Program safety method of testing and device
Technical field
The present invention relates to program test technology is and in particular to a kind of program safety method of testing and corresponding program safety
Test device.
Background technology
Program is before formally coming into operation it will usually the text of an annotated book part for load-on module utilizes and load-on module is kidnapped
Carry out safety test.
Above-mentioned load-on module be usually DLL (Dynamic Link Library, dynamic link library) or similar to
The other kinds of load-on module of DLL, such as suffix are load-on module of TPI etc..In the case that load-on module is for DLL, DLL's
Text of an annotated book part using typically refer to using DLL text of an annotated book part bypass fail-safe software master anti-load malice module, thus realize malice attack
Hit;DLL abduction typically refers to forge under operation program is currently located catalogue same with routine call (or startup) real DLL
The DLL of name, and the DLL forging by routine call and run in DLL function after, turn again to real DLL.Below to load
Module illustrates to program safety method of testing for as a example DLL.
At present, the program safety method of testing of the utilization for DLL text of an annotated book part and DLL abduction mainly includes the following two kinds:
Method one, after having write program code, by related tester (as white-box testing personnel etc.) to program source
Code is examined, is kidnapped with the utilization and DLL finding out the DLL text of an annotated book part causing due to writing carelessness from program source code
Leak.
Method two, decompiling is carried out to the program after compiling using decompiling instruments such as IDA, afterwards, by hacker or be
System safety engineer is targetedly debugged and is tested according to the increase income leak in storehouse of some announced.
Inventor finds in realizing process of the present invention, and said method one manually carries out program source code core by then passing through
Look into, it is generally not possible to verify to all branches in program, omission factor is higher and testing efficiency is relatively low;Meanwhile, by
It is not quite similar in performance under various system environmentss for the program, would generally still suffer from obscure in program source code after therefore verifying
Leak, improves omission factor further;Said method two needs tester to have powerful professional skill (as code analysis energy
Power etc.), and the method to equally exist testing efficiency relatively low and the problems such as omission factor is higher.
Content of the invention
In view of the above problems it is proposed that the present invention so as to provide one kind overcome the problems referred to above or at least in part solve on
State program safety method of testing and the device of problem.
According to one aspect of the present invention, there is provided a kind of program safety method of testing, main inclusion:Obtain tested program
Test assignment information, and obtain the load-on module in tested program history load record information;In described test assignment letter
On the basis of breath, load record information for each history and generate use-case and use-case attribute information respectively, use-case attribute is believed
Breath is the information needed for installation and operation use-case, and described use-case attribute information includes:All trials when load-on module is loaded
Load path information;According to described use-case attribute information installation and operation use-case, and described use-case is based on described all trials and loads
Routing information executes the loading operation of load-on module;Obtain use-case related to preset malice load-on module in running
Implementation procedure information;Judge that described tested program whether there is security breaches according to described implementation procedure information, and export judgement
Object information.
According to another aspect of the invention, there is provided a kind of program safety test device, including:First acquisition module,
It is suitable to obtain the test assignment information of tested program;Second acquisition module, is suitable to obtain going through of the load-on module in tested program
History loads record information;Use-case generation module, is suitable to, on the basis of described test assignment information, load for each history
Record information generates use-case and use-case attribute information respectively, and described use-case attribute information is the letter needed for installation and operation use-case
Cease, and described use-case attribute information includes:All trial load path information when load-on module is loaded;Installation and operation mould
Block, is suitable to according to described use-case attribute information installation and operation use-case, and described use-case is based on described all trial load path letters
The loading operation of breath execution load-on module;3rd acquisition module, is suitable to acquisition use-case and is added with preset malice in running
Carry the related implementation procedure information of module;Analysis module, be suitable to according to described implementation procedure information judge described by ranging
Sequence whether there is security breaches, and exports judged result information.
The program safety method of testing of the present invention and device are by using the history of test assignment information and load-on module
Load record information and generate use-case and use-case attribute information, and automatically install on the basis of use-case attribute information and run use
Example, as such, it is possible to tested by going out to the loading record information automatic decision of load-on module in the use-case running that gets
Program whether there is the security breaches related to preset malice load-on module;Thus the present invention effectively reduces program safety and surveys
Try the degree of dependence of the professional skill to tester itself it is achieved that automatically tested program is carried out with the purpose of safety test,
The final present invention improves program safety testing efficiency, and effectively reduces omission factor.
Described above is only the general introduction of technical solution of the present invention, in order to better understand the technological means of the present invention,
And can be practiced according to the content of description, and in order to allow the above and other objects of the present invention, feature and advantage can
Become apparent, below especially exemplified by the specific embodiment of the present invention.
Brief description
By reading the detailed description of hereafter preferred implementation, various other advantages and benefit are common for this area
Technical staff will be clear from understanding.The accompanying drawing of the present embodiment is only used for illustrating the purpose of preferred implementation, and is not regarded as
It is limitation of the present invention.And in whole accompanying drawing, it is denoted by the same reference numerals identical part.In the accompanying drawings:
Fig. 1 shows according to embodiments of the present invention one program safety method of testing flow chart;
Fig. 2 shows according to embodiments of the present invention two program safety method of testing flow chart;
Fig. 3 shows according to embodiments of the present invention three program safety test device schematic diagram.
Specific embodiment
It is more fully described the exemplary embodiment of the disclosure below with reference to accompanying drawings.Although showing the disclosure in accompanying drawing
Exemplary embodiment it being understood, however, that may be realized in various forms the disclosure and should not be by embodiments set forth here
Limited.On the contrary, these embodiments are provided to be able to be best understood from the disclosure, and can be by the scope of the present disclosure
Complete conveys to those skilled in the art.
Embodiment one, program safety method of testing.With reference to Fig. 1, the method for the present embodiment is described in detail.
In Fig. 1, S100, the test assignment information of acquisition tested program, and obtain going through of the load-on module in tested program
History loads record information.
Specifically, the program safety test of the present embodiment refers to the text of an annotated book part that whether there is load-on module in tested program
Using this security breaches and load-on module kidnap at least one in this security breaches tested.
The test assignment information of the tested program in the present embodiment is mainly used in describing the concrete of this program safety test
Content;This test assignment information mainly includes:The identification information of tested program, the identification information of test object, test object
Species, test mode, the unfolding mode (being referred to as the method for operation or the Starting mode of test object) of test object, survey
The information such as the system platform of the operational factor of examination object and tested program.In addition, above-mentioned test assignment information can also include:
The test prioritization of test object, the installation kit storage address of use-case, the scripted code bag of the automatic program execution test of use-case
Storage address and use-case operation result send address etc..
The identification information of above-mentioned tested program can be for being test for application name, such as 360 security guards etc.;Above-mentioned
The identification information of test object can be the filename of executable file being test in application program or load-on module
Title etc., and the identification information of this test object can also be with representing lacking of all/multiple programs in tested program installation kit
Apostrophe etc. is representing;The species of above-mentioned test object can for executable file type or load-on module (as DLL or
TPI) type etc.;Above-mentioned test mode can be the text of an annotated book part of load-on module utilizes and/or load-on module is kidnapped etc., above-mentioned test
The unfolding mode of object can open the method for operation or with order line band parameter method of operation etc. for double mouse click;Above-mentioned test
The operational factor of object is design parameter entrained by order line etc.;The system platform of above-mentioned tested program refers to that tested program is transported
The system environmental information (such as win7_32_sp1, xp_32_sp3 etc.) of row;The test prioritization of above-mentioned test object is used for representing
The degree that test object is preferentially executed in carrying out security testing process;The installation kit storage address of above-mentioned use-case can be clear and definite
The installation kit representing use-case concrete storage location;The scripted code bag storage of the automatic program execution test of above-mentioned use-case
Address can clearly represent the concrete storage location that use-case carries out the scripted code bag of program test automatically;Above-mentioned use-case fortune
Row result sends address and can clearly represent the object information of use-case operation (as loading list or load-on module are surveyed safely
Pinged/do not passed through information etc.) position that stored;Executable file in the present embodiment such as suffix is file of .exe etc..
In the present embodiment obtain tested program test assignment information mode can have multiple, for example, user pass through survey
Trial business setting screen input corresponding information and/or the corresponding option of selection, and by hit testing task setting screen
The mode such as " submission test assignment " button submitting test assignment to, such that it is able to successfully get the test assignment of tested program
Information;Again for example, transmitted by file or message transmission etc. mode and obtain the test assignment information of tested program.
The present embodiment disaggregatedly can be arranged to it after getting test assignment information, thus forming survey
Examination program listing, system platform list of test mode list, parameter list and tested program etc., to facilitate follow-up safety
Test operation.
Load-on module in the present embodiment refers to that itself can not voluntarily run, and needs by the loading of process etc.
The program module that can run;Load-on module in the present embodiment typically refers to DLL and (is referred to as the loading mould of DLL type
Block) it is also possible to be analogous to the other types load-on module of DLL, the such as load-on module for TPI for the suffix (is referred to as TPI class
The load-on module of type) etc..
Because the present embodiment is the safety test realized based on use-case for the load-on module in tested program, because
This, need to know that the history of the load-on module in tested program loads record information, with the basis of test assignment information, pin
To corresponding load-on module, record information is loaded according to corresponding history and forms corresponding use-case.
History in the present embodiment loads record information and includes:The progress information of start-up loading module, start-up loading module
Start-up parameter and process start-up loading module post-loaded module loading list etc.;Wherein, the entering of start-up loading module
Journey information refers to start one or more process of certain load-on module in tested program;The start-up parameter of start-up loading module
Refer to that one or more process starting certain load-on module in tested program is starting the ginseng being used during this load-on module
Number;The list that loads of load-on module refers to loading, by tested program, the complete trails information institute group being used during each load-on module
The list becoming.
In the present embodiment, the mode obtaining the history loading record information of the load-on module in tested program mainly includes
The following two kinds:
Mode one, obtained by data base querying;Which mainly for the test object in test assignment information be by
The situation of the load-on module in ranging sequence.
Specifically, the history of the multiple load-on modules being previously stored with data base in tested program loads record information,
After getting the test assignment information of tested program, the kind of information of the test object in this test assignment information can be entered
Row judges, in the case that some in determining this test object or some test objects are load-on module, for plus
Carry the test object of module type, the history that can obtain this load-on module by way of directly searching from data base loads
Record information, for example, the name of load-on module is referred to as search keyword, searches and this loading from the information of database purchase
The corresponding all history of title of module load record information.
Mode two, by early stage use-case run obtain;Which mainly for the test object in test assignment information is
The situation of the executable file in tested program.
Specifically, after getting the test assignment information of tested program, right according to the test in this test assignment information
The kind of information of elephant is judged, some in determining this test object or some test objects are executable literary composition
In the case of part, for the test object of executable file type, first according to test assignment information generation early stage use-case and front
Phase use-case attribute information, then, installs and runs early stage use-case according to early stage use-case attribute information, and the fortune in early stage use-case
During row, obtain the loading record information of the load-on module being activated, the loading record information that these get can conduct
The history of corresponding load-on module loads record information.
It should be strongly noted that the loading record information being obtained by the operation of early stage use-case can simultaneously serve as going through
History loads record information and is stored in data base, in order to, in aforesaid way one, the test in test assignment information is right
Load record information as during for load-on module type, can successfully get corresponding history from data base.
Above-mentioned early stage use-case attribute information is the information needed for early stage use-case installation and operation.Early stage use-case attribute information also may be used
To be referred to as the information needed for early stage use-case installation and operation or the information related to early stage use-case installation and operation;Early stage use-case attribute
Information generally includes:The installation kit storage address (as the installation kit download address of early stage use-case) of early stage use-case, early stage use-case
The scripted code bag storage address (being such as properly termed as the code bag download address of early stage use-case) of automatic program execution test, early stage
(i.e. the execution of early stage use-case is attached for system platform information, early stage use-case number of retries and the early stage use-case operational factor that use-case runs
Plus parameter) etc.;In addition, this early stage use-case attribute information can also include:The test prioritization of early stage use-case and early stage use-case
Operation result sends address etc.;The installation kit storage address of above-mentioned early stage use-case is by the installation of the use-case in test assignment information
Bag storage address forms or is formed by default value setting;The scripted code bag of the automatic program execution test of above-mentioned early stage use-case
Storage address be by the use-case in test assignment information automatic program execution test scripted code bag storage address formed or
Person is formed by default value setting;The system platform information that above-mentioned early stage use-case runs is by the tested program in test assignment information
System platform (as win7_32_sp1 or win8_64_sp1 etc.) formed;Above-mentioned early stage use-case number of retries refers to that early stage is used
Example runs the number of times of early stage use-case when running unsuccessfully again, that is, for can not smoothly the early stage use-case of returning result need to transport again
The number of times of row, operation failure here can not meet expected or early stage use-case execution time-out etc. for early stage use-case result;And
Above-mentioned early stage use-case number of retries can be formed (that is, test is appointed by the use-case number of retries in test assignment information
This information of use-case number of retries can be included in business information), early stage use-case number of retries can also be arranged according to default value
Formed;Above-mentioned early stage use-case execution additional parameter refers to some custom fields, that is, except the installation kit of early stage use-case downloads ground
Location, the code bag download address of early stage use-case, early stage use-case run system platform information and early stage use-case number of retries it
Outer self-defined information, these self-defined informations are the scripted code bags of the automatic program execution test of early stage use-case before operation
The field using is needed during phase use-case;And early stage use-case execution additional parameter can by test assignment information by ranging
The identification information of sequence, the identification information of test object, the species of test object, test mode, test object unfolding mode with
And the operational factor of test object is formed;The test prioritization of above-mentioned early stage use-case is used for representing what early stage use-case was preferentially executed
Degree, the test prioritization of early stage use-case can be formed by the test prioritization of the test object in test assignment information.Above-mentioned
Early stage use-case operation result send the loading record information that address refers to obtained in early stage use-case implementation procedure should transmit to
Specific address information, this early stage use-case operation result send address can be a URL (Uniform Resource
Locator, URL), early stage use-case operation result sends address and can be transported by the use-case in test assignment information
Row result sends address and is formed, it would however also be possible to employ default value mode is arranging.
Above-mentioned early stage use-case and early stage use-case attribute information are generated according to test assignment information can be:Execution is corresponding
Packaging operation, to generate the scripted code bag of the installation kit of use-case and the automatic program execution test of use-case, and according in advance
The use-case form setting and the form of use-case attribute information utilize test assignment information to generate early stage use-case and early stage use-case
Attribute information.The installation kit of above-mentioned early stage use-case generally includes:The installation file of use-case and the installation file for use-case
Installation script code (for executing the installation file of use-case).The scripted code bag of the automatic program execution test of above-mentioned use-case leads to
Often include:The scripted code (for executing use-case) of the automatic program execution test of use-case.The installation file of above-mentioned use-case, installation
The scripted code of the automatic program execution test of scripted code and use-case is all the code writing in advance, and, use-case
The scripted code of the automatic program execution test of installation file, installation script code and use-case goes for all of use
Example.The form of above-mentioned use-case form set in advance and use-case attribute information can be set according to practical situation by tester
Put, the embodiment of the present invention does not limit the concrete manifestation form of the form of use-case form and use-case attribute information.
Above-mentioned installed according to early stage use-case attribute information and run early stage use-case and can be specially:From early stage use-case attribute
The installation kit storage address of early stage use-case, and the installation kit according to this storage address download early stage use-case is obtained in information, then,
Installation script code in the installation kit of execution use-case, thus installation script code executes the installation operation of the installation kit of use-case;
Obtain the scripted code bag storage address of the automatic program execution test of use-case from early stage use-case attribute, according to this storage address
Download the scripted code bag of the automatic program execution test of use-case, and execute the scripted code of the automatic program execution test of use-case
Scripted code in bag.
The present embodiment can obtain the loading record information in early stage use-case running, example using existing instrument
As the present embodiment can obtain early stage use-case in fortune using the process monitoring instrument (process monitor) of Microsoft
Loading record information to load-on module during row.
The corresponding record information that loads of early stage use-case can load record information as history, and the present embodiment can basis
Early stage use-case operation result in early stage use-case attribute information sends address and is stored in history loading record information accordingly
History at position, and then this position loads information-recording and can be summarized in corresponding data base.In addition, history loads note
Record information generally should be stored in data base according to storage format set in advance, and can also store test assignment in data base
The content related to test such as information and corresponding test result information.
S110, on the basis of above-mentioned test assignment information, load record information for each history and generate use respectively
Example and use-case attribute information.
Specifically, in order to distinguish description, mentioned early stage use-case in S100 step is properly termed as a phase use-case, and this step
Use-case in rapid " load record information for each history and generate use-case and use-case attribute information respectively " is properly termed as
The second stage of use-case, and use-case attribute information therein is properly termed as the second stage of use-case attribute information.
The second stage of use-case attribute information is that the information needed for installation and operation second phase use-case installs fortune it is also possible to be referred to as the second stage of use-case
The required information of row or the information related to the second stage of use-case installation and operation.
The second stage of use-case attribute information in the present embodiment at least should include:All trials when load-on module is loaded load
Routing information (is referred to as the complete trails information of load-on module), and the second stage of use-case attribute information in the present embodiment is generally also
Including:The installation kit storage address (as the installation kit download address of the second stage of use-case) of the second stage of use-case, the automatic execution of the second stage of use-case
The scripted code bag storage address (being such as properly termed as the code bag download address of the second stage of use-case) of program test, the second stage of use-case run
System platform information, the second stage of use-case number of retries and the second stage of use-case operational factor (i.e. the second stage of use-case execution additional parameter)
Deng;In addition, this second stage of use-case attribute information can also include:The test prioritization of the second stage of use-case and the second stage of use-case operation result
Send address etc..
Above-mentioned load path information is to load the record list in record information by history to be formed;The peace of above-mentioned second phase use-case
Dress bag storage address can be formed it is also possible to by early stage use-case by the installation kit storage address of the use-case in test assignment information
Installation kit download address is directly formed;The scripted code bag storage address of the automatic program execution test of above-mentioned second phase use-case is permissible
Formed it is also possible to by early stage by the scripted code bag storage address of the automatic program execution test of the use-case in test assignment information
The code bag download address of use-case is directly formed;The system platform information that above-mentioned second phase use-case runs can be by test assignment information
In tested program system platform (as win7_32_sp1 or win8_64_sp1 etc.) formed it is also possible to be transported by early stage use-case
The system platform information of row is directly formed;Above-mentioned second phase use-case number of retries runs two when referring to that the second stage of use-case runs unsuccessfully again
The number of times of phase use-case, that is, for the second stage of use-case of smooth returning result needing the number of times that runs again, operation here is lost
Lose and can not meet expected or the second stage of use-case execution time-out etc. for the second stage of use-case result;And above-mentioned second phase use-case number of retries can
To be formed (that is, use-case weight can be included in test assignment information by the use-case number of retries in test assignment information
Examination this information of number of times), the second stage of use-case number of retries can also arrange according to default value and be formed, and can also be retried by early stage use-case
Number of times is directly formed;Above-mentioned second phase use-case execution additional parameter refers to some custom fields, that is, except the installation of the second stage of use-case
System platform information and the second stage of use-case weight that bag download address, the code bag download address of the second stage of use-case, the second stage of use-case run
Self-defined information outside examination number of times, these self-defined informations are the scripted code bags of the automatic program execution test of the second stage of use-case
The field of required use during running the second stage of use-case;And second phase use-case execution additional parameter can be executed by early stage use-case
Additional parameter is directly formed;The test prioritization of above-mentioned second phase use-case is used for representing the degree that the second stage of use-case is preferentially executed, two
The test prioritization of phase use-case can be formed it is also possible to by early stage by the test prioritization of the test object in test assignment information
The test prioritization of use-case is directly formed.Above-mentioned second phase use-case operation result sends address and refers in the second stage of use-case implementation procedure
The loading record information being obtained should transmit to specific address information, it can be one that this second stage of use-case operation result sends address
Individual URL, the second stage of use-case operation result sends address and can be formed by the use-case operation result transmission address in test assignment information,
Can also directly be formed by the second stage of use-case operation result transmission address or to be arranged using default value mode.
Seen from the above description, the second stage of use-case attribute information is essentially identical with a phase use-case attribute information, simply in a phase
The complete trails information of load-on module is increased on the basis of use-case attribute information.
Implement process for what each history loaded that record information generates use-case and use-case attribute information respectively
Refer to the above-mentioned description generating early stage use-case and early stage use-case attribute information according to test assignment information, both difference bags
Include:Preset malice load-on module is driven in the scripted code bag of automatic program execution test of use-case.Above-mentioned is preset
Malice load-on module is the code writing in advance.
S120, according to use-case attribute information installation and operation use-case, and use-case be based on all trial load path information execution
The loading operation of load-on module.
Specifically, this step " according to use-case attribute information installation and operation use-case, and use-case be based on all attempt load roads
Use-case in the loading operation of footpath information execution load-on module " can be described as the second stage of use-case, and use-case attribute information therein is permissible
Referred to as the second stage of use-case attribute information.
The process of the installation and operation use-case in this step can be:The second stage of use-case is obtained from the second stage of use-case attribute information
Installation kit storage address, obtains the installation kit of the second stage of use-case, and executes the installation in the installation kit of use-case according to this storage address
Scripted code, thus installation script code runs the installation file in the installation kit of use-case, to install the second stage of use-case;Use from the second phase
Obtain the scripted code bag storage address of the automatic program execution test of use-case in example attribute, use-case is obtained according to this storage address
Automatic program execution test scripted code bag, execution use-case automatic program execution test scripted code bag in script
Code, preset malice load-on module can be positioned in corresponding path for the execution of scripted code, and use example is based on and owns
Attempt the loading operation that load path information executes load-on module.
Related to the preset malice load-on module implementation procedure information in running of S130, acquisition use-case.
Specifically, " related to the preset malice load-on module execution in running of acquisition use-case of this step
Use-case in journey information " can be described as the second stage of use-case.The present embodiment can be obtained the second stage of use-case and run using existing instrument
Implementation procedure information in journey, for example, the present embodiment can utilize the process monitoring instrument (process of Microsoft
Monitor) obtaining implementation procedure information in running for the second stage of use-case, this implementation procedure information includes:To loading mould
The loading record information of block.
Because the preset malice load-on module in the present embodiment can write predetermined labels during being performed, therefore,
Implementation procedure information with predetermined labels is the implementation procedure information related to preset malice load-on module.In addition, such as
There is the loading record information of preset malice load-on module in fruit implementation procedure information, then this loading record information be also with advance
The implementation procedure information of the malice load-on module correlation put.
S140, judge that according to implementation procedure information tested program whether there is security breaches, and export judged result information.
Specifically, the present embodiment can be by judging the implementation procedure information related to preset malice load-on module Lai really
Make tested program and whether there is security breaches;For example, be may determine that according to the predetermined labels that preset malice module writes
There is more serious safety problem in tested program;Again for example, permissible according to the loading record information of preset malice load-on module
Judge that tested program has potential safety hazard.
Further, the present embodiment can also judge that tested program has the concrete position of safety problem and potential safety hazard
Put, for example, it is possible to judge that the implementation procedure information with predetermined labels is which use-case occurs in running, and root
Can judge that tested program has the particular location of safety problem and potential safety hazard according to this use-case.
The present embodiment can production process test on the basis of the content such as test assignment information and implementation procedure information
Result is reported, and routine test results report is sent to presumptive address.This presumptive address can by test assignment information Lai
Arrange, that is, test assignment information can include this content of transmission address of routine test results report.
Embodiment two, program safety method of testing.
The program safety method of testing of the present embodiment is by server (following referred to as Brixs kidnap server), foreground
Module, automatic push interface module, data base access module (including data base in interior data base access module), use-case
Execution platform and multiple distributed virtual machine are realizing.
With reference to Fig. 2, the operation performed by all parts in the present embodiment is illustrated respectively.
(1), Brix is with kidnapping server
Brix abduction server is the core component that the present embodiment realizes program safety test.Brix is with kidnapping server
Performed operation mainly includes:
1st, provide the test assignment information of history tested program for desk module, so that desk module can be shown to user
Corresponding test assignment setting and the submission page, thus facilitate user to be directed to tested program arrange corresponding test assignment information;
Brix can be arranged to the test assignment information of user setup with kidnapping server, the test assignment of user setup is believed
Breath is disaggregatedly arranged, and such as can obtain test program list, test mode list, parameter list and system platform
List etc., to facilitate follow-up test operation;Wherein, generally include one or more needs in test program list to be surveyed
The corresponding relation of the identification information of the identification information of tested program of examination and corresponding test object, the such as title of tested program and quilt
The corresponding pass of the title of the title of certain or some executable files in ranging sequence and certain or some load-on modules
System etc.;Test mode list is generally used for representing that each of test program list test object is by text of an annotated book part using survey
Examination is also by load-on module and kidnaps test, also or simultaneously carries out text of an annotated book part and kidnaps test using test and load-on module;
Parameter list is generally used for representing the method for operation (the i.e. unfolding mode or open of each of test program list test object
Flowing mode) and corresponding operational factor;System platform list is generally used for representing each of test program list test
Object executes, in use-case, the system environmental information (as win7_32_sp1 or win8_64_sp1 etc.) that platform runs.
2nd, receive desk module or automatic push interface module transmits the test assignment information of the tested program come, and dock
The test assignment information receiving is arranged, and the test assignment information receiving disaggregatedly is arranged, such as permissible
Obtain test program list, test mode list, parameter list and system platform list etc., to facilitate follow-up test to grasp
Make.
3rd, the test object in test program list includes this loading mould that itself can not start of DII or TPI
In the case of block, Brix abduction server also needs to the database purchase according to test object mark from data base access module
History load in record information and inquired about, inquire about obtained history and load record information can represent in tested program
Start one or more process (or even all processes) of the such test object of DII or TPI, each process initiation
Produced loading after the start-up parameter of the such test object of DII or TPI and each process initiation DII or TPI
List etc..
Brix kidnaps the basis that server can load record information in test assignment information and the history inquiring
Upper generation use-case and use-case attribute information;Here use-case is the second stage of use-case described in above-described embodiment.Brix is kidnapped
The second stage of use-case and the second stage of use-case attribute information are submitted to use-case execution platform by server.
It should be strongly noted that Brix kidnaps server not needing for the load-on module that itself can not voluntarily start
Generate a phase use-case and a phase use-case attribute information, but directly generate the second stage of use-case and the second stage of use-case attribute information, in vain
Referred to described below using the process kidnapping the second stage of use-case of server generation and use-case attribute information.
4th, the test object in test program list includes the situation of executable file (as the file for exe for the suffix)
Under, Brix is kidnapped server and directly can be generated early stage use-case and early stage use-case according to the test assignment information that it receives
Attribute information, and early stage use-case and early stage use-case attribute information are submitted to use-case execution platform.Here early stage use-case is
A phase use-case described in above-described embodiment.
One main purpose of the phase use-case in the present embodiment includes:Process monitor using Microsoft etc.
The test object (as certain exe file) of the executable file type of instrument dynamic access tested program is directed in the process of implementation
The loading list of load-on module.The loading list that test assignment information and above-mentioned dynamic access arrive can be used as generating the second phase
Example and the Back ground Information of the second stage of use-case attribute.
Brix kidnaps the progress information loading list and start-up loading module that its dynamic access can be arrived by server
Load the data base that record information is stored in data base access module with the start-up parameter of start-up loading module together as history
In.
Brix kidnap server generate a phase use-case a detailed process can be:Brix with kidnap server according to
The identification information of the tested program in test assignment information, the identification information of test object, the species of test object, test side
Formula, the unfolding mode (being referred to as the method for operation or the Starting mode of test object) of test object, the fortune of test object
Line parameter, the test prioritization of test object, the installation kit storage address of tested program, the script generation of automatic program execution test
The information such as the system platform of code bag storage address and tested program carry out corresponding packing process, to form distributed virtual machine
Run the installation kit of use-case and use-case automatic perform script code bag, and simultaneously generate use-case installation kit URL with
And the URL of the scripted code bag of automatic program execution test of use-case.
Above-mentioned packing processing procedure such as the installation script generation of the installation file by the installation file of use-case and for use-case
Code is packed, and this bag is stored in precalculated position, for another example by the automatic execution of preset malice load-on module and use-case
The scripted code of program test is packed.
The installation script code of the installation file of above-mentioned use-case is used for executing the installation file of use-case, and the installation literary composition of use-case
The installation script code of part is the code writing in advance.The scripted code of the automatic program execution test of above-mentioned use-case is used for holding
Row use-case, and the scripted code of the automatic program execution test of use-case is the code writing in advance.
In addition, above-mentioned two URL (i.e. download link information) is believed as a phase use-case attribute by Brix with kidnapping server
One of breath attribute.One phase use-case attribute information is that use-case executes platform required some during execution one phase use-case
Information;One phase use-case attribute information mainly includes:The installation kit download address of one phase use-case, the code bag of a phase use-case download ground
Location, the system platform information of a phase use-case operation, a phase use-case number of retries, a phase use-case execution additional parameter, a phase use-case
Test prioritization and a phase use-case operation result send address etc..
One phase use-case executes after terminating on distributed virtual machine, and Brix is kidnapped server and can be received distributed virtual
Machine executes, by use-case, the startup ginseng loading list, the progress information of start-up loading module and start-up loading module that platform returns
Number etc., after the completion of a phase use-case of the test object of all executable file types of measurand is performed both by, Brix is robbed
Hold server and can collect and more comprehensively load list, the opening of the progress information of start-up loading module and start-up loading module
Dynamic parameter etc., Brix kidnap server can be collected load list, the progress information of start-up loading module and
Start-up parameter of start-up loading module etc. is transferred to data base access module as history loading record information and is stored in data base
In.
5th, Brix is kidnapped server and is collected all each loading record informations loading in record information for it
Generate the second stage of use-case and the second stage of use-case attribute information respectively, and the second stage of use-case and the second stage of use-case attribute information are committed to use
Example execution platform.The second stage of use-case attribute information in the present embodiment is substantially identical with a phase use-case attribute information, simply one
The complete trails information of load-on module is increased on the basis of phase use-case attribute information.
The main purpose of the second stage of use-case in the present embodiment includes:Check test object implementing result whether include with
The related implementation procedure information of preset malice load-on module, this implementation procedure information such as execution flag of malice load-on module or
The path of person's malice load-on module whether there is medium in loading list.
It should be strongly noted that preset malice load-on module can be packaged in second phase use by Brix abduction server
In the automatic perform script code bag of example, and preset malice load-on module is that tester writes setting in advance.
6th, Brix receives, with kidnapping server, all second phase use-cases that distributed virtual machine executes platform return by use-case
Execution result information, and test report is generated according to the execution result information of the second stage of use-case, afterwards, Brix is with kidnapping server
Test report is supplied to user, for example, Brix is kidnapped server, in the way of mail, test report issued corresponding use
Family;Again for example, test report is passed through desk module to user's displaying with kidnapping server by Brix.
The content of the test report in the present embodiment mainly includes:The explanation of testing procedure, the details of test assignment,
Summary description to the test result of each test program and detailed report content;Wherein, above-mentioned test assignment is detailed
Information mainly includes:Test assignment ID, test mode, the system platform of tested program, the installation package informatin of tested program and
Execution time of test assignment etc.;The summary description of above-mentioned test result mainly includes:Information (the name as tested program of program
Claim, version and digital signature etc.), the operational factor of the method for operation of test object and test object, test object is carried out
That tests takes, whether finds security breaches (testing unsanctioned load-on module etc. as being set out) and detailed report content
Link address information etc.;Above-mentioned detailed report content would generally be by the test of each load-on module of the loading list of tested program
Result all is enumerated out, as the load-on module passing through test and the unsanctioned load-on module of test all are enumerated out.
(2), desk module
Desk module has provided the user and has arranged the test assignment information of tested program for it by hand and kidnap to Brix
Server submits the page of test assignment to.Desk module can also provide the user test assignment query page, to check test
The test mode of task;Test mode completes or just in testing or do not test as tested.Desk module is acceptable
Provide the user the test result display page, to facilitate user to check the test result of tested program.
Test assignment setting and the survey submitting page craft setting tested program to that user can be shown by desk module
Each concrete value in examination mission bit stream, such as can arrange program installation kit title, the test journey needing to be tested
Designated program in sequence installation kit, the method for operation of designated program and operational factor, the test mode of designated program and according to
E-mail recipient's information of test report that test result generates etc..
The task list page that user can be shown by desk module checks that history test assignment information, history test are appointed
Link information of detailed report content of the execution state of business and test etc..
(3), automatic push interface module
When the designated program that automatic push interface module is mainly used in the tested program having carried out testing updates,
By corresponding test assignment information pushing to Brix with kidnapping server, so that Brix is kidnapped server and can be directed to specified journey
Automatization's safety test that text of an annotated book part utilizes and load-on module is kidnapped is realized in the renewal of sequence.
Specifically, in the case that the designated program in tested program updates, automatic push interface module can receive
To test request, in test request, carry test assignment information, automatic push interface module parses to test request, with
Analytically obtain test assignment information in result;The test assignment information transfer that automatic push interface module is got is given white
Using kidnapping server, making Brix kidnap server can be according to the follow-up operation of this test assignment information execution.
(4), data base access module
Data base can be included, data base access module is mainly used in data base is written and read in data base access module
Operation, makes the storage information related to program safety test in data base, and according to Brix with kidnapping the query demand of server
Search from data base and read corresponding information, lookup result is returned to Brix and kidnaps server.
In data base, the information of storage can include:The identification information of tested program, the such as installation kit of tested program
Digital signature of md5, the version number of tested program and tested program etc..The identification information of tested program be mainly used in showing with
The tested program belonging to other data of its common storage.
In data base, the information of storage can also include:The history test assignment information of tested program and history load note
Record information etc..The history test assignment information of tested program can be used for the history test query of tested program it is also possible to be used for
Form test report of tested program etc..The history of tested program loads record information and is primarily used to form the second stage of use-case and two
The attribute information of phase use-case.
In data base, the information of storage can also include:The renewal listed files of tested program.Update listed files permissible
History test query for tested program is it is also possible to be used for forming test report of tested program etc..
In data base, the information of storage can also include:The test result information of program safety test.Test result information
It is primarily used to form test report of tested program etc..
In the case that certain tested program did not carried out safety test (original state), this tested program pair in data base
The progress information of start-up loading module in the history loading record information answered, the start-up parameter of start-up loading module and loading
List is usually sky;And with being the safety test of each executable file in this tested program to test object, data base
In history load the progress information of start-up loading module in record information, the start-up parameter of start-up loading module and loading
List all can constantly be enriched perfect, so, is that load-on module in this tested program carries out safety test in test object
When, Brix is kidnapped server and can be found the progress information of corresponding start-up loading module, start-up loading from data base
The information such as the start-up parameter of module and loading list.
(5), use-case execution platform
Use-case execution platform is mainly used in the resource of each distributed virtual machine is managed, and dialogue is using the service of kidnapping
The use-case that device transmission comes is distributed dispatching, and such as use-case execution platform is received according to the use-case attribute information that it receives
Use-case distribute to corresponding distributed virtual machine, in order to this use-case is executed by this distributed virtual machine.
The principle that use-case execution platform is distributed to use-case dispatching can include:Run according to the use-case in use-case attribute
System platform information distributing corresponding virtual machine;The principle of this distribution scheduling can also include:Many for submit to simultaneously
For individual use-case, distribute corresponding virtual machine according to the test prioritization in use-case attribute for use-case, and have reusable
The virtual machine of snapshot can distribute to the high use-case of test prioritization;In addition, the principle of this distribution scheduling can also include:For
For the multiple use-cases successively submitted to, the use-case with different test prioritizations can be preferably the high use-case of test prioritization and divides
Join virtual machine.The principle that use-case execution platform is distributed to use-case dispatching can be arranged according to the actual requirements, the present embodiment
Do not limit the concrete manifestation form of this principle.
(6), distributed virtual machine
Distributed virtual machine in the present embodiment is referred to as executing test script module.Distributed virtual machine is mainly used
In execution use-case, and obtain use-case execution result information.
Operation performed by distributed virtual machine mainly includes as follows:
1st, the preparation of use-case performing environment, the such as installation kit for use-case execute installation operation of use-case etc.;Specifically, divide
Cloth virtual machine obtains the installation kit storage address (as URL1) of use-case from use-case attribute information, and according to this storage address
(as URL1) downloads the installation kit of use-case, and then, distributed virtual machine executes the installation script code in the installation kit of use-case, from
And installation script code executes the installation operation of the installation kit of use-case.
2nd, execute a phase use-case, and obtain all of loading list in a phase use-case implementation procedure;Specifically, distributed
Virtual machine can obtain the scripted code bag storage address of the automatic program execution test of use-case (such as from a phase use-case attribute
URL2), and according to URL2 download the scripted code bag of the automatic program execution test of use-case;Distributed virtual machine was used according to former
Test mode in example attribute is arranging the filter in the process monitor instrument of Microsoft, afterwards, distributed virtual machine
Scripted code in the scripted code bag of automatic program execution test of execution use-case, and by using being provided with filter
Process monitor instrument can successfully obtain loading list.
3rd, the progress information of start-up loading module and start-up loading module are analyzed according to the list that loads that it gets
Start-up parameter information.
4th, execute the second stage of use-case, and obtain all of with preset malice load-on module phase in the second stage of use-case implementation procedure
The implementation procedure information closed;Specifically, distributed virtual machine can be arranged according to the test mode in the second stage of use-case attribute micro-
Filter in soft process monitor instrument, afterwards, distributed virtual machine is by using being provided with filter
Process monitor instrument can successfully obtain the related implementation procedure information of all to preset malice load-on module;It
Afterwards, distributed virtual machine can carry out the judgement of test result according to the implementation procedure information that it gets;For example, judge preset
Malice load-on module path whether there is in the loading list getting, if present in load list in, then permissible
Learn that tested program attempts to load this malice load-on module, thus may determine that test object has potential safety hazard, should be to survey
Examination personnel send corresponding information warning;Again for example, judge to whether there is in implementation procedure information and make a reservation for write labelling, this makes a reservation for write
Labelling is to be write by preset malice load-on module, writes labelling if there is predetermined, then can learn that this preset malice adds
Successfully tested object is loaded to carry module, thus may determine that test object has security breaches, that is, tests and do not pass through.
5th, by the implementing result of a phase use-case (as loaded list, the progress information of start-up loading module and start-up loading mould
Start-up parameter information of block etc.) and the second stage of use-case implementing result (as loaded list and above-mentioned judgement test result information
Deng) Brix abduction server is returned to by use-case execution platform.
Embodiment three, program safety test device.With reference to Fig. 3, the program safety test device of the present embodiment is carried out
Explanation.
Device shown in Fig. 3 is mainly used in utilizing this safety to the text of an annotated book part that whether there is load-on module in tested program
Leak and load-on module kidnap in this security breaches at least one carry out safety test;And this device mainly wraps
Include:First acquisition module 300, the second acquisition module 310, use-case generation module 320, installation and operation module the 330, the 3rd obtain mould
Block 340 and analysis module 350.
First acquisition module 300 is primarily adapted for obtaining the test assignment information of tested program;The survey of tested program therein
Examination mission bit stream is mainly used in describing the particular content of this program safety test;This test assignment information mainly includes:Tested
The identification information of program, the identification information of test object, the species of test object, test mode, the unfolding mode of test object,
The information such as the system platform of the operational factor of test object and tested program.In addition, above-mentioned test assignment information can also be wrapped
Include:The test prioritization of test object, the installation kit storage address of use-case, the scripted code of the automatic program execution test of use-case
Bag storage address and use-case operation result send address etc..
The mode that first acquisition module 300 obtains the test assignment information of tested program can have multiple, and for example, first obtains
Delivery block 300 provides a user with test assignment setting screen, and user can input corresponding information and/or selection in this picture
Corresponding option, the mode such as " submission test assignment " button in user's hit testing task setting screen to submit to test to appoint
During business, the first acquisition module 300 successfully gets the test assignment information of tested program;Again for example, the first acquisition module 300 leads to
Cross the test assignment information that the mode such as file transmission or message transmission obtains tested program.
First acquisition module 300, after getting test assignment information, disaggregatedly can be arranged to it, thus
Form test program list, system platform list of test mode list, parameter list and tested program etc., follow-up to facilitate
Safety test operation.
First acquisition module 300 can be arranged at the Brix of embodiment two with kidnapping in server.
The history that second acquisition module 310 is primarily adapted for obtaining the load-on module in tested program loads record information;Its
In history load record information include:The progress information of start-up loading module, the start-up parameter of start-up loading module and enter
Journey is in the loading list etc. of start-up loading module post-loaded module.The progress information of above-mentioned start-up loading module refers to tested program
Middle one or more process starting certain load-on module;The start-up parameter of above-mentioned start-up loading module refers in tested program
One or more process starting certain load-on module is starting the parameter being used during this load-on module;Above-mentioned load-on module
The list that loads refer to by the tested program list that the complete trails information that used is formed when loading each load-on module.
The mode that second acquisition module 310 obtains the history loading record information of the load-on module in tested program is mainly wrapped
Include two kinds:Mode one, obtained by data base querying;Mode two, by early stage use-case run obtain.Mode one is mainly for survey
Test object in examination mission bit stream is the situation of the executable file in tested program.Mode two is believed mainly for test assignment
Test object in breath is the situation of the load-on module in tested program.Both modes implement process, in mode two
Early stage use-case and the specifying information that comprised of the generating process of early stage use-case attribute information, early stage use-case attribute information and front
Description in the installation and operation process of phase use-case etc. content such as above-mentioned embodiment of the method, is not repeated.
In addition, generating early stage use-case and early stage use-case attribute in aforesaid way two, installing and run early stage use-case and obtain
Taking loading record information for load-on module etc. in early stage use-case running to operate can be by use-case generation module 320, peace
Shipment row module 330 and the 3rd acquisition module 340 execute respectively, and the second acquisition module 310 can be by receiving the 3rd acquisition
Module 340 is transmitted the record record information come to obtain history loading record information.
Second acquisition module 310 can be arranged at the Brix of embodiment two with kidnapping in server.
Use-case generation module 320 is primarily adapted for, on the basis of test assignment information, loading record for each history
Information generates use-case and use-case attribute information respectively;Here use-case can be described as the second stage of use-case, use-case attribute information here
It is properly termed as the second stage of use-case attribute information.
The second stage of use-case attribute information is that the information needed for installation and operation second phase use-case installs fortune it is also possible to be referred to as the second stage of use-case
The required information of row or the information related to the second stage of use-case installation and operation.
The second stage of use-case attribute information that use-case generation module 320 generates at least should include:Institute when load-on module is loaded
There is trial load path information, and the second stage of use-case attribute information generating generally also includes:The installation kit storage of the second stage of use-case
System platform information that location, the scripted code bag storage address of automatic program execution test of the second stage of use-case, the second stage of use-case run,
The second stage of use-case number of retries and the second stage of use-case operational factor etc.;In addition, this second stage of use-case attribute information can also include:Second phase
The test prioritization of use-case and the second stage of use-case operation result send address etc..The second stage of use-case and the second stage of use-case attribute information
Form the description specifically referring in above-described embodiment one, here no longer describes in detail.
In addition, use-case generation module 320 is also required to execute the operation generating a phase use-case and a phase use-case attribute information, and
The second stage of use-case attribute information is essentially identical with a phase use-case attribute information, simply increases on the basis of a phase use-case attribute information
The complete trails information of load-on module.
Use-case generation module 320 can be arranged at the Brix of embodiment two with kidnapping in server.
Installation and operation module 330 is primarily adapted for according to use-case attribute information installation and operation use-case, and use-case is paid based on institute
Examination load path information executes the loading operation of load-on module.Here use-case can be described as the second stage of use-case, use-case attribute here
Information is properly termed as the second stage of use-case attribute information.
The process of installation and operation module 330 installation and operation use-case can be:Installation and operation module 330 is from the second stage of use-case attribute
Obtain the installation kit storage address of the second stage of use-case, and the installation kit according to the second stage of use-case of this storage address acquisition in information, install
Run the installation script code that module 330 is run in the installation kit of use-case, thus installation script code runs the installation kit of use-case
In installation file, to install the second stage of use-case;Installation and operation module 330 obtains the automatic execution of use-case from the second stage of use-case attribute
The scripted code bag storage address of program test, installation and operation module 330 obtains the automatic execution of use-case according to this storage address
The scripted code bag of program test, installation and operation module 330 executes in the scripted code bag of automatic program execution test of use-case
Scripted code, preset malice load-on module can be positioned in corresponding path for the execution of scripted code, and use example base
Attempt the loading operation that load path information executes load-on module in all.
In addition, installation and operation module 330 is also required to execution generates the installation of a phase use-case and the operation of operation, and install
Run the test prioritization that module 330 can consider use-case during the installation and operation of use-case.Installation and operation module 330 is permissible
It is arranged in use-case execution platform and the distributed virtual machine of embodiment two.
It is related to preset malice load-on module in running that 3rd acquisition module 340 is primarily adapted for acquisition use-case
Implementation procedure information.Here use-case can be described as the second stage of use-case.3rd acquisition module 340 can be obtained using existing instrument
Implementation procedure information in the second stage of use-case running, for example, the 3rd acquisition module 340 can utilize the process prison of Microsoft
Control instrument (process monitor) obtaining implementation procedure information in running for the second stage of use-case, believe by this implementation procedure
Breath includes:Loading record information to load-on module.
Because the preset malice load-on module in the present embodiment can write predetermined labels during being performed, therefore,
Implementation procedure information with predetermined labels is the implementation procedure information related to preset malice load-on module.In addition, such as
There is the loading record information of preset malice load-on module in fruit implementation procedure information, then this loading record information be also with advance
The implementation procedure information of the malice load-on module correlation put.
In addition, the 3rd acquisition module 340 is also required to execute the loading record information obtaining in a phase use-case running
Operation.3rd acquisition module 340 can be arranged in the distributed virtual machine of embodiment two.
Analysis module 350 is primarily adapted for judging that tested program whether there is safety and leaks according to above-mentioned implementation procedure information
Hole, and export judged result information.
Specifically, analysis module 350 can be by judging the implementation procedure related to preset malice load-on module
Information whether there is security breaches determining tested program;For example, analysis module 350 is write according to preset malice module
Under predetermined labels may determine that tested program has more serious safety problem;Again for example, loaded according to preset malice
The loading record information of module may determine that tested program has potential safety hazard.
Further, analysis module 350 can also judge that tested program has safety problem and potential safety hazard
Particular location, for example, analysis module 350 may determine which use-case is the implementation procedure information with predetermined labels be
Running occurs, and can judge that tested program has the tool of safety problem and potential safety hazard according to this use-case
Body position.
Analysis module 350 can be arranged in the distributed virtual machine of embodiment two.
In addition, the device of the present embodiment can also include test report module (not shown in Fig. 3), test report module can
Reported with production process test result on the basis of the content such as test assignment information and implementation procedure information, and program is surveyed
Test result report is sent to presumptive address.Test report module can be arranged at the Brix of embodiment two with kidnapping in server.
A1, a kind of program safety method of testing, including:
Obtain the test assignment information of tested program, and obtain the history of the load-on module in tested program and load record letter
Breath;
On the basis of described test assignment information, for each history load record information generate respectively use-case and
Use-case attribute information, described use-case attribute information is the information needed for installation and operation use-case, and described use-case attribute information includes:
All trial load path information when load-on module is loaded;
According to described use-case attribute information installation and operation use-case, and described use-case is based on described all trial load path letters
The loading operation of breath execution load-on module;
Obtain related to the preset malice load-on module implementation procedure information in running of use-case;
Judge that described tested program whether there is security breaches according to described implementation procedure information, and export judged result letter
Breath.
A2, the method as described in A1, wherein, described test assignment information includes:The identification information of tested program, test are right
The identification information of elephant, the species of test object, test mode, the unfolding mode of test object, test object operational factor with
And the information such as the system platform of tested program.
A3, the method as described in A1, wherein, the described history obtaining the load-on module in tested program loads record information
Including:
In the case that the test object in described test assignment information is load-on module, by inquiry from data base
The history that mode obtains test object loads record information.
A4, the method as described in A1, wherein, the described history obtaining the load-on module in tested program loads record information
Including:
In the case that the test object in described test assignment information is executable file, believed according to described test assignment
Breath generates early stage use-case and early stage use-case attribute information, and described early stage use-case attribute information is needed for installation and operation early stage use-case
Information;
Early stage use-case is run according to described early stage use-case attribute information;
Obtain the loading record information for load-on module in early stage use-case running, and load note as history
Record information Store is in data base.
A5, as described method arbitrary in A1 to A4, wherein, a history loads record information and includes:Start-up loading mould
The progress information of block, the start-up parameter of start-up loading module and process arrange in the loading of start-up loading module post-loaded module
Table, and described loading list include:All trial load path information when load-on module is loaded.
A6, the method as described in A1, wherein, described use-case attribute information also includes:The installation kit storage address of use-case, use
The scripted code bag storage address of automatic program execution test of example, the system platform information of use-case operation, use-case number of retries
And use-case operational factor.
A7, the method as described in A6, wherein, described include according to described use-case attribute information installation and operation use-case:
System environmentss are arranged for use-case according to the system platform information that use-case runs;
Installation kit storage address according to described use-case obtains the installation kit of use-case, and runs the peace in the installation kit of use-case
Dress scripted code, the installation file that installation script code passes through to execute the use-case in installation kit installs use-case;
The scripted code bag storage address of the automatic program execution test according to described use-case obtains scripted code bag, described
Scripted code in scripted code bag runs use-case on the basis of use-case number of retries and use-case operational factor.
A8, the method as described in A1, wherein, described acquisition use-case in running with preset malice load-on module phase
The implementation procedure information closed includes:
Obtain the implementation procedure information in use-case running using process monitoring instrument, and from described use-case running
In implementation procedure information in filter out the implementation procedure information related to preset malice load-on module.
A9, the method as described in A1, wherein, the related implementation procedure packet of described to preset malice load-on module
Include:Use-case is directed to the preset loading record information of malice load-on module in running and/or preset malice loads mould
The execution flag information of block.
B10, a kind of program safety test device, including:
First acquisition module, is suitable to obtain the test assignment information of tested program;
Second acquisition module, the history being suitable to obtain the load-on module in tested program loads record information;
Use-case generation module, is suitable to, on the basis of described test assignment information, load record letter for each history
Breath generates use-case and use-case attribute information respectively, and described use-case attribute information is the information needed for installation and operation use-case, and institute
State use-case attribute information to include:All trial load path information when load-on module is loaded;
Installation and operation module, is suitable to according to described use-case attribute information installation and operation use-case, and described use-case is based on described
All loading operations attempting load path information execution load-on module;
3rd acquisition module, is suitable to obtain related to the preset malice load-on module execution in running of use-case
Journey information;
Analysis module, is suitable to judge that described tested program whether there is safety and leaks according to described implementation procedure information
Hole, and export judged result information.
B11, the device as described in B10, wherein, described test assignment information includes:The identification information of tested program, test
The identification information of object, the species of test object, test mode, the unfolding mode of test object, the operational factor of test object
And the information such as the system platform of tested program.
B12, the device as described in B10, wherein, described second acquisition module is further adapted for:
In the case that the test object in described test assignment information is load-on module, by inquiry from data base
The history that mode obtains test object loads record information.
B13, the device as described in B10, wherein, described second acquisition module is further adapted for:
In the case that the test object in described test assignment information is executable file, believed according to described test assignment
Breath generates early stage use-case and early stage use-case attribute information, and described early stage use-case attribute information is needed for installation and operation early stage use-case
Information;
Early stage use-case is run according to described early stage use-case attribute information;
Obtain the loading record information for load-on module in early stage use-case running, and load note as history
Record information Store is in data base.
B14, as described device arbitrary in B10 to B13, wherein, a history loads record information and includes:Start-up loading
The progress information of module, the start-up parameter of start-up loading module and process arrange in the loading of start-up loading module post-loaded module
Table, and described loading list include:All trial load path information when load-on module is loaded.
B15, the device as described in B10, wherein, described use-case attribute information also includes:The installation kit storage address of use-case,
The scripted code bag storage address of automatic program execution test of use-case, the system platform information of use-case operation, use-case retry secondary
Number and use-case operational factor.
B16, the device as described in B15, wherein, described installation and operation module is further adapted for:
System environmentss are arranged for use-case according to the system platform information that use-case runs;
Installation kit storage address according to described use-case obtains the installation kit of use-case, and runs the peace in the installation kit of use-case
Dress scripted code, the installation file that installation script code passes through to execute the use-case in installation kit installs use-case;
The scripted code bag storage address of the automatic program execution test according to described use-case obtains scripted code bag, described
Scripted code in scripted code bag runs use-case on the basis of use-case number of retries and use-case operational factor.
B17, the device as described in B10, wherein, described 3rd acquisition module is further adapted for:
Obtain the implementation procedure information in use-case running using process monitoring instrument, and from described use-case running
In implementation procedure information in filter out the implementation procedure information related to preset malice load-on module.
B18, the device as described in B10, wherein, the related implementation procedure packet of described to preset malice load-on module
Include:Use-case is directed to the preset loading record information of malice load-on module in running and/or preset malice loads mould
The execution flag information of block.
Algorithm and display be not inherently related to any certain computer, virtual system or miscellaneous equipment provided herein.
Various general-purpose systems can also be used together with based on teaching in this.As described above, construct required by this kind of system
Structure be obvious.Additionally, the present invention is also not for any certain programmed language.It is understood that, it is possible to use various
Programming language realizes the content of invention described herein, and the description above language-specific done is to disclose this
Bright preferred forms.
In description mentioned herein, illustrate a large amount of details.It is to be appreciated, however, that the enforcement of the present invention
Example can be put into practice in the case of not having these details.In some instances, known method, structure are not been shown in detail
And technology, so as not to obscure the understanding of this description.
Similarly it will be appreciated that in order to simplify the disclosure and help understand one or more of each inventive aspect,
Above in the description to the exemplary embodiment of the present invention, each feature of the present invention is grouped together into single enforcement sometimes
In example, figure or descriptions thereof.However, the method for the disclosure should be construed to reflect following intention:I.e. required guarantor
The application claims of shield more features than the feature being expressly recited in each claim.More precisely, it is such as following
Claims reflected as, inventive aspect is all features less than single embodiment disclosed above.Therefore,
The claims following specific embodiment are thus expressly incorporated in this specific embodiment, wherein each claim itself
All as the separate embodiments of the present invention.
Those skilled in the art are appreciated that and the module in the equipment in embodiment can be carried out adaptively
Change and they are arranged in one or more equipment different from this embodiment.Can be the module in embodiment or list
Unit or assembly be combined into a module or unit or assembly, and can be divided in addition multiple submodule or subelement or
Sub-component.In addition to such feature and/or at least some of process or unit exclude each other, can adopt any
Combination is to all features disclosed in this specification (including adjoint claim, summary and accompanying drawing) and so disclosed
Where method or all processes of equipment or unit are combined.Unless expressly stated otherwise, this specification (includes adjoint power
Profit requires, summary and accompanying drawing) disclosed in each feature can carry out generation by the alternative features providing identical, equivalent or similar purpose
Replace.
Although additionally, it will be appreciated by those of skill in the art that some embodiments described herein include other embodiments
In included some features rather than further feature, but the combination of the feature of different embodiment means to be in the present invention's
Within the scope of and form different embodiments.For example, in the following claims, embodiment required for protection appoint
One of meaning can in any combination mode using.
The all parts embodiment of the present invention can be realized with hardware, or to run on one or more processor
Software module realize, or with combinations thereof realize.It will be understood by those of skill in the art that can use in practice
Microprocessor or digital signal processor (DSP) are realizing in program safety test device according to embodiments of the present invention
The some or all functions of a little or whole parts.The present invention is also implemented as executing method as described herein
Some or all equipment or program of device (as computer program and computer program).Such realize this
Bright program can store on a computer-readable medium, or can have the form of one or more signal.Such
Signal can be downloaded from internet website and obtain, or provides on carrier signal, or provided with any other form.
It should be noted that above-described embodiment the present invention will be described rather than limits the invention, and this
Skilled person can design alternative embodiment without departing from the scope of the appended claims.In claim
In, any reference markss between bracket should not be configured to limitations on claims.Word "comprising" is not excluded for depositing
In element not listed in the claims or step.Word "a" or "an" before element do not exclude the presence of multiple this
The element of sample.The present invention can come by means of the hardware including some different elements and by means of properly programmed computer
Realize.If in the unit claim listing equipment for drying, several in these devices can be by same hardware
Embodying.The use of word first, second and third class does not indicate that any order.These words can be explained and run after fame
Claim.