CN111506904A - Method and device for online vulnerability repair - Google Patents
Method and device for online vulnerability repair Download PDFInfo
- Publication number
- CN111506904A CN111506904A CN202010315449.2A CN202010315449A CN111506904A CN 111506904 A CN111506904 A CN 111506904A CN 202010315449 A CN202010315449 A CN 202010315449A CN 111506904 A CN111506904 A CN 111506904A
- Authority
- CN
- China
- Prior art keywords
- program
- repaired
- bug
- repair
- online
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
- 230000008439 repair process Effects 0.000 title claims abstract description 83
- 238000000034 method Methods 0.000 title claims abstract description 52
- 230000004044 response Effects 0.000 claims description 19
- 238000004590 computer program Methods 0.000 claims description 10
- 229940060321 after-bug Drugs 0.000 claims description 7
- 238000001514 detection method Methods 0.000 claims description 7
- 238000010586 diagram Methods 0.000 description 14
- 230000006870 function Effects 0.000 description 6
- 238000004891 communication Methods 0.000 description 5
- 230000003287 optical effect Effects 0.000 description 4
- 230000008569 process Effects 0.000 description 3
- 238000004458 analytical method Methods 0.000 description 2
- 238000005457 optimization Methods 0.000 description 2
- 230000000644 propagated effect Effects 0.000 description 2
- 230000006399 behavior Effects 0.000 description 1
- 230000000694 effects Effects 0.000 description 1
- 238000005516 engineering process Methods 0.000 description 1
- 239000000835 fiber Substances 0.000 description 1
- 230000006872 improvement Effects 0.000 description 1
- 239000004973 liquid crystal related substance Substances 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 239000013307 optical fiber Substances 0.000 description 1
- 239000004065 semiconductor Substances 0.000 description 1
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/57—Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
- G06F21/577—Assessing vulnerabilities and evaluating computer system security
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F11/00—Error detection; Error correction; Monitoring
- G06F11/07—Responding to the occurrence of a fault, e.g. fault tolerance
- G06F11/0703—Error or fault processing not based on redundancy, i.e. by taking additional measures to deal with the error or fault not making use of redundancy in operation, in hardware, or in data representation
- G06F11/0793—Remedial or corrective actions
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/03—Indexing scheme relating to G06F21/50, monitoring users, programs or devices to maintain the integrity of platforms
- G06F2221/033—Test or assess software
Landscapes
- Engineering & Computer Science (AREA)
- General Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Computer Hardware Design (AREA)
- Computer Security & Cryptography (AREA)
- Software Systems (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Computing Systems (AREA)
- Quality & Reliability (AREA)
- Debugging And Monitoring (AREA)
Abstract
The embodiment of the disclosure discloses a method and a device for online vulnerability repair, wherein a specific implementation mode of the method comprises the following steps: detecting an online log of a product in an online state; when detecting that program error information exists in the online log, acquiring a program code to be repaired, which is indicated by the program error information, wherein the program error information comprises a program error type; acquiring a bug repair code matched with a program code to be repaired based on a repair strategy, wherein the repair strategy is obtained by judging the type of a program error; compiling the bug fixing codes into bug fixing byte codes; updating the bytecode corresponding to the program code to be repaired in the virtual machine for executing the program code to be repaired based on the bug repair bytecode; and performing bug fixing on the program code to be fixed based on the updated byte codes in the virtual machine. The implementation method shortens the time consumed by modifying the code logic and upgrading the program, and improves the efficiency of processing the loophole of the product.
Description
Technical Field
The embodiment of the disclosure relates to the technical field of computers, in particular to the technical field of data processing, and particularly relates to a method and a device for online vulnerability repair.
Background
With the increasing number of online applications, the use amount is larger and larger, and the problem probability is also larger and larger. In some particular cases, for example: when the application is highly concurrent, the cycle of modifying code logic and releasing a new version application to solve a bug (bug) is long, and the service requirement is difficult to meet.
Disclosure of Invention
The embodiment of the disclosure provides a method and a device for online vulnerability repair.
In a first aspect, an embodiment of the present disclosure provides a method for online vulnerability repair, including: detecting an online log of a product in an online state; when detecting that program error information exists in the online log, acquiring a program code to be repaired, which is indicated by the program error information, wherein the program error information comprises a program error type; acquiring a bug repair code matched with a program code to be repaired based on a repair strategy, wherein the repair strategy is obtained by judging the type of a program error; compiling the bug fixing codes into bug fixing byte codes; updating the bytecode corresponding to the program code to be repaired in the virtual machine for executing the program code to be repaired based on the bug repair bytecode; and performing bug fixing on the program code to be fixed based on the updated byte codes in the virtual machine.
In some embodiments, obtaining bug fix code matching with program code to be fixed based on a fixing strategy includes: judging the type of the program error; in response to the fact that the program error type is judged to represent that a null indicator exists in the program to be repaired, determining a repair strategy to be assigned to a variable indicated by the null indicator in the program to be repaired; and acquiring the bug fixing codes matched with the program codes to be fixed based on the fixing strategy.
In some embodiments, after determining the type of program error, the method further includes: and in response to the fact that the program error type is judged to represent that a path error pointer exists in the program to be repaired, determining that the repair strategy is to modify the path of the program to be repaired.
In some embodiments, after determining the type of program error, the method further includes: and in response to the fact that the program error type is judged to represent that a variable value error pointer exists in the program to be repaired, determining that the repair strategy is to modify the variable value in the program to be repaired.
In some embodiments, updating the bytecode corresponding to the program code to be repaired in the virtual machine for executing the program code to be repaired based on the bug fix bytecode includes: and updating the bytecode corresponding to the program code to be repaired in the Java virtual machine for executing the program code to be repaired based on the bug repair bytecode.
In some embodiments, the method further comprises: and positioning the problems in the product program according to the correlation between the program code to be repaired after bug repair and the product program.
In some embodiments, the method further comprises: the program and/or product structure of the product is optimized based on the problems in the program of the product.
In a second aspect, an embodiment of the present disclosure provides an apparatus for online vulnerability repair, including: a detection unit configured to detect an online log of a product in an online state; when detecting that program error information exists in the online log, acquiring a program code to be repaired, which is indicated by the program error information, wherein the program error information comprises a program error type; the acquisition unit is configured to acquire bug fixing codes matched with the program codes to be fixed based on a fixing strategy, wherein the fixing strategy is obtained by judging the types of program errors; a compiling unit configured to compile the bug fix code into bug fix bytecode; an updating unit configured to update, based on the bug fix bytecode, a bytecode corresponding to the program code to be fixed in a virtual machine for executing the program code to be fixed; and the repairing unit is configured to perform bug repairing on the program code to be repaired based on the updated byte codes in the virtual machine.
In some embodiments, the obtaining unit comprises: a first determination module configured to determine a type of program error; in response to the fact that the program error type is judged to represent that a null indicator exists in the program to be repaired, determining a repair strategy to be assigned to a variable indicated by the null indicator in the program to be repaired; the obtaining module is configured to obtain the bug fix codes matched with the program codes to be fixed based on the fixing strategy.
In some embodiments, the obtaining unit further comprises: and the second determining module is configured to determine that the repair strategy is to modify the path of the program to be repaired in response to the fact that the type of the program error is determined to represent that the path error pointer exists in the program to be repaired.
In some embodiments, the obtaining unit further comprises: and the third determining module is configured to determine the repair strategy as modifying the variable value in the program to be repaired in response to judging that the type of the program error is that the variable value error pointer exists in the program to be repaired.
In some embodiments, the apparatus further comprises: and the positioning unit is configured to position the problem in the product program according to the correlation between the program code to be repaired after bug repair and the product program.
In a third aspect, an embodiment of the present disclosure provides an electronic device, including: one or more processors; a storage device having one or more programs stored thereon, which when executed by one or more processors, cause the one or more processors to implement the method as described in any of the implementations of the first aspect.
In a fourth aspect, an embodiment of the present disclosure provides a computer-readable medium on which a computer program is stored, wherein the computer program, when executed by a processor, implements the method as described in any implementation manner of the first aspect.
The method and the device for online bug repair provided by the embodiment of the disclosure adopt the steps of detecting an online log of a product in an online state, acquiring a program code to be repaired indicated by program error information when the online log is detected to have the program error information, acquiring a bug repair code matched with the program code to be repaired based on a repair strategy, compiling the bug repair code into a bug repair byte code, updating the byte code corresponding to the program code to be repaired in a virtual machine for executing the program code to be repaired based on the bug repair byte code, performing bug repair on the program code to be repaired based on the updated byte code in the virtual machine, solving the bug problem in the program on line without releasing the online version of the program, avoiding the problem that the modified program cannot be pushed online when the application is high in concurrence and a server cannot be shut down, by updating the byte codes and skipping the program codes corresponding to the bugs, the problem that the user experience of a client side is poor if the modified program version is not released in time in the prior art is solved, quick bug repair is realized, time consumed by modifying code logic and upgrading the program is shortened, and the bug processing efficiency of products is improved.
Drawings
Other features, objects and advantages of the disclosure will become more apparent upon reading of the following detailed description of non-limiting embodiments thereof, made with reference to the accompanying drawings in which:
FIG. 1 is an exemplary system architecture diagram in which some embodiments of the present disclosure may be applied;
FIG. 2 is a flow diagram of one embodiment of a method of vulnerability online repair according to the present disclosure;
FIG. 3 is a schematic diagram of an application scenario of a method for online vulnerability repair, according to an embodiment of the present disclosure;
FIG. 4 is a flow diagram of another embodiment of a method of vulnerability online repair according to the present disclosure;
FIG. 5 is a schematic structural diagram of an embodiment of an apparatus for online vulnerability repair according to the present disclosure;
FIG. 6 is a schematic structural diagram of an electronic device suitable for use in implementing embodiments of the present disclosure.
Detailed Description
The present disclosure is described in further detail below with reference to the accompanying drawings and examples. It is to be understood that the specific embodiments described herein are merely illustrative of the relevant invention and not restrictive of the invention. It should be noted that, for convenience of description, only the portions related to the related invention are shown in the drawings.
It should be noted that, in the present disclosure, the embodiments and features of the embodiments may be combined with each other without conflict. The present disclosure will be described in detail below with reference to the accompanying drawings in conjunction with embodiments.
Fig. 1 illustrates an exemplary system architecture 100 to which the methods and apparatus of vulnerability online repair of embodiments of the present disclosure may be applied.
As shown in fig. 1, the system architecture 100 may include terminal devices 101, 102, 103, a network 104, and a server 105. The network 104 serves as a medium for providing communication links between the terminal devices 101, 102, 103 and the server 105. Network 104 may include various connection types, such as wired, wireless communication links, or fiber optic cables, to name a few.
The user may use the terminal devices 101, 102, 103 to interact with the server 105 via the network 104 to receive or send messages or the like. The terminal devices 101, 102, 103 may have various communication client applications installed thereon, such as a web browser application, a shopping application, a search application, an instant messaging tool, a mailbox client, social platform software, and the like.
The terminal apparatuses 101, 102, and 103 may be hardware or software. When the terminal devices 101, 102, 103 are hardware, they may be various electronic devices having a display screen and supporting web browsing, including but not limited to smart phones, tablet computers, e-book readers, laptop portable computers, desktop computers, and the like. When the terminal apparatuses 101, 102, 103 are software, they can be installed in the electronic apparatuses listed above. It may be implemented, for example, as multiple software or software modules to provide distributed services, or as a single software or software module. And is not particularly limited herein.
The server 105 may be a server providing various services, such as a bug fix server providing support for user behavior data of the terminal devices 101, 102, 103. The bug fixing server can perform bug fixing on the program code to be fixed and the like, and feed back the fixing result (such as the fixed program) to the background server so as to further position the problem of the product program.
It should be noted that the method for online bug fixing provided by the embodiments of the present disclosure is generally executed by the server 105. Accordingly, the means for vulnerability online repair is typically located in the server 105. And is not particularly limited herein.
The server may be hardware or software. When the server is hardware, it may be implemented as a distributed server cluster formed by multiple servers, or may be implemented as a single server. When the server is software, it may be implemented as multiple pieces of software or software modules, for example, to provide distributed services, or as a single piece of software or software module. And is not particularly limited herein.
It should be understood that the number of terminal devices, networks, and servers in fig. 1 is merely illustrative. There may be any number of terminal devices, networks, and servers, as desired for implementation.
With continued reference to FIG. 2, a flow 200 of one embodiment of a method of vulnerability online repair is shown, in accordance with the present disclosure. The online vulnerability repairing method comprises the following steps:
In this embodiment, when a product is online, an execution subject (for example, a server shown in fig. 1) of the method may detect an online log, and when detecting that there is program error information in the online log, obtain a program code to be repaired indicated by the program error information. The online log can record program error information of a program with problems in the product according to a preset marking rule, and the program error information comprises a program error type.
In this embodiment, the execution subject may determine the type of the program error according to a determination rule; and acquiring a corresponding repairing strategy, and inquiring to acquire the bug repairing code matched with the program code to be repaired according to the repairing strategy. The bug fix code may be pre-set by a developer.
In this embodiment, the execution subject may compile the bug fix code into bug fix bytecode.
And step 204, updating the bytecode corresponding to the program code to be repaired in the virtual machine for executing the program code to be repaired based on the bug repair bytecode.
In this embodiment, the execution main body may update a bytecode corresponding to the program code to be repaired in the virtual machine for executing the program code to be repaired to a bug fix bytecode.
In this embodiment, the execution body may fix the bug problem of the program to be fixed based on the updated bytecode (i.e., the bytecode of the product program) in the virtual machine, so as to solve the bug problem of the program.
It should be noted that the above updating method is a well-known technique widely studied and applied at present, and is not described herein again.
With continued reference to fig. 3, fig. 3 is a schematic diagram 300 of an application scenario of the online vulnerability fixing method according to the present embodiment. In an online state of a product, a server 302 receives an access request 303 sent by a client 301 to store a program problem in an online log, the server 302 dynamically detects the online log, when program error information is detected to exist in the online log, a program code to be repaired indicated by the program error information is obtained, a bug repairing code matched with the program code to be repaired is obtained based on a repairing strategy obtained by judgment, the bug repairing code is compiled into a bug repairing byte code, the byte code corresponding to the program code to be repaired in a virtual machine is updated based on the bug repairing byte code, and finally, the bug repairing is carried out on the program code to be repaired based on the updated byte code in the virtual machine.
The online bug repairing method provided by the embodiment of the disclosure adopts the steps of detecting an online log of a product in an online state, acquiring a program code to be repaired indicated by program error information when detecting that the online log has the program error information, acquiring a bug repairing code matched with the program code to be repaired based on a repairing strategy, compiling the bug repairing code into a bug repairing byte code, updating the byte code corresponding to the program code to be repaired in a virtual machine for executing the program code to be repaired based on the bug repairing byte code, performing bug repairing on the program code to be repaired based on the updated byte code in the virtual machine, solving the bug problem in the program on line without releasing the online version of the program, avoiding the problem that the modified program cannot be pushed online when the application is highly concurrent and a server cannot be shut down, by updating the byte codes and skipping the program codes corresponding to the bugs, the problem that the user experience of a client side is poor if the modified program version is not released in time in the prior art is solved, quick bug repair is realized, time consumed by modifying code logic and upgrading the program is shortened, and the bug processing efficiency of products is improved.
With further reference to FIG. 4, a flow diagram of another embodiment of a method of online vulnerability repair is shown. The process 400 of the analysis method includes the following steps:
And 402, judging the type of the program error, and determining a repair strategy as assignment of a variable indicated by a null pointer in the program to be repaired in response to the fact that the type of the program error is judged to represent that the null pointer exists in the program to be repaired.
In this embodiment, the execution main body may determine the type of the program error, and when it is determined that the type of the program error indicates that a null pointer exists in the program to be repaired, determine that the repair policy is to assign a value to a variable indicated by the null pointer in the program to be repaired. The null pointer refers to the address of the variable which has no value assigned by the variable due to the program exception.
In some optional implementation manners of this embodiment, after determining the type of the program error, the method further includes: and in response to the fact that the program error type is judged to represent that a path error pointer exists in the program to be repaired, determining that the repair strategy is to modify the path of the program to be repaired.
In some optional implementation manners of this embodiment, after determining the type of the program error, the method further includes: and in response to the fact that the program error type is judged to represent that a variable value error pointer exists in the program to be repaired, determining that the repair strategy is to modify the variable value in the program to be repaired.
And step 403, acquiring a bug fix code matched with the program code to be fixed based on the fixing strategy.
In this embodiment, the execution subject may obtain the bug fix code matched with the program code to be fixed based on the determined fixing policy.
In some optional implementation manners of this embodiment, updating, based on the bug fix bytecode, a bytecode corresponding to the to-be-repaired program code in a virtual machine that is used to execute the to-be-repaired program code, including: and updating the bytecode corresponding to the program code to be repaired in the Java virtual machine for executing the program code to be repaired based on the bug repair bytecode. Bug fixing is performed through Java language, so that subsequent developers can modify byte codes and optimization programs more easily.
And 406, performing bug fixing on the program code to be fixed based on the updated byte codes in the virtual machine.
Step 407, positioning the problem in the product program according to the correlation between the program code to be repaired after bug repair and the product program.
In this embodiment, the execution subject may locate a problem in the product program according to a correlation between the program code to be repaired after bug fixing and the product program. For example, adding code before the program code to be repaired is used for outputting the program with problems, and positioning relevant problems in the product program according to the program with problems as the basis of the product program and the product improvement optimization.
In some optional implementations of this embodiment, the method further includes: the program and/or product structure of the product is optimized based on the problems in the program of the product. The problem in the product program is determined, and the analysis is carried out by using modes such as problem recurrence and the like, so that the product program is further improved, and the product structure is optimized.
In the embodiment, the specific operations of steps 401, 404 to 406 are substantially the same as the operations of steps 201, 203 to 205 in the embodiment shown in fig. 2, and are not repeated herein.
As can be seen from fig. 4, compared with the embodiment corresponding to fig. 2, the flow 400 of the online bug fixing method in this embodiment adopts the step of determining the type of program error; and in response to the fact that the type of the program error is judged to represent that the null pointer exists in the program to be repaired, determining that the repair strategy is to assign a variable indicated by the null pointer in the program to be repaired, and uniformly classifying and processing the error problem by adopting different repair strategies for different types of program errors, so that the problem that the programmer is unfamiliar with java byte codes and the modification error occurs is solved, and the accuracy of program bug repair is improved.
With further reference to fig. 5, as an implementation of the method shown in the above diagrams, the present disclosure provides an embodiment of an apparatus for online vulnerability repair, where the embodiment of the apparatus corresponds to the embodiment of the method shown in fig. 2, and the apparatus may be specifically applied to various electronic devices.
As shown in fig. 5, the apparatus 500 for online vulnerability repair of the present embodiment includes: the online log detection system comprises a detection unit 501, an acquisition unit 502, a compiling unit 503, an updating unit 504 and a repairing unit 505, wherein the detection unit is configured to detect an online log of a product in an online state; when detecting that program error information exists in the online log, acquiring a program code to be repaired, which is indicated by the program error information, wherein the program error information comprises a program error type; the acquisition unit is configured to acquire bug fixing codes matched with the program codes to be fixed based on a fixing strategy, wherein the fixing strategy is obtained by judging the types of program errors; a compiling unit configured to compile the bug fix code into bug fix bytecode; an updating unit configured to update, based on the bug fix bytecode, a bytecode corresponding to the program code to be fixed in a virtual machine for executing the program code to be fixed; and the repairing unit is configured to perform bug repairing on the program code to be repaired based on the updated byte codes in the virtual machine.
In this embodiment, for specific processing of the detecting unit 501, the obtaining unit 502, the compiling unit 503, the updating unit 504 and the repairing unit 505 of the apparatus 500 for online bug fix and technical effects brought by the processing, reference may be made to the related descriptions of step 201 to step 205 in the embodiment corresponding to fig. 2, which are not described herein again.
In some optional implementation manners of this embodiment, the obtaining unit includes: a first determination module configured to determine a type of program error; in response to the fact that the program error type is judged to represent that a null indicator exists in the program to be repaired, determining a repair strategy to be assigned to a variable indicated by the null indicator in the program to be repaired; the obtaining module is configured to obtain the bug fix codes matched with the program codes to be fixed based on the fixing strategy.
In some optional implementation manners of this embodiment, the obtaining unit further includes: and the second determining module is configured to determine that the repair strategy is to modify the path of the program to be repaired in response to the fact that the type of the program error is determined to represent that the path error pointer exists in the program to be repaired.
In some optional implementation manners of this embodiment, the obtaining unit further includes: and the third determining module is configured to determine the repair strategy as modifying the variable value in the program to be repaired in response to judging that the type of the program error is that the variable value error pointer exists in the program to be repaired.
In some optional implementations of this embodiment, the apparatus further includes: and the positioning unit is configured to position the problem in the product program according to the correlation between the program code to be repaired after bug repair and the product program.
Referring now to FIG. 6, a schematic diagram of an electronic device (e.g., the server of FIG. 1) 600 suitable for use in implementing embodiments of the present disclosure is shown. The terminal device in the embodiments of the present disclosure may include, but is not limited to, a mobile terminal such as a mobile phone, a notebook computer, a digital broadcast receiver, a PDA (personal digital assistant), a PAD (tablet computer), a PMP (portable multimedia player), a vehicle terminal (e.g., a car navigation terminal), and the like, and a fixed terminal such as a digital TV, a desktop computer, and the like. The server shown in fig. 6 is only an example, and should not bring any limitation to the functions and the scope of use of the embodiments of the present disclosure.
As shown in fig. 6, electronic device 600 may include a processing means (e.g., central processing unit, graphics processor, etc.) 601 that may perform various appropriate actions and processes in accordance with a program stored in a Read Only Memory (ROM)602 or a program loaded from a storage means 608 into a Random Access Memory (RAM) 603. In the RAM603, various programs and data necessary for the operation of the electronic apparatus 600 are also stored. The processing device 601, the ROM 602, and the RAM603 are connected to each other via a bus 604. An input/output (I/O) interface 605 is also connected to bus 604.
In general, input devices 606 including, for example, a touch screen, touch pad, keyboard, mouse, camera, microphone, accelerometer, gyroscope, etc., output devices 607 including, for example, a liquid crystal display (L CD), speaker, vibrator, etc., storage devices 608 including, for example, magnetic tape, hard disk, etc., and communication devices 609.
In particular, according to an embodiment of the present disclosure, the processes described above with reference to the flowcharts may be implemented as computer software programs. For example, embodiments of the present disclosure include a computer program product comprising a computer program embodied on a computer readable medium, the computer program comprising program code for performing the method illustrated in the flow chart. In such an embodiment, the computer program may be downloaded and installed from a network via the communication means 609, or may be installed from the storage means 608, or may be installed from the ROM 602. The computer program, when executed by the processing device 601, performs the above-described functions defined in the methods of embodiments of the present disclosure.
It should be noted that the computer readable medium described in the embodiments of the present disclosure may be a computer readable signal medium or a computer readable storage medium or any combination of the two. A computer readable storage medium may be, for example, but not limited to, an electronic, magnetic, optical, electromagnetic, infrared, or semiconductor system, apparatus, or device, or any combination of the foregoing. More specific examples of the computer readable storage medium may include, but are not limited to: an electrical connection having one or more wires, a portable computer diskette, a hard disk, a Random Access Memory (RAM), a read-only memory (ROM), an erasable programmable read-only memory (EPROM or flash memory), an optical fiber, a portable compact disc read-only memory (CD-ROM), an optical storage device, a magnetic storage device, or any suitable combination of the foregoing. In embodiments of the disclosure, a computer readable storage medium may be any tangible medium that can contain, or store a program for use by or in connection with an instruction execution system, apparatus, or device. In embodiments of the present disclosure, however, a computer readable signal medium may comprise a propagated data signal with computer readable program code embodied therein, for example, in baseband or as part of a carrier wave. Such a propagated data signal may take many forms, including, but not limited to, electro-magnetic, optical, or any suitable combination thereof. A computer readable signal medium may also be any computer readable medium that is not a computer readable storage medium and that can communicate, propagate, or transport a program for use by or in connection with an instruction execution system, apparatus, or device. Program code embodied on a computer readable medium may be transmitted using any appropriate medium, including but not limited to: electrical wires, optical cables, RF (radio frequency), etc., or any suitable combination of the foregoing.
The computer readable medium may be embodied in the electronic device; or may exist separately without being assembled into the electronic device. The computer readable medium carries one or more programs which, when executed by the electronic device, cause the electronic device to: detecting an online log of a product in an online state; when detecting that program error information exists in the online log, acquiring a program code to be repaired, which is indicated by the program error information, wherein the program error information comprises a program error type; acquiring a bug repair code matched with a program code to be repaired based on a repair strategy, wherein the repair strategy is obtained by judging the type of a program error; compiling the bug fixing codes into bug fixing byte codes; updating the bytecode corresponding to the program code to be repaired in the virtual machine for executing the program code to be repaired based on the bug repair bytecode; and performing bug fixing on the program code to be fixed based on the updated byte codes in the virtual machine.
Computer program code for carrying out operations for embodiments of the present disclosure may be written in any combination of one or more programming languages, including AN object oriented programming language such as Java, Smalltalk, C + +, and conventional procedural programming languages, such as the "C" programming language or similar programming languages.
The flowchart and block diagrams in the figures illustrate the architecture, functionality, and operation of possible implementations of systems, methods and computer program products according to various embodiments of the present disclosure. In this regard, each block in the flowchart or block diagrams may represent a module, segment, or portion of code, which comprises one or more executable instructions for implementing the specified logical function(s). It should also be noted that, in some alternative implementations, the functions noted in the block may occur out of the order noted in the figures. For example, two blocks shown in succession may, in fact, be executed substantially concurrently, or the blocks may sometimes be executed in the reverse order, depending upon the functionality involved. It will also be noted that each block of the block diagrams and/or flowchart illustration, and combinations of blocks in the block diagrams and/or flowchart illustration, can be implemented by special purpose hardware-based systems which perform the specified functions or acts, or combinations of special purpose hardware and computer instructions.
The units described in the embodiments of the present disclosure may be implemented by software or hardware. The described units may also be provided in a processor, and may be described as: a processor includes a detection unit, an acquisition unit, a compiling unit, an updating unit, and a repair unit. The names of these units do not constitute a limitation to the unit itself in some cases, and for example, the detection unit may also be described as "a unit that detects an online log of a product in an online state, and acquires program code to be repaired indicated by program error information when detecting that the program error information exists in the online log".
The foregoing description is only exemplary of the preferred embodiments of the disclosure and is illustrative of the principles of the technology employed. It will be appreciated by those skilled in the art that the scope of the invention in the embodiments of the present disclosure is not limited to the specific combination of the above-mentioned features, but also encompasses other embodiments in which any combination of the above-mentioned features or their equivalents is made without departing from the inventive concept as defined above. For example, the above features and (but not limited to) technical features with similar functions disclosed in the embodiments of the present disclosure are mutually replaced to form the technical solution.
Claims (14)
1. A method for online vulnerability repair, the method comprising:
detecting an online log of a product in an online state;
when detecting that program error information exists in the online log, acquiring a program code to be repaired, which is indicated by the program error information, wherein the program error information comprises a program error type;
acquiring a bug repairing code matched with the program code to be repaired based on a repairing strategy, wherein the repairing strategy is obtained by judging the type of the program error;
compiling the bug fix codes into bug fix byte codes;
updating the bytecode corresponding to the program code to be repaired in a virtual machine for executing the program code to be repaired based on the bug repair bytecode;
and performing bug repairing on the program code to be repaired based on the updated byte codes in the virtual machine.
2. The method for online bug fix according to claim 1, wherein the obtaining bug fix codes matching with the program codes to be fixed based on the fix policy comprises:
judging the type of the program error;
in response to the fact that the program error type is judged to represent that a null indicator exists in the program to be repaired, determining a repair strategy to assign a variable indicated by the null indicator in the program to be repaired;
and acquiring the bug repairing codes matched with the program codes to be repaired based on the repairing strategy.
3. The method for online vulnerability repair of claim 2, wherein after the determining the type of bug is based on a repair policy, further comprising:
and in response to determining that the program error type is characterized in that a path error pointer exists in the program to be repaired, determining a repair strategy to modify the path in the program to be repaired.
4. The method for online vulnerability repair of claim 2, wherein after the determining the type of bug is based on a repair policy, further comprising:
and in response to determining that the program error type is characterized by a variable value error pointer in the program to be repaired, determining a repair policy to modify the variable value in the program to be repaired.
5. The method for online bug fix according to claim 1, wherein updating the bytecode corresponding to the program code to be fixed in the virtual machine for executing the program code to be fixed based on the bug fix bytecode comprises:
and updating the bytecode corresponding to the program code to be repaired in the Java virtual machine for executing the program code to be repaired based on the bug repair bytecode.
6. The method of online vulnerability repair of claim 1, the method further comprising:
and positioning the problems in the product program according to the correlation between the program code to be repaired and the product program after bug repairing.
7. The method of online vulnerability repair of claim 6, the method further comprising:
optimizing a program and/or product structure of a product based on a problem in the program of the product.
8. An apparatus for online vulnerability repair, comprising:
a detection unit configured to detect an online log of a product in an online state; when detecting that program error information exists in the online log, acquiring a program code to be repaired, which is indicated by the program error information, wherein the program error information comprises a program error type;
the acquisition unit is configured to acquire bug fixing codes matched with the program codes to be fixed based on a fixing strategy, wherein the fixing strategy is obtained by judging the types of the program errors;
a compiling unit configured to compile the bug fix code into bug fix bytecode;
an updating unit configured to update, based on the bug fix bytecode, a bytecode corresponding to the program code to be fixed in a virtual machine for executing the program code to be fixed;
and the repairing unit is configured to perform bug repairing on the program code to be repaired based on the updated byte codes in the virtual machine.
9. The apparatus for online vulnerability repair of claim 8, wherein the obtaining unit comprises:
a determination module configured to determine the type of program error;
a first determining module, configured to determine a repair policy to assign a value to a variable indicated by a null pointer in the program to be repaired in response to determining that the type of the program error is that the null pointer exists in the program to be repaired;
and the obtaining module is configured to obtain the bug fix codes matched with the program codes to be fixed based on the fixing strategy.
10. The apparatus for online vulnerability repair of claim 9, wherein the obtaining unit further comprises:
a second determining module configured to determine a repair policy to modify the path in the program to be repaired in response to determining that the type of the program error is indicative of a path error pointer existing in the program to be repaired.
11. The apparatus for online vulnerability repair of claim 9, wherein the obtaining unit further comprises:
a third determination module configured to determine a repair policy to modify the variable value in the program to be repaired in response to determining that the program error type is indicative of a variable value error pointer existing in the program to be repaired.
12. The apparatus for online vulnerability repair of claim 8, the apparatus further comprising:
and the positioning unit is configured to position the problem in the product program according to the correlation between the program code to be repaired and the product program after bug repair.
13. An electronic device, comprising:
one or more processors;
a storage device having one or more programs stored thereon;
when executed by the one or more processors, cause the one or more processors to implement the method of any one of claims 1-7.
14. A computer-readable medium, on which a computer program is stored, wherein the program, when executed by a processor, implements the method of any one of claims 1-7.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202010315449.2A CN111506904B (en) | 2020-04-21 | 2020-04-21 | Method and device for online bug repair |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202010315449.2A CN111506904B (en) | 2020-04-21 | 2020-04-21 | Method and device for online bug repair |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN111506904A true CN111506904A (en) | 2020-08-07 |
| CN111506904B CN111506904B (en) | 2024-01-12 |
Family
ID=71878870
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202010315449.2A Active CN111506904B (en) | 2020-04-21 | 2020-04-21 | Method and device for online bug repair |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN111506904B (en) |
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN112199110A (en) * | 2020-10-16 | 2021-01-08 | 上海睿成软件有限公司 | Restart-free operation and maintenance upgrading method, system, device and medium |
| CN113467815A (en) * | 2021-06-30 | 2021-10-01 | 平安壹钱包电子商务有限公司 | Application repair method and device for hot update, terminal equipment and storage medium |
Citations (8)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20110302566A1 (en) * | 2010-06-03 | 2011-12-08 | International Business Machines Corporation | Fixing security vulnerability in a source code |
| US20120317647A1 (en) * | 2011-05-26 | 2012-12-13 | Carnegie Mellon University | Automated Exploit Generation |
| CN104965777A (en) * | 2015-02-04 | 2015-10-07 | 腾讯科技(深圳)有限公司 | Safety test method, apparatus and system |
| CN106446690A (en) * | 2016-09-05 | 2017-02-22 | 北京蓝海讯通科技股份有限公司 | Application vulnerability restoration apparatus, method and system |
| CN107329781A (en) * | 2017-06-21 | 2017-11-07 | 努比亚技术有限公司 | The hot restorative procedure of software, terminal, system and computer-readable recording medium |
| CN107908402A (en) * | 2017-08-15 | 2018-04-13 | 口碑(上海)信息技术有限公司 | The hot restorative procedure of Java server-sides and system |
| CN108089870A (en) * | 2016-11-21 | 2018-05-29 | 百度在线网络技术(北京)有限公司 | For repairing the method and apparatus of application |
| US20180336356A1 (en) * | 2015-03-12 | 2018-11-22 | Whitehat Security, Inc. | Auto-remediation workflow for computer security testing utilizing pre-existing security controls |
-
2020
- 2020-04-21 CN CN202010315449.2A patent/CN111506904B/en active Active
Patent Citations (8)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20110302566A1 (en) * | 2010-06-03 | 2011-12-08 | International Business Machines Corporation | Fixing security vulnerability in a source code |
| US20120317647A1 (en) * | 2011-05-26 | 2012-12-13 | Carnegie Mellon University | Automated Exploit Generation |
| CN104965777A (en) * | 2015-02-04 | 2015-10-07 | 腾讯科技(深圳)有限公司 | Safety test method, apparatus and system |
| US20180336356A1 (en) * | 2015-03-12 | 2018-11-22 | Whitehat Security, Inc. | Auto-remediation workflow for computer security testing utilizing pre-existing security controls |
| CN106446690A (en) * | 2016-09-05 | 2017-02-22 | 北京蓝海讯通科技股份有限公司 | Application vulnerability restoration apparatus, method and system |
| CN108089870A (en) * | 2016-11-21 | 2018-05-29 | 百度在线网络技术(北京)有限公司 | For repairing the method and apparatus of application |
| CN107329781A (en) * | 2017-06-21 | 2017-11-07 | 努比亚技术有限公司 | The hot restorative procedure of software, terminal, system and computer-readable recording medium |
| CN107908402A (en) * | 2017-08-15 | 2018-04-13 | 口碑(上海)信息技术有限公司 | The hot restorative procedure of Java server-sides and system |
Cited By (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN112199110A (en) * | 2020-10-16 | 2021-01-08 | 上海睿成软件有限公司 | Restart-free operation and maintenance upgrading method, system, device and medium |
| CN112199110B (en) * | 2020-10-16 | 2022-05-31 | 上海睿成软件有限公司 | Restart-free operation and maintenance upgrading method, system, device and medium |
| CN113467815A (en) * | 2021-06-30 | 2021-10-01 | 平安壹钱包电子商务有限公司 | Application repair method and device for hot update, terminal equipment and storage medium |
Also Published As
| Publication number | Publication date |
|---|---|
| CN111506904B (en) | 2024-01-12 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US10795652B2 (en) | Generating native code from intermediate language code for an application | |
| CN107797820B (en) | Method and device for generating patch | |
| CN110960855B (en) | Communication protocol code updating method and device, electronic equipment and storage medium | |
| CN110851139A (en) | Method and device for checking codes and electronic equipment | |
| CN108089870B (en) | Method and apparatus for repairing applications | |
| CN111506904B (en) | Method and device for online bug repair | |
| CN113407165B (en) | SDK generation and self-upgrade method, device, readable medium and equipment | |
| CN111400068A (en) | Interface control method and device, readable medium and electronic equipment | |
| CN107133169B (en) | Application test packet generation method and generation device | |
| CN112650521A (en) | Software development kit SDK (software development kit) hot repair method and device and electronic equipment | |
| US9075679B1 (en) | Creating a prerequisite checklist corresponding to a software application | |
| CN110908882A (en) | Performance analysis method and device of application program, terminal equipment and medium | |
| CN111796865B (en) | Byte code file modification method, device, terminal equipment and medium | |
| CN113656050B (en) | Method and apparatus for generating version number | |
| CN112882921B (en) | Fault simulation method and device | |
| CN111797009A (en) | Method and device for detecting code compatibility and electronic equipment | |
| CN111859403A (en) | Method and device for determining dependency vulnerability, electronic equipment and storage medium | |
| CN111309323A (en) | Parameter initialization method and device and electronic equipment | |
| CN111562913B (en) | Method, device and equipment for pre-creating view component and computer readable medium | |
| CN116263824A (en) | Resource access method and device, storage medium and electronic equipment | |
| CN114168485A (en) | Test method, device, equipment and medium | |
| CN113778851A (en) | Method, apparatus, system, server and medium for stress testing | |
| CN117669511A (en) | Code coverage rate report display method, information processing method, device and equipment | |
| CN114327475A (en) | Function duplicate name checking method, device, equipment, readable storage medium and product | |
| CN116594630A (en) | File generation method, device, medium and electronic equipment |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |