WO2023151436A1 - Sql statement risk detection - Google Patents

Sql statement risk detection Download PDF

Info

Publication number
WO2023151436A1
WO2023151436A1 PCT/CN2023/071226 CN2023071226W WO2023151436A1 WO 2023151436 A1 WO2023151436 A1 WO 2023151436A1 CN 2023071226 W CN2023071226 W CN 2023071226W WO 2023151436 A1 WO2023151436 A1 WO 2023151436A1
Authority
WO
WIPO (PCT)
Prior art keywords
sql statement
binary file
function
statement
call
Prior art date
Application number
PCT/CN2023/071226
Other languages
French (fr)
Chinese (zh)
Inventor
钟泽鑫
狄鹏
刘向阳
刘江潮
Original Assignee
支付宝(杭州)信息技术有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 支付宝(杭州)信息技术有限公司 filed Critical 支付宝(杭州)信息技术有限公司
Publication of WO2023151436A1 publication Critical patent/WO2023151436A1/en

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F16/00Information retrieval; Database structures therefor; File system structures therefor
    • G06F16/20Information retrieval; Database structures therefor; File system structures therefor of structured data, e.g. relational data
    • G06F16/22Indexing; Data structures therefor; Storage structures
    • G06F16/2282Tablespace storage structures; Management thereof
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F16/00Information retrieval; Database structures therefor; File system structures therefor
    • G06F16/20Information retrieval; Database structures therefor; File system structures therefor of structured data, e.g. relational data
    • G06F16/24Querying
    • G06F16/242Query formulation
    • G06F16/2433Query languages
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/55Detecting local intrusion or implementing counter-measures
    • G06F21/554Detecting local intrusion or implementing counter-measures involving event detection and direct action

Definitions

  • the present application relates to the field of computer technology, in particular to risk detection of SQL statements.
  • SQL Structured Query Language
  • This language is interactive and can provide users with great convenience.
  • improving the security of using SQL is a very important issue. In view of this, a more effective and efficient SQL statement risk detection scheme is needed.
  • the embodiment of this specification provides a SQL statement risk detection method, device, equipment and medium to solve the technical problem of how to perform SQL statement risk detection more effectively and efficiently.
  • the embodiment of this specification provides a SQL statement risk detection method, including: obtaining the binary file corresponding to the target object, and judging whether the binary file contains a call to a preset operation; wherein, the preset operation is to delete a data table or delete The operation of the data in the data table; if the binary file contains a call to the preset operation, it is judged whether there is a conditional constraint statement in the SQL statement used to execute the preset operation; if the SQL statement used to execute the preset operation If there is no conditional constraint statement in the SQL statement, it is determined that the SQL statement has risks.
  • the embodiment of this specification provides a SQL statement risk detection device, including: a call analysis module, which is used to obtain the binary file corresponding to the target object, and judge whether the binary file contains a call to a preset operation; wherein, the preset operation It is the operation of deleting the data table or deleting the data in the data table; the constraint analysis module is used to determine whether the SQL statement used to execute the preset operation has a conditional constraint if the binary file contains a call to the preset operation A statement; a risk analysis module, configured to determine that the SQL statement is risky if there is no conditional constraint statement in the SQL statement used to execute the preset operation.
  • the embodiment of this specification provides a SQL statement risk detection device, including: at least one processor; and a memory connected to the at least one processor in communication; wherein, the memory stores information that can be executed by the at least one processor An instruction, the instruction is executed by the at least one processor, so that the at least one processor can execute the above SQL statement risk detection method.
  • An embodiment of the present specification provides a computer-readable storage medium, the computer-readable storage medium stores computer-executable instructions, and when the computer-executable instructions are executed by a processor, the above SQL statement risk detection method is implemented.
  • the above-mentioned technical solution can detect the risk of the SQL statement through static analysis without running the program and the SQL statement, thereby improving the risk of the SQL statement Test effectiveness and efficiency.
  • the above technical solution can detect whether there is a risk of deleting the data table or deleting data in the data table (especially deleting all data in the data table) in the SQL statement, and further improves the effect of risk detection.
  • FIG. 1 is a schematic diagram of an execution subject of the SQL statement risk detection method in the first embodiment of the present specification.
  • Fig. 2 is a schematic flowchart of the SQL statement risk detection method in the first embodiment of the present specification.
  • Fig. 3 is a schematic diagram of an intermediate representation in the first embodiment of the present specification.
  • Fig. 4 is a schematic diagram of a function call graph in the first embodiment of this specification.
  • Fig. 5 is a schematic diagram of a data flow diagram in the first embodiment of this specification.
  • Fig. 6 is a schematic structural diagram of the SQL statement risk detection device in the second embodiment of the present specification.
  • SQL Structured Query Language
  • This language is interactive and can provide users with great convenience.
  • Microservice architectures usually support service registration as well as RPC (remote call).
  • RPC remote call
  • a single microservice application can register services in the registry and allow other microservice applications to trigger corresponding operations through RPC using its externally exposed interfaces. This makes the invocation of SQL statements not only triggered in the application, but also triggered by external applications at any time through the RPC interface exposed by the application. It can be seen that due to the externally exposed interfaces in the microservice system, the invocation of SQL statements becomes uncontrollable, and the risks of SQL statements may be exposed to the client along with the externally exposed interfaces.
  • some SQL statements have the function of deleting data tables or data in data tables in the database. Once this SQL statement is improperly called, the data table or some or all of the data in the data table may be deleted, and the database will not be able to respond to the data query request for the data table, seriously affecting the security and integrity of the data stored in the database. It will also pose a serious threat to the stability and reliability of the application associated with the data table.
  • SQL statements are usually limited to detection of common problems such as the syntax of SQL statements and SQL implantation, and cannot detect the data table data deletion function of SQL statements.
  • the first embodiment of this specification provides a SQL statement risk detection method.
  • the execution subject of Embodiment 1 can be a terminal (including but not limited to mobile phones, computers, pads, TVs) or servers Or an operating system or an application program or a SQL statement risk detection platform or a SQL statement risk detection system, etc., that is, the execution subject can be varied, and the execution subject can be set, used or changed as required.
  • the SQL statement risk detection method in Embodiment 1 can be executed by the server, and the corresponding application program (with the server) can be installed on the terminal (held by the user), terminal or application Data transmission can be performed between the program and the server, and data collection or input or output or (to the user) page or information processing can be performed through the terminal or application program, thereby assisting the server to execute the SQL statement risk detection method in Embodiment 1.
  • the SQL statement risk detection method provided by Embodiment 1 includes: S01: (execution subject) obtain the binary file corresponding to the target object, and judge whether the binary file contains a call to a preset operation; wherein, the The preset operation is an operation of deleting a data table or deleting data in the data table; in the first embodiment, the target object may be various applications (including but not limited to applets and microservice applications).
  • the execution subject of Embodiment 1 can obtain the binary file corresponding to the target object in a suitable manner.
  • the user can import the binary file corresponding to the target object into the execution subject of Embodiment 1, or the execution subject of Embodiment 1 can obtain the binary file corresponding to the target object from itself or other subjects according to user operations, or the user can pass other subjects Send the binary file corresponding to the target object to the execution subject of Embodiment 1.
  • the binary file is a file that can be executed by a computer to provide the function of the target object.
  • the binary file may be a source code or an installation package or a jar package or the like.
  • the execution subject in Embodiment 1 can determine whether the binary file contains a call to a preset operation.
  • the preset operation may be an operation of deleting a data table or deleting data in a data table.
  • the data table is a common form of data storage and a basic element of a database, and the definition of the data table can refer to the prior art.
  • judging whether the binary file includes a call to a preset operation may include: S011: judging whether the binary file includes a call to a target SQL statement; wherein, the target SQL statement is used to execute the preset operation. Set the SQL statement of operation; The execution of embodiment one can judge whether described binary file comprises the calling of target SQL statement, promptly judge whether described binary file can call target SQL statement, and described target SQL statement is used to execute described SQL statements for preset operations.
  • Embodiment 1 it is not necessary to run the binary file to determine whether the binary file contains a call to the target SQL statement, but to use a static analysis method to determine whether the binary file contains a call to the target SQL statement.
  • judging whether the binary file contains a call to the target SQL statement may include: S0111: judging whether the function in the binary file has called the target SQL statement; Whether the function of the function has called the target SQL statement may include: for any function in the binary file, determine the SQL call ID (that is, the ID of the SQL statement called) corresponding to the function; locate the SQL call ID corresponding to the The SQL statement, according to whether the SQL statement corresponding to the SQL call ID is a target SQL statement, determines whether the function in the binary file calls the target SQL statement. That is, for any function in the binary file, if the SQL statement corresponding to the "SQL call ID corresponding to the function" is the target SQL statement, it is determined that the function calls the target SQL statement.
  • judging whether the function in the binary file has called the target SQL statement may include : (execution subject of embodiment one) establishes database calling model, and described database calling model is used for characterizing the calling relation of the function in described binary file to SQL statement, namely the database calling situation existing in target object; According to described database The calling model judges whether the function in the binary file calls the target SQL statement (or judges the SQL calling ID corresponding to the function).
  • setting up the database call model may include: scanning all orm framework (such as ibatis, mybatis) related xml files in the binary file, and performing table field modeling on all SQL contained in the xml file, In order to establish a database call model.
  • the database call model includes one or more of the following: the type of the SQL statement called in the binary file; the SQL call ID of the SQL statement called in the binary file; Database table information corresponding to the SQL statement; database field information corresponding to the SQL statement called in the binary file; program variable field information corresponding to the SQL statement called in the binary file.
  • Embodiment 1 may pre-create an intermediate representation of the binary file, as shown in FIG. 3 for example.
  • the intermediate representation graph is the intermediate representation between the source code of the application program and the target code (that is, the intermediary of translation). Through the intermediate representation graph, the knowledge/information in the application program (that is, the target object) and other related program behaviors and information can be integrated
  • the corresponding algorithm is represented in the form of a graph (that is, nodes and edges) to facilitate abstraction and understanding of program behavior, and to perform efficient specified analysis and operations directly on the graph in sequence.
  • the database call model can be established by means of an intermediate representation graph and static program analysis.
  • judging whether the function in the binary file has called the target SQL statement may also include: (execution subject of Embodiment 1) setting up the calling relationship between functions in the binary file (that is, the mutual calling relationship between each function); For any function in the binary file, determine the subordinate function of the function according to the calling relationship between the functions; wherein, the subordinate function of the function is the function called by the function; if the subordinate function of the function calls the target SQL statement, it is judged that the function calls the target SQL statement. That is to say, for any function in the binary file, since the function will call its subordinate function, and if the subordinate function of the function calls the target SQL statement, it is equivalent to that the function indirectly calls the target SQL statement.
  • establishing the inter-function call relationship in the binary file may include: establishing an intermediate representation of the binary file (as described above); based on the intermediate representation, combining a static program analysis algorithm to establish the binary Call relationship between functions in the file.
  • the execution subject of Embodiment 1 can establish a function call graph (call graph, such as shown in Figure 4) based on the intermediate representation graph.
  • the node "function" in Figure 4 represents a function, and the edges between nodes represent call relationships or control dependencies. Relationship), through the function call graph, it is convenient to determine the context call relationship between functions in interprocedural analysis, that is, the call relationship between functions, so as to obtain more accurate inter-function call analysis results.
  • the intermediate representation graph can be divided into linear IR (Intermediate representation), graph IR and hybrid IR according to its structure, and an appropriate intermediate representation graph can be selected in Embodiment 1.
  • the binary file includes a call to the target SQL statement; or, if there is no function in the binary file that calls the target SQL statement, then it is judged that the binary file does not Contains a call to the target SQL statement.
  • S013 Determine whether the binary file includes a call to a preset operation according to whether the binary file includes a call to a target SQL statement.
  • the binary file includes a call to the target SQL statement, it is judged that the binary file includes a call to a preset operation; or, if the binary file does not include a call to the target SQL statement, then it is judged that the binary file does not Contains calls to preset actions.
  • the relationship between SQL statements can be determined through the database call model, and then it can be determined whether any target SQL statement has a conditional constraint statement.
  • the execution subject in Embodiment 1 judges that the target SQL statement does not have a conditional constraint statement, then the execution subject in Embodiment 1 judges that the target SQL statement has a risk. That is, if the target SQL statement does not have a conditional constraint statement, the target SQL statement may be invoked by (the target object or other application program) without constraints, thereby performing preset operations (including deleting data tables or part or all of the data in the data tables) operation), that is, the risk of the target SQL statement is the call risk.
  • target SQL statement is an SQL statement used to execute the "delete data table operation"
  • the target SQL statement is called without constraints, which can cause the data table to be deleted;
  • the target SQL statement is used to execute the "delete data table "Operation of data in” SQL statement, the target SQL statement is invoked without constraints, which can cause the data in the data table (including all data in the data table) to be deleted.
  • Embodiment 1 determines whether the conditional constraint statement of the target SQL statement is always true. If it is judged that the conditional constraint statement of the target SQL statement is always true, it means that the target SQL statement can still be called without constraints, thus generating the above-mentioned risks of unconstrained calls.
  • judging whether the conditional constraint statement of the target SQL statement has an ever-true situation may include: establishing a data flow relationship in the binary file, and judging whether the conditional constraint statement of the target SQL statement is There is an everlasting case.
  • judging whether the conditional constraint statement of the target SQL statement is always true according to the data flow relationship may include: determining the database field corresponding to "the conditional constraint statement of the target SQL statement" according to the data flow relationship (in According to the data transfer information in the binary file), the possible assignment information of the database field is judged according to the data transfer information; according to the assignment information, it is judged whether the database field corresponding to "the conditional constraint statement of the target SQL statement" exists permanent True assignment; according to whether the database field corresponding to the "conditional constraint statement of the target SQL statement" has a permanent true value, determine whether the conditional constraint statement of the target SQL statement has a permanent true condition.
  • conditional constraint statement of the target SQL statement it is judged that there is an ever-true condition in the conditional constraint statement of the target SQL statement; or, if there is no ever-true assignment in the conditional constraint statement of the target SQL statement, then It is judged that the conditional constraint statement of the target SQL statement does not have an ever-true condition.
  • establishing the data flow relationship in the binary file may include: establishing an intermediate representation of the binary file (as described above); establishing a call relationship between functions in the binary file based on the intermediate representation (that is, a function call graph); establishing a data flow relationship in the binary file based on the calling relationship between the functions.
  • the execution subject of Embodiment 1 generates a data flow graph based on the function call graph (as shown in FIG. 5 , which shows the transmission process of database field x), and the data flow graph includes fields, nodes, and data between description fields.
  • the edges of the transfer relationship that is, the data dependency relationship
  • the constraints of the database fields can be determined through the data flow diagram.
  • the database call model can be used to supplement the db call node related to the database operation on the function call graph, and the data flow related to the db operation on the database call model data flow conversion graph can also be used at the same time.
  • the target SQL statement is called by the function (including indirect calls), it can be judged whether the target SQL statement called by the target has a conditional constraint statement; if the target SQL statement called by the target If there is no conditional constraint statement, the target SQL statement called by the target has the above risks; if there is a conditional constraint statement in the target SQL statement called by the target, then it is judged true; if the conditional constraint statement of the target SQL statement called by the target is always true, then the target SQL statement called by the target has the above risk; or, if the conditional constraint statement of the target SQL statement called by the target is not If there is an ever-true condition, the target SQL statement invoked by the target does not have the above-mentioned risks.
  • the execution subject of Embodiment 1 can locate and highlight the target SQL statement, and can locate and highlight the function that calls the target SQL statement .
  • the binary file can be analyzed through static program analysis means such as syntax analysis, function call modeling, field data flow, etc., to determine the target SQL statement without actually running the application program or the target object or the SQL statement. Whether there is a conditional constraint statement and whether the conditional constraint statement may be true forever, so as to accurately detect the risks of SQL statements, improve the effect and efficiency of SQL statement risk detection, and ensure the security, integrity and goals of data stored in the database Object reliability and stability. Based on this, the "invocation" mentioned in all the above content means that it can be invoked, but not actually invoked, that is, it does not need to actually run the application program or target object or SQL statement.
  • static program analysis means such as syntax analysis, function call modeling, field data flow, etc.
  • Embodiment 1 creatively proposes to detect whether there is a risk of deleting the data table or deleting data in the data table (especially deleting all data in the data table) in the SQL statement, so as to further improve the effect and pertinence of risk detection.
  • the SQL language and the language in the binary file are different languages.
  • the database calling model can be based on the programming language analysis and program (or Java) related data calling and data flow. , and can analyze the field flow information related to SQL based on the SQL language, and then use the database call model to establish a data flow diagram. Analyze the flow and assignment of database fields in binary files and SQL.
  • the execution subject of Embodiment 1 may be a blockchain node, and the intermediate representation graph, function call modeling, function call graph, and data flow graph established in Embodiment 1 can be stored in the embodiment after being consensused by the blockchain.
  • each block chain node of the execution subject it is prevented from being tampered with in the risk detection process applied to the SQL statement, and the reliability of the risk detection result is improved.
  • the second embodiment of this specification provides a SQL statement risk detection device corresponding to the SQL statement risk detection method described in Embodiment 1, including: calling the analysis module 202 to obtain the binary data corresponding to the target object file, judging whether the binary file contains a call to a preset operation; wherein, the preset operation is an operation of deleting a data table or deleting data in a data table; the constraint analysis module 204 is used to determine if the binary file contains To the call of the preset operation, it is judged whether there is a conditional constraint statement in the SQL statement for performing the preset operation; the risk analysis module 206 is used for if there is no conditional constraint statement in the SQL statement for performing the preset operation , it is judged that the SQL statement is risky.
  • the constraint analysis module 204 is configured to determine whether the conditional constraint statement is always true if there is a conditional constraint statement in the SQL statement used to execute the preset operation; the risk analysis module 206, It is used for judging that the SQL statement is risky if the conditional constraint statement is always true.
  • judging whether the binary file contains a call to a preset operation includes: judging whether the binary file contains a call to a target SQL statement; wherein, the target SQL statement is SQL for executing a preset operation statement; according to whether the binary file contains a call to a target SQL statement, determine whether the binary file contains a call to a preset operation.
  • judging whether the binary file contains a call to the target SQL statement includes: judging whether the function in the binary file calls the target SQL statement; according to whether the function in the binary file calls the target SQL statement, It is judged whether the binary file contains a call to the target SQL statement.
  • judging whether the function in the binary file invokes the target SQL statement includes: for any function in the binary file, determining the SQL call ID corresponding to the function; calling the SQL corresponding to the ID according to the SQL Whether the statement is a target SQL statement, and determine whether the function in the binary file invokes the target SQL statement.
  • judging whether the function in the binary file calls the target SQL statement includes: establishing a database call model corresponding to the binary file, and the database call model is used to characterize the SQL statement of the function in the binary file The call relationship; according to the database call model, it is judged whether the function in the binary file calls the target SQL statement.
  • the database call model includes one or more of the following: the type of the SQL statement called in the binary file; the SQL call ID of the SQL statement called in the binary file; database table information corresponding to the SQL statement called in the binary file; database field information corresponding to the SQL statement called in the binary file; program variable field information corresponding to the SQL statement called in the binary file.
  • judging whether the function in the binary file calls the target SQL statement also includes: establishing a call relationship between functions in the binary file; for any function in the binary file, according to the The calling relation determines the subordinate function of the function; wherein, the subordinate function of the function is the function called by the function; if the subordinate function of the function calls the target SQL statement, it is determined that the function calls the target SQL statement.
  • establishing the inter-function calling relationship in the binary file includes: establishing an intermediate representation graph of the binary file; and establishing the inter-function calling relationship in the binary file based on the intermediate representation graph.
  • judging whether the conditional constraint statement is always true includes: establishing a data flow relationship in the binary file, and judging whether the conditional constraint statement is always true according to the data flow relationship.
  • judging whether the conditional constraint statement is always true according to the data flow relationship includes: determining the data flow information of the database field corresponding to the conditional constraint statement according to the data flow relationship; Judging the possible assignment information of the database field based on the transfer information; judging whether there is a permanent assignment in the database field according to the assignment information; judging whether there is a permanent assignment in the conditional constraint statement according to whether there is a permanent assignment in the database field The real situation.
  • establishing the data flow relationship in the binary file includes: establishing an intermediate representation graph of the binary file; establishing a calling relationship between functions in the binary file based on the intermediate representation graph; The calling relationship establishes the data flow relationship in the binary file.
  • the risk in the SQL statement is an invocation risk.
  • the risk analysis module 206 is configured to locate and highlight the risky SQL statement if it is judged that the SQL statement is risky.
  • the third embodiment of this specification provides a SQL statement risk detection device, including: at least one processor; and a memory connected to the at least one processor in communication; wherein, the memory stores information that can be used by the at least one Instructions executed by the processor, the instructions are executed by the at least one processor, enabling the at least one processor to execute the SQL statement risk detection method described in Embodiment 1.
  • the fourth embodiment of this specification provides a computer-readable storage medium, the computer-readable storage medium stores computer-executable instructions, and when the computer-executable instructions are executed by a processor, the SQL statement described in the first embodiment is implemented risk detection method.
  • each embodiment in this specification is described in a progressive manner, the same and similar parts of each embodiment can be referred to each other, and each embodiment focuses on the differences from other embodiments.
  • the description is relatively simple, and for relevant parts, please refer to part of the description of the method embodiments.
  • the device, device, and non-volatile computer-readable storage medium provided in the embodiments of this specification correspond to the method, therefore, the device, device, and non-volatile computer-readable storage medium also have beneficial technical effects similar to those of the corresponding method, because The beneficial technical effects of the method have been described in detail above, therefore, the beneficial technical effects of the corresponding devices, equipment, and non-volatile computer storage media will not be repeated here.
  • a Programmable Logic Device such as a Field Programmable Gate Array (FPGA)
  • FPGA Field Programmable Gate Array
  • HDL Hardware Description Language
  • the controller may be implemented in any suitable way, for example the controller may take the form of a microprocessor or processor and a computer readable medium storing computer readable program code (such as software or firmware) executable by the (micro)processor , logic gates, switches, application specific integrated circuits (Application Specific Integrated Circuit, ASIC), programmable logic controllers and embedded microcontrollers, examples of controllers include but are not limited to the following microcontrollers: ARC 625D, Atmel AT91SAM, Microchip PIC18F26K20 and Silicone Labs C8051F320, the memory controller can also be implemented as part of the control logic of the memory.
  • controller in addition to realizing the controller in a purely computer-readable program code mode, it is entirely possible to make the controller use logic gates, switches, application-specific integrated circuits, programmable logic controllers, and embedded The same function can be realized in the form of a microcontroller or the like. Therefore, such a controller can be regarded as a hardware component, and the devices included in it for realizing various functions can also be regarded as structures within the hardware component. Or even, means for realizing various functions can be regarded as a structure within both a software module realizing a method and a hardware component.
  • a typical implementing device is a computer.
  • the computer may be, for example, a personal computer, a laptop computer, a cellular phone, a camera phone, a smart phone, a personal digital assistant, a media player, a navigation device, an email device, a game console, a tablet computer, a wearable device, or Combinations of any of these devices.
  • embodiments of this specification may be provided as methods, systems, or computer program products. Accordingly, the embodiments of the present description may take the form of an entirely hardware embodiment, an entirely software embodiment, or an embodiment combining software and hardware aspects. Furthermore, embodiments of the present description may take the form of a computer program product embodied on one or more computer-usable storage media (including but not limited to disk storage, CD-ROM, optical storage, etc.) having computer-usable program code embodied therein.
  • computer-usable storage media including but not limited to disk storage, CD-ROM, optical storage, etc.
  • These computer program instructions may also be stored in a computer-readable memory capable of directing a computer or other programmable data processing apparatus to operate in a specific manner, such that the instructions stored in the computer-readable memory produce an article of manufacture comprising instruction means, the instructions
  • the device realizes the function specified in one or more procedures of the flowchart and/or one or more blocks of the block diagram.
  • a computing device includes one or more processors (CPUs), input/output interfaces, network interfaces, and memory.
  • processors CPUs
  • input/output interfaces network interfaces
  • memory volatile and non-volatile memory
  • Memory may include non-permanent storage in computer readable media, in the form of random access memory (RAM) and/or nonvolatile memory such as read-only memory (ROM) or flash RAM. Memory is an example of computer readable media.
  • RAM random access memory
  • ROM read-only memory
  • flash RAM flash random access memory
  • Computer-readable media including both permanent and non-permanent, removable and non-removable media, can be implemented by any method or technology for storage of information.
  • Information may be computer readable instructions, data structures, modules of a program, or other data.
  • Examples of computer storage media include, but are not limited to, phase change memory (PRAM), static random access memory (SRAM), dynamic random access memory (DRAM), other types of random access memory (RAM), read only memory (ROM), Electrically Erasable Programmable Read-Only Memory (EEPROM), Flash memory or other memory technology, Compact Disc Read-Only Memory (CD-ROM), Digital Versatile Disc (DVD) or other optical storage,
  • PRAM phase change memory
  • SRAM static random access memory
  • DRAM dynamic random access memory
  • RAM random access memory
  • ROM read only memory
  • EEPROM Electrically Erasable Programmable Read-Only Memory
  • Flash memory or other memory technology
  • CD-ROM Compact Disc Read-Only Memory
  • DVD Digital Versatile Disc
  • program modules include routines, programs, objects, components, data structures, etc. that perform particular tasks or implement particular abstract data types.
  • the present description may also be practiced in distributed computing environments where tasks are performed by remote processing devices that are linked through a communications network.
  • program modules may be located in both local and remote computer storage media including storage devices.

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • Software Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Data Mining & Analysis (AREA)
  • Databases & Information Systems (AREA)
  • Computer Security & Cryptography (AREA)
  • Computational Linguistics (AREA)
  • Mathematical Physics (AREA)
  • Computer Hardware Design (AREA)
  • Information Retrieval, Db Structures And Fs Structures Therefor (AREA)

Abstract

An SQL statement risk detection method, apparatus, and device, and a medium. The method comprises: obtaining a binary file corresponding to a target object, and determining whether the binary file comprises a call for a preset operation, wherein the preset operation is an operation of deleting a data table or deleting data in the data table (S101); if the binary file comprises a call for the preset operation, determining whether there is a conditional constraint statement in an SQL statement used for executing the preset operation (S103); and if there is no conditional constraint statement in the SQL statement used for executing the preset operation, determining that the SQL statement has a risk (S105).

Description

SQL语句风险检测SQL statement risk detection 技术领域technical field
本申请涉及计算机技术领域,尤其涉及SQL语句风险检测。The present application relates to the field of computer technology, in particular to risk detection of SQL statements.
背景技术Background technique
SQL(Structured Query Language)是具有数据操纵和数据定义等多种功能的数据库语言,这种语言具有交互性特点,能为用户提供极大的便利。同时,提高SQL的使用安全性是非常重要的课题。有鉴于此,需要更有效和更高效的SQL语句风险检测方案。SQL (Structured Query Language) is a database language with multiple functions such as data manipulation and data definition. This language is interactive and can provide users with great convenience. At the same time, improving the security of using SQL is a very important issue. In view of this, a more effective and efficient SQL statement risk detection scheme is needed.
发明内容Contents of the invention
本说明书实施例提供一种SQL语句风险检测方法、装置、设备及介质,用以解决如何更有效和更高效地进行SQL语句风险检测的技术问题。The embodiment of this specification provides a SQL statement risk detection method, device, equipment and medium to solve the technical problem of how to perform SQL statement risk detection more effectively and efficiently.
为解决上述技术问题,本说明书实施例提供如下技术方案。本说明书实施例提供一种SQL语句风险检测方法,包括:获取目标对象对应的二进制文件,判断所述二进制文件是否包含对预设操作的调用;其中,所述预设操作是删除数据表或删除数据表中的数据的操作;若所述二进制文件包含对预设操作的调用,则判断用于执行所述预设操作的SQL语句是否存在条件约束语句;若用于执行所述预设操作的SQL语句不存在条件约束语句,则判断所述SQL语句存在风险。In order to solve the above technical problems, the embodiments of this specification provide the following technical solutions. The embodiment of this specification provides a SQL statement risk detection method, including: obtaining the binary file corresponding to the target object, and judging whether the binary file contains a call to a preset operation; wherein, the preset operation is to delete a data table or delete The operation of the data in the data table; if the binary file contains a call to the preset operation, it is judged whether there is a conditional constraint statement in the SQL statement used to execute the preset operation; if the SQL statement used to execute the preset operation If there is no conditional constraint statement in the SQL statement, it is determined that the SQL statement has risks.
本说明书实施例提供一种SQL语句风险检测装置,包括:调用分析模块,用于获取目标对象对应的二进制文件,判断所述二进制文件是否包含对预设操作的调用;其中,所述预设操作是删除数据表或删除数据表中的数据的操作;约束分析模块,用于若所述二进制文件包含对预设操作的调用,则判断用于执行所述预设操作的SQL语句是否存在条件约束语句;风险分析模块,用于若用于执行所述预设操作的SQL语句不存在条件约束语句,则判断所述SQL语句存在风险。The embodiment of this specification provides a SQL statement risk detection device, including: a call analysis module, which is used to obtain the binary file corresponding to the target object, and judge whether the binary file contains a call to a preset operation; wherein, the preset operation It is the operation of deleting the data table or deleting the data in the data table; the constraint analysis module is used to determine whether the SQL statement used to execute the preset operation has a conditional constraint if the binary file contains a call to the preset operation A statement; a risk analysis module, configured to determine that the SQL statement is risky if there is no conditional constraint statement in the SQL statement used to execute the preset operation.
本说明书实施例提供一种SQL语句风险检测设备,包括:至少一个处理器;以及,与所述至少一个处理器通信连接的存储器;其中,所述存储器存储有可被所述至少一个处理器执行的指令,所述指令被所述至少一个处理器执行,使所述至少一个处理器能够执行上述的SQL语句风险检测方法。The embodiment of this specification provides a SQL statement risk detection device, including: at least one processor; and a memory connected to the at least one processor in communication; wherein, the memory stores information that can be executed by the at least one processor An instruction, the instruction is executed by the at least one processor, so that the at least one processor can execute the above SQL statement risk detection method.
本说明书实施例提供一种计算机可读存储介质,所述计算机可读存储介质存储有计算机可执行指令,所述计算机可执行指令被处理器执行时实现上述的SQL语句风险检测方法。An embodiment of the present specification provides a computer-readable storage medium, the computer-readable storage medium stores computer-executable instructions, and when the computer-executable instructions are executed by a processor, the above SQL statement risk detection method is implemented.
本说明书实施例采用的上述至少一个技术方案能够达到以下有益效果:上述技术方案能够在不运行程序及SQL语句的情况下,通过静态分析的方式检测出SQL语句存在的风险,从而提高SQL语句风险检测效果和效率。特别的,上述技术方案能够针对SQL语句是否存在删除数据表或删除数据表中数据(特别是删除数据表中全部数据)的风险进行检测,进一步提高风险检测效果。The above-mentioned at least one technical solution adopted in the embodiment of this specification can achieve the following beneficial effects: the above-mentioned technical solution can detect the risk of the SQL statement through static analysis without running the program and the SQL statement, thereby improving the risk of the SQL statement Test effectiveness and efficiency. In particular, the above technical solution can detect whether there is a risk of deleting the data table or deleting data in the data table (especially deleting all data in the data table) in the SQL statement, and further improves the effect of risk detection.
附图说明Description of drawings
图1是本说明书第一个实施例中的SQL语句风险检测方法的执行主体示意图。FIG. 1 is a schematic diagram of an execution subject of the SQL statement risk detection method in the first embodiment of the present specification.
图2是本说明书第一个实施例中的SQL语句风险检测方法的流程示意图。Fig. 2 is a schematic flowchart of the SQL statement risk detection method in the first embodiment of the present specification.
图3是本说明书第一个实施例中的中间表示图示意图。Fig. 3 is a schematic diagram of an intermediate representation in the first embodiment of the present specification.
图4是本说明书第一个实施例中的函数调用图示意图。Fig. 4 is a schematic diagram of a function call graph in the first embodiment of this specification.
图5是本说明书第一个实施例中的数据流转图示意图。Fig. 5 is a schematic diagram of a data flow diagram in the first embodiment of this specification.
图6是本说明书第二个实施例中的SQL语句风险检测装置的结构示意图。Fig. 6 is a schematic structural diagram of the SQL statement risk detection device in the second embodiment of the present specification.
具体实施方式Detailed ways
为了使本技术领域的人员更好地理解本说明书中的技术方案,下面将结合本说明书实施例的附图,对本说明书实施例的技术方案清楚、完整地进行描述。显然,本说明书所描述的实施例仅仅是本申请的部分实施例,而不是全部的实施例。基于本说明书实施例,本领域普通技术人员在没有做出创造性劳动前提下所获得的所有其他实施例,都应当属于本申请保护的范围。In order to enable those skilled in the art to better understand the technical solutions in the present specification, the technical solutions in the embodiments of the present specification will be clearly and completely described below in conjunction with the drawings of the embodiments of the present specification. Apparently, the embodiments described in this specification are only some of the embodiments of this application, not all of them. All other embodiments obtained by persons of ordinary skill in the art based on the embodiments in this specification without creative efforts shall fall within the protection scope of the present application.
SQL(Structured Query Language)是具有数据操纵和数据定义等多种功能的数据库语言,这种语言具有交互性特点,能为用户提供极大的便利。SQL (Structured Query Language) is a database language with multiple functions such as data manipulation and data definition. This language is interactive and can provide users with great convenience.
然而,在传统的单一系统应用中,SQL语句的调用仅能通过应用本身在系统内被触发,无法通过外部请求或外部调用触发,因此单一系统应用中SQL语句的调用相对而言是可控的。正因如此,对于SQL语句的风险检测长期被忽略。However, in a traditional single system application, the invocation of SQL statements can only be triggered within the system by the application itself, and cannot be triggered by external requests or external calls, so the invocation of SQL statements in a single system application is relatively controllable . Because of this, the risk detection of SQL statements has been neglected for a long time.
并且,为了满足互联网业务规模、业务复杂性的增长,以及适应系统快速构建、部署的需要,传统的单一系统架构逐渐被微服务架构取代。微服务架构通常支持服务注册以及RPC(远程调用)。单个微服务应用可以在注册中心注册服务,并允许其他微服务应用通过RPC使用其对外暴露的接口触发相应的操作。这就使得,SQL语句的调用不仅可以在本应用中被触发,同时也可以通过本应用对外暴露的RPC接口被外部应用随时触发。可见,由于微服务系统中存在对外暴露的接口,SQL语句的调用变得不可控,SQL语句的风险可能伴随着对外暴露的接口一起暴露给客户端。Moreover, in order to meet the growth of Internet business scale and business complexity, and to meet the needs of rapid system construction and deployment, the traditional single system architecture is gradually replaced by the microservice architecture. Microservice architectures usually support service registration as well as RPC (remote call). A single microservice application can register services in the registry and allow other microservice applications to trigger corresponding operations through RPC using its externally exposed interfaces. This makes the invocation of SQL statements not only triggered in the application, but also triggered by external applications at any time through the RPC interface exposed by the application. It can be seen that due to the externally exposed interfaces in the microservice system, the invocation of SQL statements becomes uncontrollable, and the risks of SQL statements may be exposed to the client along with the externally exposed interfaces.
特别的,有的SQL语句具有删除数据库中的数据表或数据表的数据的功能。这种SQL语句一旦被不当调用,可能导致数据表或数据表中部分或全部数据被删除,数据库将无法响应对数据表的数据查询请求,严重影响数据库中所存储数据的安全性及完整性,也会对数据表所关联应用的稳定性及可靠性造成严重威胁。In particular, some SQL statements have the function of deleting data tables or data in data tables in the database. Once this SQL statement is improperly called, the data table or some or all of the data in the data table may be deleted, and the database will not be able to respond to the data query request for the data table, seriously affecting the security and integrity of the data stored in the database. It will also pose a serious threat to the stability and reliability of the application associated with the data table.
另外,对SQL语句的检测通常限于检测SQL语句的语法及SQL植入等常见问题,并不能对SQL语句的数据表数据删除功能进行检测。In addition, the detection of SQL statements is usually limited to detection of common problems such as the syntax of SQL statements and SQL implantation, and cannot detect the data table data deletion function of SQL statements.
本说明书第一个实施例(以下简称“实施例一”)提供了一种SQL语句风险检测方法,实施例一的执行主体可以是终端(包括但不限于手机、计算机、pad、电视)或者服务器或者操作系统或者应用程序或者SQL语句风险检测平台或者SQL语句风险检测系统等,即执行主体可以是多种多样的,可以根据需要设置、使用或者变换执行主体。另外,也可以有第三方应用程序协助所述执行主体执行实施例一。例如图1所示,可以由服务器来执行实施例一中的SQL语句风险检测方法,并且可以在(用户所持有的)终端上安装(与所述服务器)相对应的应用程序,终端或应用程序与服务器之间可以进行数据传输,通过终端或应用程序来进行数据的采集或输入或输出或(向用户)进行页面或信息处理,从而辅助服务器执行实施例一中的SQL语句风险检测方法。The first embodiment of this specification (hereinafter referred to as "Embodiment 1") provides a SQL statement risk detection method. The execution subject of Embodiment 1 can be a terminal (including but not limited to mobile phones, computers, pads, TVs) or servers Or an operating system or an application program or a SQL statement risk detection platform or a SQL statement risk detection system, etc., that is, the execution subject can be varied, and the execution subject can be set, used or changed as required. In addition, there may also be a third-party application program assisting the execution subject to execute Embodiment 1. For example, as shown in Figure 1, the SQL statement risk detection method in Embodiment 1 can be executed by the server, and the corresponding application program (with the server) can be installed on the terminal (held by the user), terminal or application Data transmission can be performed between the program and the server, and data collection or input or output or (to the user) page or information processing can be performed through the terminal or application program, thereby assisting the server to execute the SQL statement risk detection method in Embodiment 1.
如图2所示,实施例一提供的SQL语句风险检测方法包括:S01:(执行主体)获取目标对象对应的二进制文件,判断所述二进制文件是否包含对预设操作的调用;其中,所述预设操作是删除数据表或删除数据表中的数据的操作;实施例一中,所述目标对象可以是各种各样的应用程序(包括但不限于小程序、微服务应用程序)。As shown in Figure 2, the SQL statement risk detection method provided by Embodiment 1 includes: S01: (execution subject) obtain the binary file corresponding to the target object, and judge whether the binary file contains a call to a preset operation; wherein, the The preset operation is an operation of deleting a data table or deleting data in the data table; in the first embodiment, the target object may be various applications (including but not limited to applets and microservice applications).
实施例一的执行主体可以通过合适的方式获取目标对象对应的二进制文件。其中,用户可以将目标对象对应的二进制文件导入实施例一的执行主体,或者实施例一的执行主体可以根据用户操作从自身或其他主体处获取目标对象对应的二进制文件,或者用户可以通过其他主体将目标对象对应的二进制文件发送给实施例一的执行主体。The execution subject of Embodiment 1 can obtain the binary file corresponding to the target object in a suitable manner. Among them, the user can import the binary file corresponding to the target object into the execution subject of Embodiment 1, or the execution subject of Embodiment 1 can obtain the binary file corresponding to the target object from itself or other subjects according to user operations, or the user can pass other subjects Send the binary file corresponding to the target object to the execution subject of Embodiment 1.
一般来说,所述二进制文件是可被计算机执行,用以提供所述目标对象的功能的文件。其中,所述二进制文件可以是源代码或安装包或jar包等。Generally speaking, the binary file is a file that can be executed by a computer to provide the function of the target object. Wherein, the binary file may be a source code or an installation package or a jar package or the like.
获取目标对象对应的二进制文件后,实施例一的执行主体可以判断所述二进制文件是否包含对预设操作的调用。其中,所述预设操作可以是删除数据表或删除数据表中的数据的操作。After obtaining the binary file corresponding to the target object, the execution subject in Embodiment 1 can determine whether the binary file contains a call to a preset operation. Wherein, the preset operation may be an operation of deleting a data table or deleting data in a data table.
实施例一中,所述数据表是数据存储的常见形式,是构成数据库的基本元素,数据表的定义可以参照现有技术。In the first embodiment, the data table is a common form of data storage and a basic element of a database, and the definition of the data table can refer to the prior art.
实施例一中,判断所述二进制文件是否包含对预设操作的调用,可以包括:S011:判断所述二进制文件是否包含对目标SQL语句的调用;其中,所述目标SQL语句为用于执行预设操作的SQL语句;实施例一的执行可以判断所述二进制文件是否包含对目标SQL语句的调用,即判断所述二进制文件是否能够调用目标SQL语句,所述目标SQL语句为用于执行所述预设操作的SQL语句。In Embodiment 1, judging whether the binary file includes a call to a preset operation may include: S011: judging whether the binary file includes a call to a target SQL statement; wherein, the target SQL statement is used to execute the preset operation. Set the SQL statement of operation; The execution of embodiment one can judge whether described binary file comprises the calling of target SQL statement, promptly judge whether described binary file can call target SQL statement, and described target SQL statement is used to execute described SQL statements for preset operations.
实施例一中,判断所述二进制文件是否包含对目标SQL语句的调用并不需要运行所述二进制文件,而是采用静态分析方式判断所述二进制文件是否包含对目标SQL语句的调用。In Embodiment 1, it is not necessary to run the binary file to determine whether the binary file contains a call to the target SQL statement, but to use a static analysis method to determine whether the binary file contains a call to the target SQL statement.
实施例一中,判断所述二进制文件是否包含对目标SQL语句的调用,可以包括:S0111:判断所述二进制文件中的函数是否调用了目标SQL语句;实施例一中,判断所述二进制文件中的函数是否调用了目标SQL语句,可以包括:对所述二进制文件中的任一函数,确定该函数对应的SQL调用ID(即所调用的SQL语句的ID);定位所述SQL调用ID对应的SQL语句,根据所述SQL调用ID对应的SQL语句是否为目标SQL语句,判断所述二进制文件中的该函数是否调用了目标SQL语句。即对所述二进制文件中的任一函,若“该函数对应的SQL调用ID”对应的SQL语句为目标SQL语句,则判断该函数调用了目标SQL语句。In the first embodiment, judging whether the binary file contains a call to the target SQL statement may include: S0111: judging whether the function in the binary file has called the target SQL statement; Whether the function of the function has called the target SQL statement may include: for any function in the binary file, determine the SQL call ID (that is, the ID of the SQL statement called) corresponding to the function; locate the SQL call ID corresponding to the The SQL statement, according to whether the SQL statement corresponding to the SQL call ID is a target SQL statement, determines whether the function in the binary file calls the target SQL statement. That is, for any function in the binary file, if the SQL statement corresponding to the "SQL call ID corresponding to the function" is the target SQL statement, it is determined that the function calls the target SQL statement.
为了便于判断所述二进制文件中的函数是否调用了目标SQL语句,也为了便于判断函数对应的SQL调用ID,实施例一中,判断所述二进制文件中的函数是否调用了目标SQL语句,可以包括:(实施例一的执行主体)建立数据库调用模型,所述数据库调用模型用于表征所述二进制文件中的函数对SQL语句的调用关系,即目标对象中存在的数据库调用情况;根据所述数据库调用模型判断所述二进制文件中的函数是否调用了目标SQL语句(也可以判断函数对应的SQL调用ID)。For the convenience of judging whether the function in the binary file has called the target SQL statement, and also for the convenience of judging the SQL call ID corresponding to the function, in Embodiment 1, judging whether the function in the binary file has called the target SQL statement may include : (execution subject of embodiment one) establishes database calling model, and described database calling model is used for characterizing the calling relation of the function in described binary file to SQL statement, namely the database calling situation existing in target object; According to described database The calling model judges whether the function in the binary file calls the target SQL statement (or judges the SQL calling ID corresponding to the function).
具体的,建立数据库调用模型可以包括:对所述二进制文件中所有的orm框架(例如ibatis,mybatis)相关的xml文件进行扫描,并对所述xml文件中包含的所有SQL进行表字段建模,从而建立数据库调用模型。所述数据库调用模型包括下列的一项或多项:所述二进制文件中所调用的SQL语句的类型;所述二进制文件中所调用的SQL语句的SQL调用ID;所述二进制文件中所调用的SQL语句对应的数据库表信息;所述二进制文件中所调用的SQL语句对应的数据库字段信息;所述二进制文件中所调用的SQL语句对应的程序变量字段信息。Specifically, setting up the database call model may include: scanning all orm framework (such as ibatis, mybatis) related xml files in the binary file, and performing table field modeling on all SQL contained in the xml file, In order to establish a database call model. The database call model includes one or more of the following: the type of the SQL statement called in the binary file; the SQL call ID of the SQL statement called in the binary file; Database table information corresponding to the SQL statement; database field information corresponding to the SQL statement called in the binary file; program variable field information corresponding to the SQL statement called in the binary file.
通过建立数据库调用模型,可以建立所述二进制文件中“对SQL语句的调用”与SQL语句之间的关联,也就建立了所述二进制文件中的函数对SQL语句的调用关系,以及SQL中数据库字段和程序中的数据变量、字段之间的关联关系。例如,对于“getSqlMapClientTemplate().queryForObject("MS-LOAD-USER-DETAILS",param)”来说,通过数据库调用模型,识别出loadUserDetail函数调用了“MS-LOAD-USER-DETAILS”绑定的SQL语句,并且还可以确定SQL语句中传入的变量id,name,email这三个字段来源于loadUserDetail中的局部变量param,SQL语句查询的结果将返回给符合条件的phone字段和address字段信息,并将信息封装在User类型的对象中返回给应用程序(即目标对象)。也就是说,通过数据库调用模型,可以获得函数对SQL语句的调用关系,即确定函数调用了什么SQL语句,也可以确定函数对应的SQL调用ID,进而判断函数是否调用了目标SQL语句。By establishing a database call model, the association between the "call to SQL statement" and the SQL statement in the binary file can be established, and the call relationship between the function in the binary file and the SQL statement, and the database in the SQL Fields and data variables in the program, the association between fields. For example, for "getSqlMapClientTemplate().queryForObject("MS-LOAD-USER-DETAILS", param)", through the database call model, it is recognized that the loadUserDetail function calls the SQL bound to "MS-LOAD-USER-DETAILS" statement, and it can also be determined that the variables id, name, and email passed in the SQL statement are derived from the local variable param in loadUserDetail, and the query result of the SQL statement will be returned to the qualified phone field and address field information, and Encapsulate the information in an object of the User type and return it to the application program (ie, the target object). That is to say, through the database call model, you can obtain the call relationship between the function and the SQL statement, that is, determine what SQL statement the function calls, and you can also determine the SQL call ID corresponding to the function, and then determine whether the function calls the target SQL statement.
另外,实施例一的执行主体可以预先建立所述二进制文件的中间表示图,例如图3所示。中间表示图是应用程序源代码与目标代码之间的中间表示(即翻译的中介),通过中间表示图,可以将应用程序(即目标对象)中的知识/信息以及其他相关的程序行为和信息通过对应的算法以图(即节点和边)的形式进行表示,以便于抽象和理解程序行为,并可以直接在图上按序进行高效的指定分析及操作。实施例一中,可以借助中间表示图和静态程序分析来建立所述数据库调用模型。In addition, the execution subject of Embodiment 1 may pre-create an intermediate representation of the binary file, as shown in FIG. 3 for example. The intermediate representation graph is the intermediate representation between the source code of the application program and the target code (that is, the intermediary of translation). Through the intermediate representation graph, the knowledge/information in the application program (that is, the target object) and other related program behaviors and information can be integrated The corresponding algorithm is represented in the form of a graph (that is, nodes and edges) to facilitate abstraction and understanding of program behavior, and to perform efficient specified analysis and operations directly on the graph in sequence. In Embodiment 1, the database call model can be established by means of an intermediate representation graph and static program analysis.
实施例一中,若“该函数对应的SQL调用ID”对应的SQL语句不是目标SQL语句,则可以通过函数间调用关系判断该函数间接调用了目标SQL语句。即判断所述二进制文件中的函数是否调用了目标SQL语句,还可以包括:(实施例一的执行主体)建立所述二进制文件中的函数间调用关系(即各函数间的相互调用关系);对所述二进制文件中的任一函数,根据所述函数间调用关系确定该函数的下级函数;其中,该函数的下级函数为该函数所调用的函数;若该函数的下级函数调用了目标SQL语句,则判断该 函数调用了目标SQL语句。也就是说,对所述二进制文件中的任一函数,由于该函数会调用其下级函数,而若该函数的下级函数调用了目标SQL语句,则相当于该函数间接调用了目标SQL语句。In the first embodiment, if the SQL statement corresponding to the "SQL call ID corresponding to the function" is not the target SQL statement, it can be judged that the function indirectly calls the target SQL statement through the calling relationship between functions. That is, judging whether the function in the binary file has called the target SQL statement may also include: (execution subject of Embodiment 1) setting up the calling relationship between functions in the binary file (that is, the mutual calling relationship between each function); For any function in the binary file, determine the subordinate function of the function according to the calling relationship between the functions; wherein, the subordinate function of the function is the function called by the function; if the subordinate function of the function calls the target SQL statement, it is judged that the function calls the target SQL statement. That is to say, for any function in the binary file, since the function will call its subordinate function, and if the subordinate function of the function calls the target SQL statement, it is equivalent to that the function indirectly calls the target SQL statement.
实施例一中,建立所述二进制文件中的函数间调用关系,可以包括:建立所述二进制文件的中间表示图(如上述);基于所述中间表示图,结合静态程序分析算法建立所述二进制文件中的函数间调用关系。具体的,实施例一的执行主体可以基于中间表示图建立函数调用图(call graph,例如图4所示,图4中的节点“function”表示函数,节点之间的边代表调用关系或控制依赖关系),通过函数调用图,便于确定过程间分析(interprocedural analysis)的函数之间上下文调用关系,即函数间调用关系,从而获得更加精确的函数间调用分析结果。In Embodiment 1, establishing the inter-function call relationship in the binary file may include: establishing an intermediate representation of the binary file (as described above); based on the intermediate representation, combining a static program analysis algorithm to establish the binary Call relationship between functions in the file. Specifically, the execution subject of Embodiment 1 can establish a function call graph (call graph, such as shown in Figure 4) based on the intermediate representation graph. The node "function" in Figure 4 represents a function, and the edges between nodes represent call relationships or control dependencies. Relationship), through the function call graph, it is convenient to determine the context call relationship between functions in interprocedural analysis, that is, the call relationship between functions, so as to obtain more accurate inter-function call analysis results.
中间表示图根据其结构可以分为线性IR(Intermediate representation)、图IR和混合IR,实施例一中可以选择合适的中间表示图。The intermediate representation graph can be divided into linear IR (Intermediate representation), graph IR and hybrid IR according to its structure, and an appropriate intermediate representation graph can be selected in Embodiment 1.
S0113:根据所述二进制文件中的函数是否调用了目标SQL语句,判断所述二进制文件是否包含对目标SQL语句的调用。S0113: According to whether the function in the binary file calls the target SQL statement, determine whether the binary file contains a call to the target SQL statement.
若所述二进制文件中有函数调用了目标SQL语句,则判断所述二进制文件包含对目标SQL语句的调用;或,若所述二进制文件中没有函数调用目标SQL语句,则判断所述二进制文件不包含对目标SQL语句的调用。If there is a function in the binary file that calls the target SQL statement, then it is judged that the binary file includes a call to the target SQL statement; or, if there is no function in the binary file that calls the target SQL statement, then it is judged that the binary file does not Contains a call to the target SQL statement.
S013:根据所述二进制文件是否包含对目标SQL语句的调用,判断所述二进制文件是否包含对预设操作的调用。S013: Determine whether the binary file includes a call to a preset operation according to whether the binary file includes a call to a target SQL statement.
若所述二进制文件包含对目标SQL语句的调用,则判断所述二进制文件包含对预设操作的调用;或,若所述二进制文件不包含对目标SQL语句的调用,则判断所述二进制文件不包含对预设操作的调用。If the binary file includes a call to the target SQL statement, it is judged that the binary file includes a call to a preset operation; or, if the binary file does not include a call to the target SQL statement, then it is judged that the binary file does not Contains calls to preset actions.
S03:(执行主体)若所述二进制文件包含对预设操作的调用,则判断用于执行所述预设操作的SQL语句是否存在条件约束语句;若所述二进制文件包含对预设操作的调用,则实施例一的执行主体可以判断用于执行所述预设操作的SQL语句(即目标SQL语句)是否存在条件约束语句。S03: (execution subject) if the binary file contains a call to a preset operation, then judge whether there is a conditional constraint statement in the SQL statement used to execute the preset operation; if the binary file contains a call to a preset operation , then the execution subject in Embodiment 1 can judge whether there is a conditional constraint statement in the SQL statement (that is, the target SQL statement) used to execute the preset operation.
实施例一中,可以通过所述数据库调用模型确定SQL语句之间的关联,进而判定任一目标SQL语句是否存在条件约束语句。In Embodiment 1, the relationship between SQL statements can be determined through the database call model, and then it can be determined whether any target SQL statement has a conditional constraint statement.
S05:(执行主体)若用于执行所述预设操作的SQL语句不存在条件约束语句,则 判断所述SQL语句存在风险。S05: (execution subject) If the SQL statement used to execute the preset operation does not have a conditional constraint statement, then determine that the SQL statement is at risk.
对任一目标SQL语句,若实施例一的执行主体判断该目标SQL语句不存在条件约束语句,则实施例一的执行主体判断该目标SQL语句存在风险。即若该目标SQL语句没有条件约束语句,则该目标SQL语句可能被(目标对象或其他应用程序)无约束调用,从而执行预设操作(包括执行删除数据表或数据表中的部分或全部数据的操作),即该目标SQL语句存在的风险是调用风险。若该目标SQL语句是用于执行“删除数据表的操作”的SQL语句,则该目标SQL语句被无约束调用,可以导致数据表被删除;若该目标SQL语句是用于执行“删除数据表中的数据的操作”的SQL语句,则该目标SQL语句被无约束调用,可以导致数据表中的数据(包括数据表中的全部数据)被删除。For any target SQL statement, if the execution subject in Embodiment 1 judges that the target SQL statement does not have a conditional constraint statement, then the execution subject in Embodiment 1 judges that the target SQL statement has a risk. That is, if the target SQL statement does not have a conditional constraint statement, the target SQL statement may be invoked by (the target object or other application program) without constraints, thereby performing preset operations (including deleting data tables or part or all of the data in the data tables) operation), that is, the risk of the target SQL statement is the call risk. If the target SQL statement is an SQL statement used to execute the "delete data table operation", the target SQL statement is called without constraints, which can cause the data table to be deleted; if the target SQL statement is used to execute the "delete data table "Operation of data in" SQL statement, the target SQL statement is invoked without constraints, which can cause the data in the data table (including all data in the data table) to be deleted.
若判断该目标SQL语句存在条件约束语句,则实施例一的执行主体判断该目标SQL语句的条件约束语句是否存在永真情况。若判断该目标SQL语句的条件约束语句存在永真情况,则说明该目标SQL语句仍然可以被无约束调用,从而产生上述无约束调用风险。If it is judged that the target SQL statement has a conditional constraint statement, the execution subject of Embodiment 1 determines whether the conditional constraint statement of the target SQL statement is always true. If it is judged that the conditional constraint statement of the target SQL statement is always true, it means that the target SQL statement can still be called without constraints, thus generating the above-mentioned risks of unconstrained calls.
实施例一中,判断该目标SQL语句的条件约束语句是否存在永真情况,可以包括:建立所述二进制文件中的数据流转关系,根据所述数据流转关系判断该目标SQL语句的条件约束语句是否存在永真情况。In Embodiment 1, judging whether the conditional constraint statement of the target SQL statement has an ever-true situation may include: establishing a data flow relationship in the binary file, and judging whether the conditional constraint statement of the target SQL statement is There is an everlasting case.
其中,根据所述数据流转关系判断该目标SQL语句的条件约束语句是否存在永真情况,可以包括:根据所述数据流转关系,确定“该目标SQL语句的条件约束语句”对应的数据库字段(在所述二进制文件中)的数据流转信息;根据所述数据流转信息判断所述数据库字段可能的赋值信息;根据所述赋值信息判断“该目标SQL语句的条件约束语句”对应的数据库字段是否存在永真的赋值;根据“该目标SQL语句的条件约束语句”对应的数据库字段是否存在永真的赋值,判断该目标SQL语句的条件约束语句是否存在永真情况。即若该目标SQL语句的条件约束语句存在永真的赋值,则判断该目标SQL语句的条件约束语句存在永真情况;或,若该目标SQL语句的条件约束语句不存在永真的赋值,则判断该目标SQL语句的条件约束语句不存在永真情况。Wherein, judging whether the conditional constraint statement of the target SQL statement is always true according to the data flow relationship may include: determining the database field corresponding to "the conditional constraint statement of the target SQL statement" according to the data flow relationship (in According to the data transfer information in the binary file), the possible assignment information of the database field is judged according to the data transfer information; according to the assignment information, it is judged whether the database field corresponding to "the conditional constraint statement of the target SQL statement" exists permanent True assignment; according to whether the database field corresponding to the "conditional constraint statement of the target SQL statement" has a permanent true value, determine whether the conditional constraint statement of the target SQL statement has a permanent true condition. That is, if there is an ever-true assignment in the conditional constraint statement of the target SQL statement, it is judged that there is an ever-true condition in the conditional constraint statement of the target SQL statement; or, if there is no ever-true assignment in the conditional constraint statement of the target SQL statement, then It is judged that the conditional constraint statement of the target SQL statement does not have an ever-true condition.
实施例一中,建立所述二进制文件中的数据流转关系,可以包括:建立所述二进制文件的中间表示图(如上述);基于所述中间表示图建立所述二进制文件中的函数间调用关系(即函数调用图);基于所述函数间调用关系建立所述二进制文件中的数据流转关系。其中,实施例一的执行主体基于所述函数调用图生成数据流转图(如图5所示,示出了数据库字段x的流传过程),所述数据流转图包含字段、节点以及描述字段间数 据传递关系的边(即数据依赖关系),通过数据流转图可以确定数据库字段的约束(constraints)。通过求解约束,可以确定出任一个数据库字段在所述二进制文件或目标对象中的数据流转情况,从而判断该数据库字段可能存在的赋值情况,进而判断是否存在永真的赋值(即1=1,a=a),即判断是否存在永真情况。In Embodiment 1, establishing the data flow relationship in the binary file may include: establishing an intermediate representation of the binary file (as described above); establishing a call relationship between functions in the binary file based on the intermediate representation (that is, a function call graph); establishing a data flow relationship in the binary file based on the calling relationship between the functions. Wherein, the execution subject of Embodiment 1 generates a data flow graph based on the function call graph (as shown in FIG. 5 , which shows the transmission process of database field x), and the data flow graph includes fields, nodes, and data between description fields. The edges of the transfer relationship (that is, the data dependency relationship), the constraints of the database fields can be determined through the data flow diagram. By solving the constraints, the data flow of any database field in the binary file or target object can be determined, thereby judging the possible assignment of the database field, and then judging whether there is a permanent assignment (that is, 1=1, a = a), that is, to judge whether there is an ever-true situation.
当然,也可以通过其他数据流分析算法,例如field-based算法建立所述数据流转图。Of course, other data flow analysis algorithms, such as field-based algorithms, may also be used to establish the data flow graph.
实施例一中,可以使用所述数据库调用模型补充函数调用图上数据库操作相关的db调用节点,同时也可以使用所述数据库调用模型数据流转换图上与db操作相关的数据流转。In the first embodiment, the database call model can be used to supplement the db call node related to the database operation on the function call graph, and the data flow related to the db operation on the database call model data flow conversion graph can also be used at the same time.
实施例一中,对任一函数,若该函数调用(包括间接调用)了目标SQL语句,则可以判断该目标所调用的目标SQL语句是否存在条件约束语句;若该目标所调用的目标SQL语句不存在条件约束语句,则该目标所调用的目标SQL语句存在上述风险;若该目标所调用的目标SQL语句存在条件约束语句,则判断该目标所调用的目标SQL语句的条件约束语句是否存在永真情况;若该目标所调用的目标SQL语句的条件约束语句存在永真情况,则该目标所调用的目标SQL语句存在上述风险;或,若该目标所调用的目标SQL语句的条件约束语句不存在永真情况,则该目标所调用的目标SQL语句不存在上述风险。In embodiment one, for any function, if the target SQL statement is called by the function (including indirect calls), it can be judged whether the target SQL statement called by the target has a conditional constraint statement; if the target SQL statement called by the target If there is no conditional constraint statement, the target SQL statement called by the target has the above risks; if there is a conditional constraint statement in the target SQL statement called by the target, then it is judged true; if the conditional constraint statement of the target SQL statement called by the target is always true, then the target SQL statement called by the target has the above risk; or, if the conditional constraint statement of the target SQL statement called by the target is not If there is an ever-true condition, the target SQL statement invoked by the target does not have the above-mentioned risks.
对任一目标SQL语句,若判断该目标SQL语句存在风险,则实施例一的执行主体可以对该目标SQL语句进行定位和突出显示,并可以将调用该目标SQL语句的函数进行定位和突出显示。For any target SQL statement, if it is judged that the target SQL statement is risky, the execution subject of Embodiment 1 can locate and highlight the target SQL statement, and can locate and highlight the function that calls the target SQL statement .
实施例一中,能够在不实际运行应用程序或目标对象或SQL语句的情况下,通过语法分析、函数调用建模、字段数据流转等静态程序分析手段对二进制文件进行分析,以判断目标SQL语句是否存在条件约束语句以及对条件约束语句是否可能永真进行求解,从而准确检测出SQL语句存在的风险,提高SQL语句风险检测效果和效率,保障数据库中存储的数据的安全性、完整性以及目标对象的可靠性和稳定性。基于此,上述所有内容中所述“调用”意指能够调用,并非实际已经调用,即不需要实际运行应用程序或目标对象或SQL语句。In the first embodiment, the binary file can be analyzed through static program analysis means such as syntax analysis, function call modeling, field data flow, etc., to determine the target SQL statement without actually running the application program or the target object or the SQL statement. Whether there is a conditional constraint statement and whether the conditional constraint statement may be true forever, so as to accurately detect the risks of SQL statements, improve the effect and efficiency of SQL statement risk detection, and ensure the security, integrity and goals of data stored in the database Object reliability and stability. Based on this, the "invocation" mentioned in all the above content means that it can be invoked, but not actually invoked, that is, it does not need to actually run the application program or target object or SQL statement.
特别的,实施例一创造性地提出,针对SQL语句是否存在删除数据表或删除数据表中数据(特别是删除数据表中全部数据)的风险进行检测,进一步提高风险检测效果和针对性。In particular, Embodiment 1 creatively proposes to detect whether there is a risk of deleting the data table or deleting data in the data table (especially deleting all data in the data table) in the SQL statement, so as to further improve the effect and pertinence of risk detection.
SQL语言和所述二进制文件中的语言(即程序语言,例如Java语言)是不同语言,实施例一中通过数据库调用模型既能够基于程序语言分析和程序(或Java)相关的数据调用和数据流转,又能够基于SQL语言分析与SQL相关的字段流转信息,进而将数据库调用模型用于建立数据流转图,所建立的数据流转图实现了SQL语言和程序语言的跨越和融合,能够更全面、准确分析数据库字段在二进制文件和SQL中的流转情况和赋值情况。The SQL language and the language in the binary file (that is, the programming language, such as the Java language) are different languages. In the first embodiment, the database calling model can be based on the programming language analysis and program (or Java) related data calling and data flow. , and can analyze the field flow information related to SQL based on the SQL language, and then use the database call model to establish a data flow diagram. Analyze the flow and assignment of database fields in binary files and SQL.
实施例一的执行主体可以是区块链节点,实施例一中所建立的中间表示图、函数调用建模以及函数调用图、数据流转图等可以经所述区块链共识后存储到实施例一的执行主体的各同区块链节点中,防止其在应用于SQL语句的风险检测过程中被篡改,提高风险检测结果的可靠性。The execution subject of Embodiment 1 may be a blockchain node, and the intermediate representation graph, function call modeling, function call graph, and data flow graph established in Embodiment 1 can be stored in the embodiment after being consensused by the blockchain. In each block chain node of the execution subject, it is prevented from being tampered with in the risk detection process applied to the SQL statement, and the reliability of the risk detection result is improved.
如图6所示,本说明书第二个实施例提供一种与实施例一所述SQL语句风险检测方法对应的SQL语句风险检测装置,包括:调用分析模块202,用于获取目标对象对应的二进制文件,判断所述二进制文件是否包含对预设操作的调用;其中,所述预设操作是删除数据表或删除数据表中的数据的操作;约束分析模块204,用于若所述二进制文件包含对预设操作的调用,则判断用于执行所述预设操作的SQL语句是否存在条件约束语句;风险分析模块206,用于若用于执行所述预设操作的SQL语句不存在条件约束语句,则判断所述SQL语句存在风险。As shown in Figure 6, the second embodiment of this specification provides a SQL statement risk detection device corresponding to the SQL statement risk detection method described in Embodiment 1, including: calling the analysis module 202 to obtain the binary data corresponding to the target object file, judging whether the binary file contains a call to a preset operation; wherein, the preset operation is an operation of deleting a data table or deleting data in a data table; the constraint analysis module 204 is used to determine if the binary file contains To the call of the preset operation, it is judged whether there is a conditional constraint statement in the SQL statement for performing the preset operation; the risk analysis module 206 is used for if there is no conditional constraint statement in the SQL statement for performing the preset operation , it is judged that the SQL statement is risky.
可选的,所述约束分析模块204,用于若用于执行所述预设操作的SQL语句存在条件约束语句,则判断所述条件约束语句是否存在永真情况;所述风险分析模块206,用于若所述条件约束语句存在永真情况,则判断所述SQL语句存在风险。Optionally, the constraint analysis module 204 is configured to determine whether the conditional constraint statement is always true if there is a conditional constraint statement in the SQL statement used to execute the preset operation; the risk analysis module 206, It is used for judging that the SQL statement is risky if the conditional constraint statement is always true.
可选的,判断所述二进制文件是否包含对预设操作的调用,包括:判断所述二进制文件是否包含对目标SQL语句的调用;其中,所述目标SQL语句为用于执行预设操作的SQL语句;根据所述二进制文件是否包含对目标SQL语句的调用,判断所述二进制文件是否包含对预设操作的调用。Optionally, judging whether the binary file contains a call to a preset operation includes: judging whether the binary file contains a call to a target SQL statement; wherein, the target SQL statement is SQL for executing a preset operation statement; according to whether the binary file contains a call to a target SQL statement, determine whether the binary file contains a call to a preset operation.
可选的,判断所述二进制文件是否包含对目标SQL语句的调用,包括:判断所述二进制文件中的函数是否调用了目标SQL语句;根据所述二进制文件中的函数是否调用了目标SQL语句,判断所述二进制文件是否包含对目标SQL语句的调用。Optionally, judging whether the binary file contains a call to the target SQL statement includes: judging whether the function in the binary file calls the target SQL statement; according to whether the function in the binary file calls the target SQL statement, It is judged whether the binary file contains a call to the target SQL statement.
可选的,判断所述二进制文件中的函数是否调用了目标SQL语句,包括:对所述二进制文件中的任一函数,确定该函数对应的SQL调用ID;根据所述SQL调用ID对应 的SQL语句是否为目标SQL语句,判断所述二进制文件中的该函数是否调用了目标SQL语句。Optionally, judging whether the function in the binary file invokes the target SQL statement includes: for any function in the binary file, determining the SQL call ID corresponding to the function; calling the SQL corresponding to the ID according to the SQL Whether the statement is a target SQL statement, and determine whether the function in the binary file invokes the target SQL statement.
可选的,判断所述二进制文件中的函数是否调用了目标SQL语句,包括:建立所述二进制文件对应的数据库调用模型,所述数据库调用模型用于表征所述二进制文件中的函数对SQL语句的调用关系;根据所述数据库调用模型判断所述二进制文件中的函数是否调用了目标SQL语句。Optionally, judging whether the function in the binary file calls the target SQL statement includes: establishing a database call model corresponding to the binary file, and the database call model is used to characterize the SQL statement of the function in the binary file The call relationship; according to the database call model, it is judged whether the function in the binary file calls the target SQL statement.
可选的,所述数据库调用模型包括下列的一项或多项:所述二进制文件中所调用的SQL语句的类型;所述二进制文件中所调用的SQL语句的SQL调用ID;所述二进制文件中所调用的SQL语句对应的数据库表信息;所述二进制文件中所调用的SQL语句对应的数据库字段信息;所述二进制文件中所调用的SQL语句对应的程序变量字段信息。Optionally, the database call model includes one or more of the following: the type of the SQL statement called in the binary file; the SQL call ID of the SQL statement called in the binary file; database table information corresponding to the SQL statement called in the binary file; database field information corresponding to the SQL statement called in the binary file; program variable field information corresponding to the SQL statement called in the binary file.
可选的,判断所述二进制文件中的函数是否调用了目标SQL语句,还包括:建立所述二进制文件中的函数间调用关系;对所述二进制文件中的任一函数,根据所述函数间调用关系确定该函数的下级函数;其中,该函数的下级函数为该函数所调用的函数;若该函数的下级函数调用了目标SQL语句,则判断该函数调用了目标SQL语句。Optionally, judging whether the function in the binary file calls the target SQL statement also includes: establishing a call relationship between functions in the binary file; for any function in the binary file, according to the The calling relation determines the subordinate function of the function; wherein, the subordinate function of the function is the function called by the function; if the subordinate function of the function calls the target SQL statement, it is determined that the function calls the target SQL statement.
可选的,建立所述二进制文件中的函数间调用关系,包括:建立所述二进制文件的中间表示图;基于所述中间表示图建立所述二进制文件中的函数间调用关系。Optionally, establishing the inter-function calling relationship in the binary file includes: establishing an intermediate representation graph of the binary file; and establishing the inter-function calling relationship in the binary file based on the intermediate representation graph.
可选的,判断所述条件约束语句是否存在永真情况,包括:建立所述二进制文件中的数据流转关系,根据所述数据流转关系判断所述条件约束语句是否存在永真情况。Optionally, judging whether the conditional constraint statement is always true includes: establishing a data flow relationship in the binary file, and judging whether the conditional constraint statement is always true according to the data flow relationship.
可选的,根据所述数据流转关系判断所述条件约束语句是否存在永真情况,包括:根据所述数据流转关系,确定所述条件约束语句对应的数据库字段的数据流转信息;根据所述数据流转信息判断所述数据库字段可能的赋值信息;根据所述赋值信息判断所述数据库字段是否存在永真的赋值;根据所述数据库字段是否存在永真的赋值,判断所述条件约束语句是否存在永真情况。Optionally, judging whether the conditional constraint statement is always true according to the data flow relationship includes: determining the data flow information of the database field corresponding to the conditional constraint statement according to the data flow relationship; Judging the possible assignment information of the database field based on the transfer information; judging whether there is a permanent assignment in the database field according to the assignment information; judging whether there is a permanent assignment in the conditional constraint statement according to whether there is a permanent assignment in the database field The real situation.
可选的,建立所述二进制文件中的数据流转关系,包括:建立所述二进制文件的中间表示图;基于所述中间表示图建立所述二进制文件中的函数间调用关系;基于所述函数间调用关系建立所述二进制文件中的数据流转关系。Optionally, establishing the data flow relationship in the binary file includes: establishing an intermediate representation graph of the binary file; establishing a calling relationship between functions in the binary file based on the intermediate representation graph; The calling relationship establishes the data flow relationship in the binary file.
可选的,所述SQL语句存在的风险为调用风险。Optionally, the risk in the SQL statement is an invocation risk.
可选的,所述风险分析模块206,用于若判断所述SQL语句存在风险,则对存在风险的SQL语句进行定位和突出显示。Optionally, the risk analysis module 206 is configured to locate and highlight the risky SQL statement if it is judged that the SQL statement is risky.
本说明书第三个实施例提供一种SQL语句风险检测设备,包括:至少一个处理器;以及,与所述至少一个处理器通信连接的存储器;其中,所述存储器存储有可被所述至少一个处理器执行的指令,所述指令被所述至少一个处理器执行,使所述至少一个处理器能够执行实施例一所述的SQL语句风险检测方法。The third embodiment of this specification provides a SQL statement risk detection device, including: at least one processor; and a memory connected to the at least one processor in communication; wherein, the memory stores information that can be used by the at least one Instructions executed by the processor, the instructions are executed by the at least one processor, enabling the at least one processor to execute the SQL statement risk detection method described in Embodiment 1.
本说明书第四个实施例提供一种计算机可读存储介质,所述计算机可读存储介质存储有计算机可执行指令,所述计算机可执行指令被处理器执行时实现实施例一所述的SQL语句风险检测方法。The fourth embodiment of this specification provides a computer-readable storage medium, the computer-readable storage medium stores computer-executable instructions, and when the computer-executable instructions are executed by a processor, the SQL statement described in the first embodiment is implemented risk detection method.
上述各实施例可以结合使用,不同实施例之间或同一实施例内的名称相同的模块可以是相同或不同的模块。The above embodiments can be used in combination, and modules with the same name between different embodiments or within the same embodiment can be the same or different modules.
上述对本说明书特定实施例进行了描述,其它实施例在所附权利要求书的范围内。在一些情况下,在权利要求书中记载的动作或步骤可以按照不同于实施例中的顺序来执行并且仍然可以实现期望的结果。另外,附图中描绘的过程不一定必须按照示出的特定顺序或者连续顺序才能实现期望的结果。在某些实施方式中,多任务处理和并行处理也是可以的或者可能是有利的。While the foregoing describes certain embodiments of the specification, other embodiments are within the scope of the appended claims. In some cases, the actions or steps recited in the claims can be performed in an order different from that in the embodiments and still achieve desirable results. In addition, the processes depicted in the accompanying figures do not necessarily have to be followed in the particular order shown, or sequential order, to achieve desirable results. Multitasking and parallel processing are also possible or may be advantageous in certain embodiments.
本说明书中的各个实施例均采用递进的方式描述,各个实施例之间相同相似的部分互相参见即可,每个实施例重点说明的都是与其他实施例的不同之处。尤其,对于装置、设备、非易失性计算机可读存储介质实施例而言,由于其基本相似于方法实施例,所以描述的比较简单,相关之处参见方法实施例的部分说明即可。Each embodiment in this specification is described in a progressive manner, the same and similar parts of each embodiment can be referred to each other, and each embodiment focuses on the differences from other embodiments. In particular, for the apparatus, equipment, and non-volatile computer-readable storage medium embodiments, since they are basically similar to the method embodiments, the description is relatively simple, and for relevant parts, please refer to part of the description of the method embodiments.
本说明书实施例提供的装置、设备、非易失性计算机可读存储介质与方法是对应的,因此,装置、设备、非易失性计算机存储介质也具有与对应方法类似的有益技术效果,由于上面已经对方法的有益技术效果进行了详细说明,因此,这里不再赘述对应装置、设备、非易失性计算机存储介质的有益技术效果。The device, device, and non-volatile computer-readable storage medium provided in the embodiments of this specification correspond to the method, therefore, the device, device, and non-volatile computer-readable storage medium also have beneficial technical effects similar to those of the corresponding method, because The beneficial technical effects of the method have been described in detail above, therefore, the beneficial technical effects of the corresponding devices, equipment, and non-volatile computer storage media will not be repeated here.
在20世纪90年代,对于一个技术的改进可以很明显地区分是硬件上的改进(例如,对二极管、晶体管、开关等电路结构的改进)还是软件上的改进(对于方法流程的改进)。然而,随着技术的发展,当今的很多方法流程的改进已经可以视为硬件电路结构的直接改进。设计人员几乎都通过将改进的方法流程编程到硬件电路中来得到相应的硬件电路结构。因此,不能说一个方法流程的改进就不能用硬件实体模块来实现。例如,可编程逻辑器件(Programmable Logic Device,PLD)(例如现场可编程门阵列(Field Programmable Gate Array,FPGA))就是这样一种集成电路,其逻辑功能由用户对器件 编程来确定。由设计人员自行编程来把一个数字系统“集成”在一片PLD上,而不需要请芯片制造厂商来设计和制作专用的集成电路芯片。而且,如今,取代手工地制作集成电路芯片,这种编程也多半改用“逻辑编译器(logic compiler)”软件来实现,它与程序开发撰写时所用的软件编译器相类似,而要编译之前的原始代码也得用特定的编程语言来撰写,此称之为硬件描述语言(Hardware Description Language,HDL),而HDL也并非仅有一种,而是有许多种,如ABEL(Advanced Boolean Expression Language)、AHDL(Altera Hardware Description Language)、Confluence、CUPL(Cornell University Programming Language)、HDCal、JHDL(Java Hardware Description Language)、Lava、Lola、MyHDL、PALASM、RHDL(Ruby Hardware Description Language)等,目前最普遍使用的是VHDL(Very-High-Speed Integrated Circuit Hardware Description Language)与Verilog。本领域技术人员也应该清楚,只需要将方法流程用上述几种硬件描述语言稍作逻辑编程并编程到集成电路中,就可以很容易得到实现该逻辑方法流程的硬件电路。In the 1990s, the improvement of a technology can be clearly distinguished as an improvement in hardware (for example, improvements in circuit structures such as diodes, transistors, and switches) or improvements in software (improvement in method flow). However, with the development of technology, the improvement of many current method flows can be regarded as the direct improvement of the hardware circuit structure. Designers almost always get the corresponding hardware circuit structure by programming the improved method flow into the hardware circuit. Therefore, it cannot be said that the improvement of a method flow cannot be realized by hardware physical modules. For example, a Programmable Logic Device (PLD), such as a Field Programmable Gate Array (FPGA), is an integrated circuit whose logic functions are determined by programming the device by the user. It is programmed by the designer to "integrate" a digital system on a PLD, instead of asking a chip manufacturer to design and make a dedicated integrated circuit chip. Moreover, nowadays, instead of making integrated circuit chips by hand, this kind of programming is mostly realized by "logic compiler (logic compiler)" software, which is similar to the software compiler used when program development and writing, but before compiling The original code of the computer must also be written in a specific programming language, which is called a hardware description language (Hardware Description Language, HDL), and there is not only one kind of HDL, but many kinds, such as ABEL (Advanced Boolean Expression Language) , AHDL (Altera Hardware Description Language), Confluence, CUPL (Cornell University Programming Language), HDCal, JHDL (Java Hardware Description Language), Lava, Lola, MyHDL, PALASM, RHDL (Ruby Hardware Description Language), etc., are currently the most commonly used The most popular are VHDL (Very-High-Speed Integrated Circuit Hardware Description Language) and Verilog. It should also be clear to those skilled in the art that only a little logical programming of the method flow in the above-mentioned hardware description languages and programming into an integrated circuit can easily obtain a hardware circuit for realizing the logic method flow.
控制器可以按任何适当的方式实现,例如,控制器可以采取例如微处理器或处理器以及存储可由该(微)处理器执行的计算机可读程序代码(例如软件或固件)的计算机可读介质、逻辑门、开关、专用集成电路(Application Specific Integrated Circuit,ASIC)、可编程逻辑控制器和嵌入微控制器的形式,控制器的例子包括但不限于以下微控制器:ARC 625D、Atmel AT91SAM、Microchip PIC18F26K20以及Silicone Labs C8051F320,存储器控制器还可以被实现为存储器的控制逻辑的一部分。本领域技术人员也知道,除了以纯计算机可读程序代码方式实现控制器以外,完全可以通过将方法步骤进行逻辑编程来使得控制器以逻辑门、开关、专用集成电路、可编程逻辑控制器和嵌入微控制器等的形式来实现相同功能。因此这种控制器可以被认为是一种硬件部件,而对其内包括的用于实现各种功能的装置也可以视为硬件部件内的结构。或者甚至,可以将用于实现各种功能的装置视为既可以是实现方法的软件模块又可以是硬件部件内的结构。The controller may be implemented in any suitable way, for example the controller may take the form of a microprocessor or processor and a computer readable medium storing computer readable program code (such as software or firmware) executable by the (micro)processor , logic gates, switches, application specific integrated circuits (Application Specific Integrated Circuit, ASIC), programmable logic controllers and embedded microcontrollers, examples of controllers include but are not limited to the following microcontrollers: ARC 625D, Atmel AT91SAM, Microchip PIC18F26K20 and Silicone Labs C8051F320, the memory controller can also be implemented as part of the control logic of the memory. Those skilled in the art also know that, in addition to realizing the controller in a purely computer-readable program code mode, it is entirely possible to make the controller use logic gates, switches, application-specific integrated circuits, programmable logic controllers, and embedded The same function can be realized in the form of a microcontroller or the like. Therefore, such a controller can be regarded as a hardware component, and the devices included in it for realizing various functions can also be regarded as structures within the hardware component. Or even, means for realizing various functions can be regarded as a structure within both a software module realizing a method and a hardware component.
上述实施例阐明的系统、装置、模块或单元,具体可以由计算机芯片或实体实现,或者由具有某种功能的产品来实现。一种典型的实现设备为计算机。具体的,计算机例如可以为个人计算机、膝上型计算机、蜂窝电话、相机电话、智能电话、个人数字助理、媒体播放器、导航设备、电子邮件设备、游戏控制台、平板计算机、可穿戴设备或者这些设备中的任何设备的组合。The systems, devices, modules, or units described in the above embodiments can be specifically implemented by computer chips or entities, or by products with certain functions. A typical implementing device is a computer. Specifically, the computer may be, for example, a personal computer, a laptop computer, a cellular phone, a camera phone, a smart phone, a personal digital assistant, a media player, a navigation device, an email device, a game console, a tablet computer, a wearable device, or Combinations of any of these devices.
为了描述的方便,描述以上装置时以功能分为各种单元分别描述。当然,在实施本说明书时可以把各单元的功能在同一个或多个软件和/或硬件中实现。For the convenience of description, when describing the above devices, functions are divided into various units and described separately. Of course, when implementing this specification, the functions of each unit can be implemented in one or more pieces of software and/or hardware.
本领域内的技术人员应明白,本说明书实施例可提供为方法、系统、或计算机程序产品。因此,本说明书实施例可采用完全硬件实施例、完全软件实施例、或结合软件和硬件方面的实施例的形式。而且,本说明书实施例可采用在一个或多个其中包含有计算机可用程序代码的计算机可用存储介质(包括但不限于磁盘存储器、CD-ROM、光学存储器等)上实施的计算机程序产品的形式。Those skilled in the art should understand that the embodiments of this specification may be provided as methods, systems, or computer program products. Accordingly, the embodiments of the present description may take the form of an entirely hardware embodiment, an entirely software embodiment, or an embodiment combining software and hardware aspects. Furthermore, embodiments of the present description may take the form of a computer program product embodied on one or more computer-usable storage media (including but not limited to disk storage, CD-ROM, optical storage, etc.) having computer-usable program code embodied therein.
本说明书是参照根据本说明书实施例的方法、设备(系统)、和计算机程序产品的流程图和/或方框图来描述的。应理解可由计算机程序指令实现流程图和/或方框图中的每一流程和/或方框、以及流程图和/或方框图中的流程和/或方框的结合。可提供这些计算机程序指令到通用计算机、专用计算机、嵌入式处理机或其他可编程数据处理设备的处理器以产生一个机器,使得通过计算机或其他可编程数据处理设备的处理器执行的指令产生用于实现在流程图一个流程或多个流程和/或方框图一个方框或多个方框中指定的功能的装置。The specification is described with reference to flowcharts and/or block diagrams of methods, devices (systems), and computer program products according to embodiments of the specification. It should be understood that each procedure and/or block in the flowchart and/or block diagram, and a combination of procedures and/or blocks in the flowchart and/or block diagram can be realized by computer program instructions. These computer program instructions may be provided to a general purpose computer, special purpose computer, embedded processor, or processor of other programmable data processing equipment to produce a machine such that the instructions executed by the processor of the computer or other programmable data processing equipment produce a An apparatus for realizing the functions specified in one or more procedures of the flowchart and/or one or more blocks of the block diagram.
这些计算机程序指令也可存储在能引导计算机或其他可编程数据处理设备以特定方式工作的计算机可读存储器中,使得存储在该计算机可读存储器中的指令产生包括指令装置的制造品,该指令装置实现在流程图一个流程或多个流程和/或方框图一个方框或多个方框中指定的功能。These computer program instructions may also be stored in a computer-readable memory capable of directing a computer or other programmable data processing apparatus to operate in a specific manner, such that the instructions stored in the computer-readable memory produce an article of manufacture comprising instruction means, the instructions The device realizes the function specified in one or more procedures of the flowchart and/or one or more blocks of the block diagram.
这些计算机程序指令也可装载到计算机或其他可编程数据处理设备上,使得在计算机或其他可编程设备上执行一系列操作步骤以产生计算机实现的处理,从而在计算机或其他可编程设备上执行的指令提供用于实现在流程图一个流程或多个流程和/或方框图一个方框或多个方框中指定的功能的步骤。These computer program instructions can also be loaded onto a computer or other programmable data processing device, causing a series of operational steps to be performed on the computer or other programmable device to produce a computer-implemented process, thereby The instructions provide steps for implementing the functions specified in the flow chart or blocks of the flowchart and/or the block or blocks of the block diagrams.
在一个典型的配置中,计算设备包括一个或多个处理器(CPU)、输入/输出接口、网络接口和内存。In a typical configuration, a computing device includes one or more processors (CPUs), input/output interfaces, network interfaces, and memory.
内存可能包括计算机可读介质中的非永久性存储器,随机存取存储器(RAM)和/或非易失性内存等形式,如只读存储器(ROM)或闪存(flash RAM)。内存是计算机可读介质的示例。Memory may include non-permanent storage in computer readable media, in the form of random access memory (RAM) and/or nonvolatile memory such as read-only memory (ROM) or flash RAM. Memory is an example of computer readable media.
计算机可读介质包括永久性和非永久性、可移动和非可移动媒体可以由任何方法或技术来实现信息存储。信息可以是计算机可读指令、数据结构、程序的模块或其他数据。计算机的存储介质的例子包括,但不限于相变内存(PRAM)、静态随机存取存储器(SRAM)、动态随机存取存储器(DRAM)、其他类型的随机存取存储器(RAM)、只读存储 器(ROM)、电可擦除可编程只读存储器(EEPROM)、快闪记忆体或其他内存技术、只读光盘只读存储器(CD-ROM)、数字多功能光盘(DVD)或其他光学存储、磁盒式磁带,磁带式磁盘存储或其他磁性存储设备或任何其他非传输介质,可用于存储可以被计算设备访问的信息。按照本文中的界定,计算机可读介质不包括暂存电脑可读媒体(transitory media),如调制的数据信号和载波。Computer-readable media, including both permanent and non-permanent, removable and non-removable media, can be implemented by any method or technology for storage of information. Information may be computer readable instructions, data structures, modules of a program, or other data. Examples of computer storage media include, but are not limited to, phase change memory (PRAM), static random access memory (SRAM), dynamic random access memory (DRAM), other types of random access memory (RAM), read only memory (ROM), Electrically Erasable Programmable Read-Only Memory (EEPROM), Flash memory or other memory technology, Compact Disc Read-Only Memory (CD-ROM), Digital Versatile Disc (DVD) or other optical storage, A magnetic tape cartridge, magnetic tape disk storage or other magnetic storage device or any other non-transmission medium that can be used to store information that can be accessed by a computing device. As defined herein, computer-readable media excludes transitory computer-readable media, such as modulated data signals and carrier waves.
还需要说明的是,术语“包括”、“包含”或者其任何其他变体意在涵盖非排他性的包含,从而使得包括一系列要素的过程、方法、商品或者设备不仅包括那些要素,而且还包括没有明确列出的其他要素,或者是还包括为这种过程、方法、商品或者设备所固有的要素。在没有更多限制的情况下,由语句“包括一个……”限定的要素,并不排除在包括所述要素的过程、方法、商品或者设备中还存在另外的相同要素。It should also be noted that the term "comprises", "comprises" or any other variation thereof is intended to cover a non-exclusive inclusion such that a process, method, article, or apparatus comprising a set of elements includes not only those elements, but also includes Other elements not expressly listed, or elements inherent in the process, method, commodity, or apparatus are also included. Without further limitations, an element defined by the phrase "comprising a ..." does not exclude the presence of additional identical elements in the process, method, article or apparatus comprising said element.
本说明书可以在由计算机执行的计算机可执行指令的一般上下文中描述,例如程序模块。一般地,程序模块包括执行特定任务或实现特定抽象数据类型的例程、程序、对象、组件、数据结构等等。也可以在分布式计算环境中实践本说明书,在这些分布式计算环境中,由通过通信网络而被连接的远程处理设备来执行任务。在分布式计算环境中,程序模块可以位于包括存储设备在内的本地和远程计算机存储介质中。The specification may be described in the general context of computer-executable instructions, such as program modules, being executed by a computer. Generally, program modules include routines, programs, objects, components, data structures, etc. that perform particular tasks or implement particular abstract data types. The present description may also be practiced in distributed computing environments where tasks are performed by remote processing devices that are linked through a communications network. In a distributed computing environment, program modules may be located in both local and remote computer storage media including storage devices.
本说明书中的各个实施例均采用递进的方式描述,各个实施例之间相同相似的部分互相参见即可,每个实施例重点说明的都是与其他实施例的不同之处。尤其,对于系统实施例而言,由于其基本相似于方法实施例,所以描述的比较简单,相关之处参见方法实施例的部分说明即可。Each embodiment in this specification is described in a progressive manner, the same and similar parts of each embodiment can be referred to each other, and each embodiment focuses on the differences from other embodiments. In particular, for the system embodiment, since it is basically similar to the method embodiment, the description is relatively simple, and for relevant parts, refer to part of the description of the method embodiment.
以上所述仅为本说明书实施例而已,并不用于限制本申请。对于本领域技术人员来说,本申请可以有各种更改和变化。凡在本申请的精神和原理之内所作的任何修改、等同替换、改进等,均应包含在本申请的权利要求范围之内。The above descriptions are only examples of the present specification, and are not intended to limit the present application. For those skilled in the art, various modifications and changes may occur in this application. Any modification, equivalent replacement, improvement, etc. made within the spirit and principle of the present application shall be included within the scope of the claims of the present application.

Claims (17)

  1. 一种SQL语句风险检测方法,包括:A SQL statement risk detection method, comprising:
    获取目标对象对应的二进制文件,判断所述二进制文件是否包含对预设操作的调用;其中,所述预设操作是删除数据表或删除数据表中的数据的操作;Obtaining the binary file corresponding to the target object, and judging whether the binary file contains a call to a preset operation; wherein, the preset operation is an operation of deleting a data table or deleting data in a data table;
    若所述二进制文件包含对预设操作的调用,则判断用于执行所述预设操作的SQL语句是否存在条件约束语句;If the binary file includes a call to a preset operation, it is judged whether there is a conditional constraint statement in the SQL statement used to execute the preset operation;
    若用于执行所述预设操作的SQL语句不存在条件约束语句,则判断所述SQL语句存在风险。If the SQL statement used to execute the preset operation does not have a conditional constraint statement, it is determined that the SQL statement is risky.
  2. 如权利要求1所述的方法,所述方法还包括:The method of claim 1, further comprising:
    若用于执行所述预设操作的SQL语句存在条件约束语句,则判断所述条件约束语句是否存在永真情况;If there is a conditional constraint statement in the SQL statement used to execute the preset operation, then it is judged whether the conditional constraint statement is always true;
    若是,则判断所述SQL语句存在风险。If yes, it is determined that the SQL statement is risky.
  3. 如权利要求1所述的方法,判断所述二进制文件是否包含对预设操作的调用,包括:The method according to claim 1, judging whether the binary file contains calls to preset operations, comprising:
    判断所述二进制文件是否包含对目标SQL语句的调用;其中,所述目标SQL语句为用于执行预设操作的SQL语句;Judging whether the binary file includes a call to a target SQL statement; wherein, the target SQL statement is an SQL statement for performing a preset operation;
    根据所述二进制文件是否包含对目标SQL语句的调用,判断所述二进制文件是否包含对预设操作的调用。Whether the binary file includes a call to a preset operation is determined according to whether the binary file includes a call to a target SQL statement.
  4. 如权利要求3所述的方法,判断所述二进制文件是否包含对目标SQL语句的调用,包括:The method according to claim 3, judging whether the binary file contains a call to the target SQL statement, comprising:
    判断所述二进制文件中的函数是否调用了目标SQL语句;Judging whether the function in the binary file calls the target SQL statement;
    根据所述二进制文件中的函数是否调用了目标SQL语句,判断所述二进制文件是否包含对目标SQL语句的调用。According to whether the function in the binary file calls the target SQL statement, it is judged whether the binary file contains the call of the target SQL statement.
  5. 如权利要求4所述的方法,判断所述二进制文件中的函数是否调用了目标SQL语句,包括:The method according to claim 4, judging whether the function in the binary file calls the target SQL statement, comprising:
    对所述二进制文件中的任一函数,确定该函数对应的SQL调用ID;For any function in the binary file, determine the SQL call ID corresponding to the function;
    根据所述SQL调用ID对应的SQL语句是否为目标SQL语句,判断所述二进制文件中的该函数是否调用了目标SQL语句。According to whether the SQL statement corresponding to the SQL call ID is a target SQL statement, it is judged whether the function in the binary file calls the target SQL statement.
  6. 如权利要求4所述的方法,判断所述二进制文件中的函数是否调用了目标SQL语句,包括:The method according to claim 4, judging whether the function in the binary file calls the target SQL statement, comprising:
    建立所述二进制文件对应的数据库调用模型,所述数据库调用模型用于表征所述二 进制文件中的函数对SQL语句的调用关系;Set up the corresponding database calling model of described binary file, described database calling model is used for characterizing the calling relation of the function in described binary file to SQL statement;
    根据所述数据库调用模型判断所述二进制文件中的函数是否调用了目标SQL语句。It is judged according to the database calling model whether the function in the binary file calls the target SQL statement.
  7. 如权利要求6所述的方法,所述数据库调用模型包括下列的一项或多项:The method of claim 6, said database call model comprising one or more of the following:
    所述二进制文件中所调用的SQL语句的类型;The type of the SQL statement called in the binary file;
    所述二进制文件中所调用的SQL语句的SQL调用ID;The SQL call ID of the SQL statement called in the binary file;
    所述二进制文件中所调用的SQL语句对应的数据库表信息;The database table information corresponding to the SQL statement called in the binary file;
    所述二进制文件中所调用的SQL语句对应的数据库字段信息;The database field information corresponding to the SQL statement called in the binary file;
    所述二进制文件中所调用的SQL语句对应的程序变量字段信息。The program variable field information corresponding to the SQL statement called in the binary file.
  8. 如权利要求1至7中任一项所述的方法,判断所述二进制文件中的函数是否调用了目标SQL语句,还包括:The method according to any one of claims 1 to 7, judging whether the function in the binary file calls the target SQL statement, further comprising:
    建立所述二进制文件中的函数间调用关系;Establish a calling relationship between functions in the binary file;
    对所述二进制文件中的任一函数,根据所述函数间调用关系确定该函数的下级函数;其中,该函数的下级函数为该函数所调用的函数;For any function in the binary file, determine the subordinate function of the function according to the calling relationship between the functions; wherein, the subordinate function of the function is the function called by the function;
    若该函数的下级函数调用了目标SQL语句,则判断该函数调用了目标SQL语句。If the subordinate function of the function calls the target SQL statement, it is judged that the function calls the target SQL statement.
  9. 如权利要求8所述的方法,建立所述二进制文件中的函数间调用关系,包括:The method according to claim 8, establishing the calling relationship between functions in the binary file, comprising:
    建立所述二进制文件的中间表示图;building an intermediate representation of said binary file;
    基于所述中间表示图建立所述二进制文件中的函数间调用关系。The inter-function call relationship in the binary file is established based on the intermediate representation graph.
  10. 如权利要求2所述的方法,判断所述条件约束语句是否存在永真情况,包括:The method according to claim 2, judging whether there is an ever-true situation in the conditional constraint statement, comprising:
    建立所述二进制文件中的数据流转关系,根据所述数据流转关系判断所述条件约束语句是否存在永真情况。Establishing a data flow relationship in the binary file, and judging whether the conditional constraint statement is always true according to the data flow relationship.
  11. 如权利要求10所述的方法,根据所述数据流转关系判断所述条件约束语句是否存在永真情况,包括:The method according to claim 10, judging whether the conditional constraint statement is always true according to the data flow relationship, comprising:
    根据所述数据流转关系,确定所述条件约束语句对应的数据库字段的数据流转信息;According to the data flow relationship, determine the data flow information of the database field corresponding to the conditional constraint statement;
    根据所述数据流转信息判断所述数据库字段可能的赋值信息;judging possible assignment information of the database field according to the data flow information;
    根据所述赋值信息判断所述数据库字段是否存在永真的赋值;judging whether there is a permanent true assignment in the database field according to the assignment information;
    根据所述数据库字段是否存在永真的赋值,判断所述条件约束语句是否存在永真情况。According to whether there is a permanent true assignment in the database field, it is judged whether there is a permanent true condition in the conditional constraint statement.
  12. 如权利要求10或11所述的方法,建立所述二进制文件中的数据流转关系,包括:The method according to claim 10 or 11, establishing the data flow relationship in the binary file, comprising:
    建立所述二进制文件的中间表示图;building an intermediate representation of said binary file;
    基于所述中间表示图建立所述二进制文件中的函数间调用关系;establishing a calling relationship between functions in the binary file based on the intermediate representation;
    基于所述函数间调用关系建立所述二进制文件中的数据流转关系。The data flow relationship in the binary file is established based on the calling relationship between the functions.
  13. 如权利要求1或2所述的方法,所述SQL语句存在的风险为调用风险。The method according to claim 1 or 2, wherein the risk of the SQL statement is a call risk.
  14. 如权利要求1或2所述的方法,所述方法还包括:The method according to claim 1 or 2, said method further comprising:
    若判断所述SQL语句存在风险,则对存在风险的SQL语句进行定位和突出显示;或,将调用存在风险的SQL语句的函数进行定位和突出显示。If it is judged that the SQL statement is risky, then locate and highlight the risky SQL statement; or, locate and highlight a function that calls the risky SQL statement.
  15. 一种SQL语句风险检测装置,包括:A SQL statement risk detection device, comprising:
    调用分析模块,用于获取目标对象对应的二进制文件,判断所述二进制文件是否包含对预设操作的调用;其中,所述预设操作是删除数据表或删除数据表中的数据的操作;calling the analysis module, used to obtain the binary file corresponding to the target object, and judge whether the binary file contains a call to a preset operation; wherein, the preset operation is an operation of deleting a data table or deleting data in a data table;
    约束分析模块,用于若所述二进制文件包含对预设操作的调用,则判断用于执行所述预设操作的SQL语句是否存在条件约束语句;A constraint analysis module, configured to determine whether there is a conditional constraint statement in the SQL statement used to execute the preset operation if the binary file contains a call to the preset operation;
    风险分析模块,用于若用于执行所述预设操作的SQL语句不存在条件约束语句,则判断所述SQL语句存在风险。A risk analysis module, configured to judge that the SQL statement is risky if there is no conditional constraint statement in the SQL statement used to execute the preset operation.
  16. 一种SQL语句风险检测设备,包括:A SQL statement risk detection device, comprising:
    至少一个处理器;at least one processor;
    以及,as well as,
    与所述至少一个处理器通信连接的存储器;memory communicatively coupled to the at least one processor;
    其中,in,
    所述存储器存储有可被所述至少一个处理器执行的指令,所述指令被所述至少一个处理器执行,使所述至少一个处理器能够执行权利要求1至14中任一项所述的SQL语句风险检测方法。The memory stores instructions executable by the at least one processor, the instructions are executed by the at least one processor, enabling the at least one processor to perform the method described in any one of claims 1 to 14 SQL statement risk detection method.
  17. 一种计算机可读存储介质,所述计算机可读存储介质存储有计算机可执行指令,所述计算机可执行指令被处理器执行时实现权利要求1至14中任一项所述的SQL语句风险检测方法。A computer-readable storage medium, the computer-readable storage medium stores computer-executable instructions, and when the computer-executable instructions are executed by a processor, the SQL statement risk detection described in any one of claims 1 to 14 is implemented method.
PCT/CN2023/071226 2022-02-08 2023-01-09 Sql statement risk detection WO2023151436A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN202210119145.8 2022-02-08
CN202210119145.8A CN114547024A (en) 2022-02-08 2022-02-08 SQL statement risk detection method, device, equipment and medium

Publications (1)

Publication Number Publication Date
WO2023151436A1 true WO2023151436A1 (en) 2023-08-17

Family

ID=81673061

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2023/071226 WO2023151436A1 (en) 2022-02-08 2023-01-09 Sql statement risk detection

Country Status (2)

Country Link
CN (1) CN114547024A (en)
WO (1) WO2023151436A1 (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN117591542A (en) * 2024-01-18 2024-02-23 准检河北检测技术服务有限公司 Intelligent detection method for database software data security

Families Citing this family (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN114547024A (en) * 2022-02-08 2022-05-27 支付宝(杭州)信息技术有限公司 SQL statement risk detection method, device, equipment and medium
CN115729530B (en) * 2022-11-22 2023-07-04 壹沓科技(上海)有限公司 Cross-system logic statement generation method, device, storage medium and equipment

Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20160004517A1 (en) * 2014-07-01 2016-01-07 Bank Of America Corporation SOFTWARE DEVELOPMENT IMPROVEMENT TOOL - iREVIEW
CN110795450A (en) * 2019-09-12 2020-02-14 连连银通电子支付有限公司 SQL processing method and device
CN112395305A (en) * 2020-11-11 2021-02-23 中国人寿保险股份有限公司 SQL statement analysis method and device, electronic equipment and storage medium
CN113722347A (en) * 2021-02-10 2021-11-30 京东数字科技控股股份有限公司 Database management method and device, electronic equipment and storage medium
CN113792340A (en) * 2021-09-09 2021-12-14 烽火通信科技股份有限公司 Method and device for auditing logical logs of database
CN114547024A (en) * 2022-02-08 2022-05-27 支付宝(杭州)信息技术有限公司 SQL statement risk detection method, device, equipment and medium

Family Cites Families (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US8327327B2 (en) * 2007-03-21 2012-12-04 Carnegie Mellon University Method for statically checking an object-oriented computer program module
US8601016B2 (en) * 2011-08-30 2013-12-03 International Business Machines Corporation Pre-generation of structured query language (SQL) from application programming interface (API) defined query systems
US10002254B2 (en) * 2014-01-20 2018-06-19 Prevoty, Inc. Systems and methods for SQL type evaluation to detect evaluation flaws
WO2017049254A1 (en) * 2015-09-18 2017-03-23 Prevoty, Inc. Systems and methods for sql type and/or value evaluation to detect evaluation flaws
CN112039900B (en) * 2020-09-02 2022-08-26 平安科技(深圳)有限公司 Network security risk detection method, system, computer device and storage medium
CN113419740A (en) * 2021-06-22 2021-09-21 中国工商银行股份有限公司 Program data stream analysis method and device, electronic device and readable storage medium

Patent Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20160004517A1 (en) * 2014-07-01 2016-01-07 Bank Of America Corporation SOFTWARE DEVELOPMENT IMPROVEMENT TOOL - iREVIEW
CN110795450A (en) * 2019-09-12 2020-02-14 连连银通电子支付有限公司 SQL processing method and device
CN112395305A (en) * 2020-11-11 2021-02-23 中国人寿保险股份有限公司 SQL statement analysis method and device, electronic equipment and storage medium
CN113722347A (en) * 2021-02-10 2021-11-30 京东数字科技控股股份有限公司 Database management method and device, electronic equipment and storage medium
CN113792340A (en) * 2021-09-09 2021-12-14 烽火通信科技股份有限公司 Method and device for auditing logical logs of database
CN114547024A (en) * 2022-02-08 2022-05-27 支付宝(杭州)信息技术有限公司 SQL statement risk detection method, device, equipment and medium

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN117591542A (en) * 2024-01-18 2024-02-23 准检河北检测技术服务有限公司 Intelligent detection method for database software data security
CN117591542B (en) * 2024-01-18 2024-03-22 准检河北检测技术服务有限公司 Intelligent detection method for database software data security

Also Published As

Publication number Publication date
CN114547024A (en) 2022-05-27

Similar Documents

Publication Publication Date Title
WO2023151436A1 (en) Sql statement risk detection
US8739147B2 (en) Class isolation to minimize memory usage in a device
US7567257B2 (en) Partition-based undo of partitioned object graph
CN108415695A (en) A kind of data processing method, device and equipment based on visualization component
TW201914267A (en) Web application packet processing method, device and device
TWI723535B (en) Data calculation method and engine
US9116714B2 (en) Methods and systems for file processing
US20170220669A1 (en) Method and device for determining a category directory, and an automatic classification method and device
US20150106781A1 (en) Verification of uml state machines
US11176161B2 (en) Data processing method, apparatus, and device
CN111459573B (en) Method and device for starting intelligent contract execution environment
WO2023151440A1 (en) Program update processing
CN111324803A (en) Query request processing method and device of search engine and client
US9411560B2 (en) Error propagation
US20110247007A1 (en) Operators with request-response interfaces for data stream processing applications
US7861233B2 (en) Transparent context switching for software code
US10101920B2 (en) Disk I/O attribution
Salvia et al. Intents analysis of Android apps for confidentiality leakage detection
US11467867B2 (en) Long-term programmatic workflow management by executing a sequence of code blocks
US20230297353A1 (en) Intelligent data processing system with multi-interface frontend and backend
US11182149B2 (en) Just-in-time code patching
US20070174328A1 (en) Transparent context switching for software code
US10747512B2 (en) Partial object instantiation for object oriented applications
CN117591107A (en) Method, equipment and medium for fast rendering front-end interface
CN114090128A (en) Program running method, device, equipment and readable medium

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 23752216

Country of ref document: EP

Kind code of ref document: A1