment (such as computer based system, including the system of processor or other can be held from instruction
The instruction fetch of row system, device or equipment and the system executed instruction) it uses, or combine these instruction execution systems, device or set
It is standby and use.For the purpose of this specification, " computer-readable medium ", which can be, any may include, stores, communicates, propagates or pass
Defeated program is for instruction execution system, device or equipment or the dress used in conjunction with these instruction execution systems, device or equipment
It sets.The more specific example (non-exhaustive list) of computer-readable medium include the following: there is the electricity of one or more wirings
Interconnecting piece (electronic device), portable computer diskette box (magnetic device), random access memory (RAM), read-only memory
(ROM), erasable edit read-only storage (EPROM or flash memory), fiber device and portable optic disk is read-only deposits
Reservoir (CDROM).In addition, computer-readable medium can even is that the paper that can print described program on it or other are suitable
Medium, because can then be edited, be interpreted or when necessary with it for example by carrying out optical scanner to paper or other media
His suitable method is handled electronically to obtain described program, is then stored in computer storage.
It should be appreciated that each section of the invention can be realized with hardware, software, firmware or their combination.Above-mentioned
In embodiment, software that multiple steps or method can be executed in memory and by suitable instruction execution system with storage
Or firmware is realized.It, and in another embodiment, can be under well known in the art for example, if realized with hardware
Any one of column technology or their combination are realized: having a logic gates for realizing logic function to data-signal
Discrete logic, with suitable combinational logic gate circuit specific integrated circuit, programmable gate array (PGA), scene
Programmable gate array (FPGA) etc..
Those skilled in the art are understood that realize all or part of step that above-described embodiment method carries
It suddenly is that relevant hardware can be instructed to complete by program, the program can store in a kind of computer-readable storage medium
In matter, which when being executed, includes the steps that one or a combination set of embodiment of the method.
It, can also be in addition, each functional unit in each embodiment of the present invention can integrate in a processing module
It is that each unit physically exists alone, can also be integrated in two or more units in a module.Above-mentioned integrated mould
Block both can take the form of hardware realization, can also be realized in the form of software function module.The integrated module is such as
Fruit is realized and when sold or used as an independent product in the form of software function module, also can store in a computer
In read/write memory medium.
Storage medium mentioned above can be read-only memory, disk or CD etc..Although having been shown and retouching above
The embodiment of the present invention is stated, it is to be understood that above-described embodiment is exemplary, and should not be understood as to limit of the invention
System, those skilled in the art can be changed above-described embodiment, modify, replace and become within the scope of the invention
Type.
Claims (6)
1. a kind of program bug detection method characterized by comprising
The structure of the input file of target program is parsed, obtain include the input file at least one field information
Field information set, the input file is pre-configured with according to the type information of the target program;
The aiming field information for identification length is found out from the field information of the field information set;
The length value that the aiming field information indicates is replaced with into preconfigured target detection value, and is surveyed according to the target
Examination value carries out Hole Detection to the target program, and the target detection value is that preconfigured boundary value and the boundary value are left
Right value;
The exception information of the generation of target program described in the detection process of the Hole Detection is obtained, and determines the abnormal letter
Cease corresponding test value;
It is corresponding to the destination file format corresponding with the input file of configuration according to the corresponding test value of the exception information
Test value be updated.
2. the method according to claim 1, wherein it is described according to the target detection value to the target program
Carry out Hole Detection, comprising:
The field in the input file is modified according to the target detection value, it is corresponding to obtain the target detection value
Test data;
The test data is run, in the target program to carry out Hole Detection to the target program.
3. according to the method described in claim 2, it is characterized in that, the method also includes:
The file format of different files is obtained in advance, and configures test corresponding with this document format for each file format
Value;
The length value by aiming field information instruction replaces with preconfigured target detection value, comprising:
It determines the corresponding destination file format of the input file, and finds out test corresponding with the destination file format
Value;
Using the test value found out as target detection value, and the length value that the aiming field information indicates is replaced with
The target detection value.
4. a kind of program bug detection device characterized by comprising
Parsing module, the structure for the input file to target program parse, obtain include the input file extremely
The field information set of a few field information, the input file is pre-configured with according to the type information of the target program
It obtains;
Searching module, for finding out the aiming field letter for identification length from the field information of the field information set
Breath;
The length value of replacement module, the aiming field information instruction for finding out the searching module replaces in advance
The target detection value of configuration, the target detection value are the value of preconfigured boundary value and described boundary value or so;
Detection module, for carrying out Hole Detection to the target program according to the target detection value;
Data obtaining module, for obtaining the exception information of the generation of target program described in the detection process of the Hole Detection,
And determine the corresponding test value of the exception information;
Update module, the corresponding test value of the exception information for being obtained according to the data obtaining module, to configuration
The corresponding test value of corresponding with input file destination file format is updated.
5. device according to claim 4, which is characterized in that the detection module includes:
Data generating unit obtains institute for being modified according to the target detection value to the field in the input file
State the corresponding test data of target detection value;
Processing unit, the test data generated for running the data generating unit in the target program, with right
The target program carries out Hole Detection.
6. device according to claim 5, which is characterized in that described device further include:
Preset module for obtaining the file format of different files in advance, and is the configuration of each file format and this document lattice
The corresponding test value of formula;
The replacement module is specifically used for:
It determines the corresponding destination file format of the input file, and finds out test corresponding with the destination file format
Value;
Using the test value found out as target detection value, and the length value that the aiming field information indicates is replaced with
The target detection value.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201510896795.3A CN105335657B (en) | 2015-12-07 | 2015-12-07 | A kind of program bug detection method and device |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201510896795.3A CN105335657B (en) | 2015-12-07 | 2015-12-07 | A kind of program bug detection method and device |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN105335657A CN105335657A (en) | 2016-02-17 |
| CN105335657B true CN105335657B (en) | 2019-04-05 |
Family
ID=55286176
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201510896795.3A Active CN105335657B (en) | 2015-12-07 | 2015-12-07 | A kind of program bug detection method and device |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN105335657B (en) |
Families Citing this family (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN108874403B (en) * | 2018-05-30 | 2022-07-12 | 深圳市分期乐网络科技有限公司 | Method, device and equipment for issuing rule file and storage medium |
| CN114978644B (en) * | 2022-05-13 | 2023-07-25 | 北京百度网讯科技有限公司 | Method and device for testing distribution network function of software, electronic equipment and storage medium |
Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101853200A (en) * | 2010-05-07 | 2010-10-06 | 北京大学 | High-efficiency dynamic software vulnerability exploiting method |
| CN103853650A (en) * | 2012-11-28 | 2014-06-11 | 西门子公司 | Test case generating method and device for fuzz testing |
| CN104573523A (en) * | 2013-10-24 | 2015-04-29 | 深圳市腾讯计算机系统有限公司 | File vulnerability mining realization method and device |
Family Cites Families (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103425570B (en) * | 2012-05-22 | 2016-04-27 | 中国科学院软件研究所 | A kind of Fuzz optimization method based on file layout |
| CN103617114B (en) * | 2013-10-23 | 2016-03-02 | 江苏大学 | Based on third party's component vulnerability test method of condition and parameter variation |
-
2015
- 2015-12-07 CN CN201510896795.3A patent/CN105335657B/en active Active
Patent Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101853200A (en) * | 2010-05-07 | 2010-10-06 | 北京大学 | High-efficiency dynamic software vulnerability exploiting method |
| CN103853650A (en) * | 2012-11-28 | 2014-06-11 | 西门子公司 | Test case generating method and device for fuzz testing |
| CN104573523A (en) * | 2013-10-24 | 2015-04-29 | 深圳市腾讯计算机系统有限公司 | File vulnerability mining realization method and device |
Also Published As
| Publication number | Publication date |
|---|---|
| CN105335657A (en) | 2016-02-17 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US10146845B2 (en) | Method and apparatus for accelerated format translation of data in a delimited data format | |
| US9098500B1 (en) | Revision history storage and maintenance | |
| CN104407976B (en) | A kind of interface robustness testing case generation method and device | |
| US11216604B2 (en) | Systems and methods for co-simulation | |
| CN109375901A (en) | Interface message management method, device, computer equipment and storage medium | |
| CN105446864B (en) | Method and device for verifying influence of deletion of cache file and mobile terminal | |
| CN104598020A (en) | PRESERVING EMOTION OF USER INPUT and devie | |
| CN104572463A (en) | Method and device for testing interface information | |
| US8495555B2 (en) | Computer aided design system and method | |
| CN107451112B (en) | Form tool data checking method, device, terminal equipment and storage medium | |
| CN105335657B (en) | A kind of program bug detection method and device | |
| CN108170425A (en) | A kind of amending method of program code, modification device and terminal device | |
| CN105426305A (en) | Control attribute analysis system and method | |
| CN109446096A (en) | A kind of intelligence contract adjustment method, device and its storage medium | |
| CN107544811A (en) | Ios platform hides method, storage medium, electronic equipment and the system of dylib files | |
| CN104899042B (en) | A kind of embedded machine vision detection program developing method and system | |
| CN106201790B (en) | A kind of adjustment method and debugging system based on DSDT table | |
| CN116911240B (en) | Command configuration method, device, equipment and medium of electronic automation design software | |
| CN108614692A (en) | Edit model method, apparatus, server and medium | |
| US10209965B1 (en) | In-line function synchronization | |
| US8671383B2 (en) | Viewing and debugging HDL designs having SystemVerilog interface constructs | |
| CN116257714A (en) | Method, device, computer equipment and storage medium for generating cascading style sheet | |
| CN115952762A (en) | Method, device and system for detecting coverage rate of chip simulation function | |
| CN105373115A (en) | Configuration management-based exciter and exciter interface test method | |
| CN106484728A (en) | The generation method of daily record data, analytic method, generating means and resolver |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| TA01 | Transfer of patent application right |
Effective date of registration: 20181204 Address after: Room 105-53811, No. 6 Baohua Road, Hengqin New District, Zhuhai City, Guangdong Province Applicant after: Zhuhai Leopard Technology Co.,Ltd. Address before: 519070, six level 601F, 10 main building, science and technology road, Tangjia Bay Town, Zhuhai, Guangdong. Applicant before: Zhuhai Juntian Electronic Technology Co.,Ltd. Applicant before: BEIJING KINGSOFT INTERNET SECURITY SOFTWARE Co.,Ltd. |
|
| TA01 | Transfer of patent application right | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |