CN106326123B - 一种用于检测数组越界缺陷的方法及系统 - Google Patents
一种用于检测数组越界缺陷的方法及系统 Download PDFInfo
- Publication number
- CN106326123B CN106326123B CN201610720865.4A CN201610720865A CN106326123B CN 106326123 B CN106326123 B CN 106326123B CN 201610720865 A CN201610720865 A CN 201610720865A CN 106326123 B CN106326123 B CN 106326123B
- Authority
- CN
- China
- Prior art keywords
- offset
- value
- symbol
- array
- array boundary
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
- 230000007547 defect Effects 0.000 title claims abstract description 118
- 238000000034 method Methods 0.000 title claims abstract description 32
- 238000001514 detection method Methods 0.000 claims abstract description 105
- 238000012360 testing method Methods 0.000 claims abstract description 67
- 238000004458 analytical method Methods 0.000 claims abstract description 56
- 238000007689 inspection Methods 0.000 claims description 7
- 230000006870 function Effects 0.000 description 6
- 238000005516 engineering process Methods 0.000 description 5
- 230000000877 morphologic effect Effects 0.000 description 5
- 230000003068 static effect Effects 0.000 description 5
- 238000003491 array Methods 0.000 description 3
- 238000010586 diagram Methods 0.000 description 2
- 238000000605 extraction Methods 0.000 description 2
- 230000037361 pathway Effects 0.000 description 2
- 238000006243 chemical reaction Methods 0.000 description 1
- 238000010219 correlation analysis Methods 0.000 description 1
- 230000001419 dependent effect Effects 0.000 description 1
- 238000005206 flow analysis Methods 0.000 description 1
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F11/00—Error detection; Error correction; Monitoring
- G06F11/36—Preventing errors by testing or debugging software
- G06F11/3668—Software testing
Landscapes
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Computer Hardware Design (AREA)
- Quality & Reliability (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Debugging And Monitoring (AREA)
- Stored Programmes (AREA)
Abstract
Description
Claims (14)
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201610720865.4A CN106326123B (zh) | 2016-08-24 | 2016-08-24 | 一种用于检测数组越界缺陷的方法及系统 |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201610720865.4A CN106326123B (zh) | 2016-08-24 | 2016-08-24 | 一种用于检测数组越界缺陷的方法及系统 |
Publications (2)
Publication Number | Publication Date |
---|---|
CN106326123A CN106326123A (zh) | 2017-01-11 |
CN106326123B true CN106326123B (zh) | 2018-12-04 |
Family
ID=57790248
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201610720865.4A Active CN106326123B (zh) | 2016-08-24 | 2016-08-24 | 一种用于检测数组越界缺陷的方法及系统 |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN106326123B (zh) |
Families Citing this family (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN108809622B (zh) * | 2018-06-15 | 2021-10-26 | 上海科技大学 | 一种抗功耗侧信道攻击对策验证方法 |
CN112199289B (zh) * | 2020-10-16 | 2022-10-28 | 湖南泛联新安信息科技有限公司 | 一种支持多维数组的符号执行方法及漏洞检测系统 |
CN114489798B (zh) * | 2022-01-25 | 2024-04-05 | 海飞科(南京)信息技术有限公司 | 用于确定张量元素的越界状态的方法和电子装置 |
Citations (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN103778061A (zh) * | 2014-01-17 | 2014-05-07 | 南京航空航天大学 | 数组越界错误的自动检测和校正方法 |
CN104965788A (zh) * | 2015-07-03 | 2015-10-07 | 电子科技大学 | 一种代码静态检测方法 |
Family Cites Families (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20090292941A1 (en) * | 2008-05-22 | 2009-11-26 | Nec Laboratories America, Inc. | Proof-guided error diagnosis (ped) by triangulation of program error causes |
-
2016
- 2016-08-24 CN CN201610720865.4A patent/CN106326123B/zh active Active
Patent Citations (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN103778061A (zh) * | 2014-01-17 | 2014-05-07 | 南京航空航天大学 | 数组越界错误的自动检测和校正方法 |
CN104965788A (zh) * | 2015-07-03 | 2015-10-07 | 电子科技大学 | 一种代码静态检测方法 |
Non-Patent Citations (3)
Title |
---|
Java语言中数组越界故障的静态测试研究;赵鹏宇 等;《计算机工程与应用》;20081231;第44卷(第27期);第87-90、108页 * |
Precise and Efficient Static Array Bound Checking for Large Embedded C Programs;Arnaud Venet et.al;《PLDI’04》;20040611;第1-12页 * |
基于抽象语法树的数组越界的静态检测方法;徐明昌 等;《计算机工程》;20060131;第32卷(第1期);第108-109、205页 * |
Also Published As
Publication number | Publication date |
---|---|
CN106326123A (zh) | 2017-01-11 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
Rabin et al. | Understanding neural code intelligence through program simplification | |
CN104899147B (zh) | 一种面向安全检查的代码静态分析方法 | |
AU2010350247B2 (en) | Code inspection executing system for performing a code inspection of ABAP source codes | |
CN117951701A (zh) | 用于确定软件代码中的缺陷和漏洞的方法 | |
CN112288079B (zh) | 图神经网络模型训练方法、软件缺陷检测方法及系统 | |
Gong et al. | Automatic detection of infeasible paths in software testing | |
CN104021084A (zh) | 一种Java源代码缺陷检测方法及装置 | |
CN101751530B (zh) | 检测漏洞攻击行为的方法及设备 | |
CN109308411B (zh) | 基于人工智能决策树的分层检测软件行为缺陷的方法和系统 | |
CN112307473A (zh) | 一种基于Bi-LSTM网络和注意力机制的恶意JavaScript代码检测模型 | |
CN106326123B (zh) | 一种用于检测数组越界缺陷的方法及系统 | |
CN103914374B (zh) | 基于程序切片和频繁模式提取的代码缺陷检测方法及装置 | |
CN111475820A (zh) | 基于可执行程序的二进制漏洞检测方法、系统及存储介质 | |
CN104090798A (zh) | 动静态结合的中断驱动程序数据竞争检测方法 | |
Anu et al. | An approach to recommendation of verbosity log levels based on logging intention | |
CN114861194A (zh) | 一种基于bgru与cnn融合模型的多类型漏洞检测方法 | |
Kirasić et al. | Ontology-based design pattern recognition | |
CN106407104B (zh) | 一种用于检测与内存空间释放相关的缺陷的方法及系统 | |
Ngo et al. | Ranking warnings of static analysis tools using representation learning | |
Wu et al. | Binary Code Vulnerability Detection Based on Multi-Level Feature Fusion | |
Harzevili et al. | Automatic Static Vulnerability Detection for Machine Learning Libraries: Are We There Yet? | |
Ahmed et al. | Machine learning for software vulnerability detection: A survey | |
JP5464031B2 (ja) | プログラム検証装置、方法及びプログラム | |
Ding et al. | IVSign: Interpretable vulnerability signature via code embedding and static analysis | |
Cui et al. | Binary Code Vulnerability Location Identification with Fine-grained Slicing |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
C41 | Transfer of patent application or patent right or utility model | ||
TA01 | Transfer of patent application right |
Effective date of registration: 20170105 Address after: 100089 room 403-46, room, No. 20 Jiuxianqiao Road, Beijing, Chaoyang District Applicant after: BEIJING QIHU CETENG SECURITY TECHNOLOGY Co.,Ltd. Applicant after: BEIJING QIANXIN TECHNOLOGY Co.,Ltd. Address before: 100089 Beijing City, Haidian District Suzhou Street No. 29 building 12 layer 035 Scandinavia Applicant before: BEIJING QIHU CETENG SCIENCE & TECHNOLOGY Co.,Ltd. Applicant before: BEIJING QIANXIN TECHNOLOGY Co.,Ltd. |
|
C10 | Entry into substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant | ||
CP03 | Change of name, title or address | ||
CP03 | Change of name, title or address |
Address after: Room 403-46, 4th Floor, No. 20 Jiuxianqiao Road, Chaoyang District, Beijing, 100016 Patentee after: BEIJING QIHU CETENG SECURITY TECHNOLOGY Co.,Ltd. Patentee after: QAX Technology Group Inc. Address before: Room 4, floor 20, 403-46 Jiuxianqiao Road, Beijing, Chaoyang District Patentee before: BEIJING QIHU CETENG SECURITY TECHNOLOGY Co.,Ltd. Patentee before: BEIJING QIANXIN TECHNOLOGY Co.,Ltd. |