CN109241746B - Code processing method and device, computing equipment and storage medium - Google Patents

Code processing method and device, computing equipment and storage medium Download PDF

Info

Publication number
CN109241746B
CN109241746B CN201810994304.2A CN201810994304A CN109241746B CN 109241746 B CN109241746 B CN 109241746B CN 201810994304 A CN201810994304 A CN 201810994304A CN 109241746 B CN109241746 B CN 109241746B
Authority
CN
China
Prior art keywords
code
test
program
test case
interface
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201810994304.2A
Other languages
Chinese (zh)
Other versions
CN109241746A (en
Inventor
蒋洪伟
邓欣
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Tencent Technology Shenzhen Co Ltd
Original Assignee
Tencent Technology Shenzhen Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Tencent Technology Shenzhen Co Ltd filed Critical Tencent Technology Shenzhen Co Ltd
Priority to CN201810994304.2A priority Critical patent/CN109241746B/en
Publication of CN109241746A publication Critical patent/CN109241746A/en
Application granted granted Critical
Publication of CN109241746B publication Critical patent/CN109241746B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/57Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
    • G06F21/577Assessing vulnerabilities and evaluating computer system security
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F11/00Error detection; Error correction; Monitoring
    • G06F11/36Preventing errors by testing or debugging software
    • G06F11/3668Software testing
    • G06F11/3672Test management
    • G06F11/3684Test management for test design, e.g. generating new test cases
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F11/00Error detection; Error correction; Monitoring
    • G06F11/36Preventing errors by testing or debugging software
    • G06F11/3668Software testing
    • G06F11/3672Test management
    • G06F11/3688Test management for test execution, e.g. scheduling of test suites
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/03Indexing scheme relating to G06F21/50, monitoring users, programs or devices to maintain the integrity of platforms
    • G06F2221/033Test or assess software

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • General Engineering & Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Computer Security & Cryptography (AREA)
  • Quality & Reliability (AREA)
  • Software Systems (AREA)
  • Computing Systems (AREA)
  • Debugging And Monitoring (AREA)

Abstract

The application provides a code processing method, which comprises the following steps: acquiring a test template code, wherein the test template code is set according to the grammar of a programming language; when a preset mark in the test module code is read, determining the position of the preset mark as the position to be added of an interface in the test template code; replacing the preset identification with the code corresponding to the interface to add the code corresponding to the interface to the position to be added to generate a test case; and providing the test case to a program to be tested so that the program to be tested runs the test case.

Description

Code processing method and device, computing equipment and storage medium
Technical Field
The present application relates to the field of information technology, and in particular, to a code processing method and apparatus, a computing device, and a storage medium.
Background
With the development of information technology, the implementation of programs brings convenience to people, and is convenient for people to perform various activities online, such as online video watching, online music listening, online financing and the like, but problems caused by program vulnerabilities are inevitable, the program vulnerabilities bring poor use experience to users, and even stealing of user privacy information and property information, so that the exploitation of the program vulnerabilities is paid more and more attention, but the exploitation of the program vulnerabilities consumes a large amount of manpower and time, and how to quickly exploit the program vulnerabilities is a key for solving the problems.
Disclosure of Invention
In view of the above, the following technical solutions are provided, which can quickly and conveniently mine program bugs.
The application example provides a code processing method, which comprises the following steps: acquiring a test template code, wherein the test template code is set according to the grammar of a programming language; when a preset mark in the test module code is read, determining the position of the preset mark as the position to be added of an interface in the test template code; replacing the preset identification with the code corresponding to the interface to add the code corresponding to the interface to the position to be added to generate a test case; and providing the test case to a program to be tested so that the program to be tested runs the test case.
The example of the present application further provides a code processing apparatus, including: the acquisition module acquires a test template code, wherein the test template code is set according to the grammar of a programming language; the determining module is used for determining the position of the preset mark as the position to be added of the interface in the test template code when the preset mark in the test module code is read; the replacing module is used for replacing the preset identifier with the code corresponding to the interface so as to add the code corresponding to the interface to the position to be added and generate a test case; and the providing module is used for providing the test case to the program to be tested so as to enable the program to be tested to run the test case.
In some examples, the device further comprises: a selection module that randomly selects at least one interface from a plurality of interfaces as the interface, the interface including any one of: a method call interface and an attribute call interface.
In some examples, the determination module determines a programming language of the test template code from the test template code; the selection module randomly selects the interface from a plurality of interfaces corresponding to the programming language.
In some examples, the determination module determines a programming language of the test template code from the test template code; the acquisition module is used for acquiring class codes corresponding to the programming language, wherein the class codes comprise method codes and/or attribute codes; the apparatus further comprises: and the generating module generates a code corresponding to the interface according to the class code.
In some examples, the device further comprises: the compiling module is used for compiling the test case; the providing module provides the compiled test case to the program to be tested.
In some examples, the device further comprises: the monitoring module is used for monitoring the running condition of the test case of the program to be tested; when the situation that the program to be tested operates the test case is monitored to be abnormal, acquiring the abnormal information; and the sending module is used for sending the abnormal information to the message client after the abnormal information is obtained.
In some examples, the monitoring module acquires the test case when monitoring that the program to be tested is abnormal in the condition of running the test case; and sending the test case to a message client.
In some examples, the obtaining module obtains other test template codes; the apparatus further comprises: and the returning module returns the step of determining the position to be added of the interface in the test template code.
The examples of this application also provide a computing device comprising a memory, a processor, and a computer program stored on the memory and run on the processor; the processor, when executing the computer program, implements the method described above.
The present examples also provide a storage medium storing one or more programs, the one or more programs comprising instructions, which when executed by a computing device, cause the computing device to perform the above-described method.
By applying the technical scheme of the invention, the preset identification in the test module code is replaced by the code corresponding to the interface to generate the test example because the obtained test template code conforms to the grammar rule of the programming language, so that the generated test example is an effective file conforming to the grammar of the programming language, the program to be tested can smoothly run the test example to test the program to be tested, and meanwhile, the code corresponding to the interface is added into the test template code, so that the test examples generated based on the test template code form a test example set with fewer test examples and reach a better code coverage path, and the bugs of the program to be tested can be quickly and conveniently found through the test example set formed by fewer test examples.
Drawings
In order to more clearly illustrate the embodiments of the present invention or the technical solutions in the prior art, the drawings used in the description of the embodiments or the prior art will be briefly described below, and it is obvious that the drawings in the following description are only some embodiments of the present invention, and for those skilled in the art, other drawings can be obtained according to these drawings without creative efforts.
FIG. 1 is a schematic diagram of a system architecture to which a code processing method according to an embodiment of the present application is applied;
FIG. 2A is a flow diagram of a code processing method according to an example of the present application;
FIG. 2B is a flow diagram of a code processing method according to an example of the present application;
FIG. 3 is a flow diagram of server deployment according to an example of the present application;
FIG. 4 is a schematic view of an interface package according to an example of the present application;
FIG. 5 is a schematic diagram of a code processing apparatus according to an example of the present application;
fig. 6 is a schematic diagram of a hardware structure of a computing device according to an example of the present application.
Detailed Description
The technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are only a part of the embodiments of the present invention, and not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
For simplicity and clarity of description, the invention will be described below by describing several representative embodiments. The numerous details of the examples are merely provided to assist in understanding the inventive arrangements. It will be apparent, however, that the invention may be practiced without these specific details. Some embodiments are not described in detail, but rather are merely provided as frameworks, in order to avoid unnecessarily obscuring aspects of the invention. Hereinafter, "including" means "including but not limited to", "according to … …" means "at least according to … …, but not limited to … … only". When the number of one component is not particularly specified hereinafter, it means that the component may be one or more, or may be understood as at least one.
Program vulnerability mining, the term of art closest to fuzz testing in academia, may be Boundary Value Analysis (BVA), in which the boundaries of legal values given an input are examined and tests are then created with legal and illegal values inside and outside the boundaries. BVAs may help ensure that exception handling mechanisms are able to filter out unexpected values while allowing for a maximum range of acceptable input values. Fuzz testing is similar to BVA, but when it is performed, it does not only focus on boundary values uniquely, but requires additional attention to any input that may cause undefined or unsafe behavior.
Fuzzing is a method of discovering software vulnerabilities by providing unintended input to a target system and monitoring for anomalous results. If the object under test is an AVM (ActionScript virtual machine by Adobe FlashPlayer), then a binary file containing bytecode should be entered.
Based on the random variation of the file format, the file is filled with random values, which is called as Dumb Fuzz, and the fuzzy test of the target by the Dumb Fuzz based on the file and the random variation is very blind and is often executed for many times under the same code path, and meanwhile, the Dumb Fuzz needs a large amount of input for verification, and if a user wants to harvest in a short time, the user can use a large amount of machines for verification at the same time.
The black box test based on grammar mainly takes LangFuzz as a target, the target is script grammars such as JavaScript and PHP, even if the grammar is wrong, the whole fuzz test cannot be influenced, but the LangFuzz can not carry out fuzz test on ActionScript.
Fig. 1 shows a schematic structural diagram of a system 100 to which the code processing method of the present embodiment is applied. The system 100 comprises at least a first server 101, the system 100 may further comprise a network 102 and a second server 103.
Wherein, the first server 101 is installed with application server software for testing, the first server 101 is installed with Virtual Box 101a, Fuzzer 101b and program to be tested 101c, the Virtual Box 101a runs Fuzzer 101b, the Fuzzer 101b generates test case, and tests the program under test 101c through the test case, for example, the Fuzzer 101b may send the test case to a local preset storage area of the first server 101, send a message to the program under test 101c, the message carries the storage address of the test case, the program to be tested 101c reads the test case from the first server 101 according to the storage address, so that the program to be tested 101c runs the test case, and the program bug detection is performed on the program to be tested 101 c.
When the first server 101 does not have the program 101c to be tested installed, the system 100 may further include a second server 103, the second server 103 has application server software for testing, the second server 103 may have a program 103a to be tested, when the Fuzzer (bug detector) 101b in the first server 101 generates a test case and tests the program 103a to be tested through the test case, for example, the Fuzzer (bug detector) may send the test case to a local preset storage area of the second server 103 through the network 102, and send a message to the program 103a to be tested, where the message carries a storage address of the test case, and the program 103a to be tested reads the test case according to the storage address, thereby running the test case and performing program bug detection on the program 103a to be tested.
It should be noted that, even if the first server 101 has the program to be tested 101c installed therein, the system 100 may also include the second server 103, and the second server 103 may also have the program to be tested 103a installed therein, when the Fuzzer 101b in the first server 101 generates a test instance and tests the program to be tested through the test instance, for example, the Fuzzer 101b may send the test instance to a local preset storage area of the first server 101 and then send a message to the program to be tested 101c, where the message carries a storage address of the test instance, the program to be tested 101c reads the test instance according to the storage address, so that the program to be tested 101c runs the test instance to perform the program bug detection on the program to be tested 101c, and the Fuzzer may also send the test instance to the local preset storage area of the second server 103 through the network 102, and sending a message to the program to be tested 103a, where the message carries the storage address of the test case, and the program to be tested 103a reads the test case according to the storage address, so that the program to be tested 103a runs the test case and performs program bug detection on the program to be tested 103 a.
The network 102 may be a wired network or a wireless network.
Based on the system 100, the present application example proposes a code processing method applied in the first server 101, as shown in fig. 2A, the method 200 includes the following steps:
step 201: and acquiring a test template code.
Wherein the test template code is set according to a syntax of a programming language.
In some examples, a Fuzzer 101b deployed in the first server 101 obtains test template code stored in a test template file (e.g., a txt format file). The test template can be used for testing a class of program bug problems.
Step 202: and when the preset identification in the test module code is read, determining the position of the preset identification as the position to be added of the interface in the test template code.
The interface is used for obtaining a return value of a method code or an attribute code in a class code, and a code corresponding to the interface comprises a method code called by the test template code or a called attribute code.
In some examples, Fuzzer (bug detection machine) 101b reads the test template code; and when the preset identification in the code of the test module is read, determining the position of the preset identification as the position to be added of the interface.
Step 203: and replacing the preset identification with the code corresponding to the interface to add the code corresponding to the interface to the position to be added to generate a test case.
In some examples, the Fuzzer 101b deletes the preset identifier and adds a code corresponding to the interface to the to-be-added position corresponding to the preset identifier, so that the code corresponding to the interface replaces the preset identifier.
Step 204: and providing the test case to a program to be tested so that the program to be tested runs the test case.
In some examples, for a program to be tested that can run a programming language that does not require compilation, a test case (file name may be main.
The following is detailed with respect to the above steps 201 to 204:
in step 201: obtaining a test template code, wherein the test template code is set according to the grammar of the programming language.
Before step 201 is executed, it is necessary to deploy Fuzzer (vulnerability detection machine) 101b on first server 101, and as shown in fig. 3, the deployment process deploys the installation file of Fuzzer (vulnerability detection machine) 101b in the image file, step 301: an image file identified by a Virtual Box (Virtual machine) is manufactured, and the image file comprises an installation file and a resource file for running a Fuzzer (vulnerability detection machine) 101b, such as a test template code file. Triggering a file uploading script of the first server 101 in a manual instruction mode, and step 302: uploading an image file containing a Fuzzer (bug detection machine) 101b installation file to a first server 101 (i.e., a tester), and after the first server 101 receives the image file, step 303: deploying the image file to the first server 101 through the configuration file, and calling a Virtual Box (Virtual machine) to run the image file, step 304: and running the image file in the Virtual Box to realize the installation and running of the Fuzzer (vulnerability detection machine) 101 b.
For example, as described above, after the Fuzzer 101b is deployed on the first server 101, the Fuzzer 101b deployed in the first server 101 acquires the test template code stored in the test template file (e.g., txt format file).
The test template can be used for testing a class of program bug problems.
In step 202, when the preset identifier in the test module code is read, the position of the preset identifier is determined as the position to be added of the interface in the test template code.
For example, as described above, the Fuzzer 101b reads the test template code, finds a second identifier identical to or corresponding to the first identifier in the test template code according to a preset first identifier (e.g., a symbol or a specific programming language), and determines a location of the second identifier, where the location is a location to be added.
It should be understood that the first identifier may be the same as the second identifier, or may have a preset association relationship with the second identifier.
For example, the first identifier may be selected fuzz as the preset, and the second identifier may be selected fuzz1 or selected fuzz2 related to the selected fuzz. In the test template code, when the second identifier selectFuzz1 is read, it indicates that a method call interface (also referred to as method interface) or a property call interface (also referred to as property interface) in a class of the programming language is randomly selected.
It should be noted that Class (Class) is the basis for implementing information encapsulation by Object-Oriented Programming (OOP). A class is a defined type, also called a class type. Each class contains a description of the data and a set of functions that operate on the data or pass messages.
In step 203: and replacing the preset identification with the code corresponding to the interface to add the code corresponding to the interface to the position to be added to generate a test case.
For example, as described above, the Fuzzer (vulnerability detection machine) 101b deletes the preset identifier, and adds the code corresponding to the interface to the to-be-added location, so that the code corresponding to the interface replaces the preset identifier.
Wherein, in some examples, the method 200 further comprises: randomly selecting at least one interface from a plurality of interfaces as the interface, the interface comprising any one of: a method call interface and an attribute call interface.
For example, according to the foregoing description, when only one programming language is specified, such as actionscript programming language, the Fuzzer 101b directly and randomly calls a method call interface (e.g., open camera) or an attribute call interface (e.g., attribute long interface and attribute wide interface) corresponding to one of a plurality of classes (e.g., camera class) in the programming language, where there may be other method call interfaces or attribute call interfaces in the one class (e.g., camera class).
It should be appreciated that the method call interface may include a function interface and the property call interface may include a variable interface. When a programming language is selected, the class can also correspond to a plurality of instantiated objects, and each object has a method call interface and/or an attribute call interface included in the class.
It should be noted that instantiation refers to the process of creating an object through a class in an object-oriented programming language. And the interface is randomly selected, and the code corresponding to the interface and the test template code are combined to generate a test case, so that the code test can be controlled in the test case of limited code bugs, and different test cases can be provided under the condition of the limited code bug test case according to the code corresponding to the randomly selected interface, so that the best code coverage path is achieved, and the bugs of the program to be tested can be quickly and conveniently found.
In some examples, the method 200 further comprises: determining a programming language of the test template code according to the test template code; and randomly selecting the interface from a plurality of interfaces corresponding to the programming language.
For example, according to the foregoing description, when the test template code is read for at least two programming languages, such as actionscript programming language and JavaScript programming language, the Fuzzer 101b determines the read test template code, determines which programming language the syntax of the test template code conforms to, thereby determining the programming language corresponding to the test template code, such as actionscript programming language, and randomly selects a method call interface (e.g., open a camera) or an attribute call interface (e.g., attribute long interface and attribute wide interface) in a class (e.g., camera class) of the programming language when the programming language is determined to be actionscript.
In some examples, the method 200 further comprises: determining a programming language of the test template code according to the test template code; acquiring a class code corresponding to the programming language; and generating a code corresponding to the interface according to the class code.
The class code is code in a class file of a programming language and comprises method code and/or attribute code.
The interface is used for obtaining a return value of a method code or an attribute code in the class code, and the code corresponding to the interface comprises a method code called by the test template code or a called attribute code.
For example, according to the above description, when the test template code is read for at least two programming languages, such as actionscript programming language and JavaScript programming language, the Fuzzer 101b reads the test template code, determines the read test template code, the syntax of the test template code conforms to the syntax of which programming language, thereby determining the programming language, such as actionscript programming language, after the Fuzzer (vulnerability detection machine) 101b runs, the parser in the Fuzzer (vulnerability detection machine) 101b parses the codes in each class file of the actionscript programming language preset in the Fuzzer (vulnerability detection machine) 101b or the image file to obtain the attribute codes and the method codes in each class file, reads the attribute codes and the method codes in each class, and encapsulates the read attribute codes and the read method codes into corresponding calling interfaces. As shown in fig. 4, the parser performs step 401: analyzing the method codes in the various classes, and step 402: analyzing the attribute codes in each class, and executing step 403 after the analyzer analyzes the attribute codes and the method codes: packaging the analyzed method codes, generating codes corresponding to corresponding method calling interfaces, and step 404: and packaging the analyzed attribute codes to generate codes corresponding to the corresponding attribute calling interfaces.
It should be understood that when the corresponding code of the interface is executed, it is the return value for acquiring the method code or the attribute code.
Both the actionscript programming language and the JavaScript programming language may be applicable to the example content of the code corresponding to the interface, so that the two programming languages are not separately described herein.
It should be noted that the parser may interface-package the method code and the attribute code through a Python program, and when the Python program interfaces-packages the method code and the attribute code, the Python program may randomly assign the attribute code or a parameter in the method code to a preset identifier, for example, "ob", so as to associate with the preset identifier "ob" in the test template code.
In addition, the Python program is not the same as actionscript programming language and JavaScript programming language because it is used to encapsulate the interface.
It should be understood that a plurality of other programming languages may be preset in the Fuzzer (bug detection machine) 101b or the image file, a class corresponding to each programming language may be set as an independent file, and when the programming language is determined, the attribute codes and method codes in the class corresponding to the programming language may be analyzed and read.
In step 204: and adding the code corresponding to the interface to the position to be added to generate a test case.
For example, as described above, the Fuzzer 101b substitutes the code corresponding to the property call interface and the code corresponding to the method call interface into corresponding positions in the test template code, such as substituting the code corresponding to the property call interface into selectFuzz1 in the test template code to replace selectFuzz1, and substituting the code corresponding to the method call interface into selectFuzz2 in the test template code to replace selectFuzz2, so as to generate the test case.
It should be noted that, because the test template code and the code corresponding to the interface are both codes that conform to the grammar rule of the programming language, the test case generated according to the test template code can satisfy the legality of the grammar of the programming language, and the creation failure of the test case caused by the problem of non-conformity with the legality of the grammar is reduced, thereby improving the test efficiency and the test quality.
In some examples, as shown in fig. 2B, the method 200 further comprises step 205: compiling the test case, wherein step 2041: providing the test case to a program to be tested includes: and sending the compiled test case to the program to be tested.
For example, according to the foregoing description, a compiler deployed on the first server 101 is called to compile the test case to obtain a binary file, where the file name may be main.
In some examples, as shown in fig. 2B, the method 200 further comprises: step 206: monitoring the running condition of the test case of the program to be tested; step 207: when the situation that the program to be tested operates the test case is monitored to be abnormal, acquiring the abnormal information; step 208: and after the abnormal information is obtained, sending the abnormal information to the message client.
Wherein, sending the exception information to the message client may include but is not limited to: the exception information may be sent to the mail client by the Fuzzer 101b or a classifier (e.g., a crash classifier) in the form of a mail, so that the relevant person can process the exception information.
Wherein, the message client can be a mail client.
For example, according to the foregoing, when the program to be tested executes the source code, the Fuzzer (bug detector) 101b may directly send the source code, i.e., the test case, to the program to be tested deployed in the same first server 101, for example, to the program to be tested running the javascript programming language in the first server 101. In other embodiments, the method may also be performed by sending the log to a program to be tested deployed in the second server 103, running the test instance after the program to be tested receives the test instance, monitoring the running process of the test instance by using a classifier (e.g., a crash classifier) deployed on the first server 101, capturing the abnormal information when the crash classifier monitors that the running of the test instance is abnormal, writing the abnormal information into the log, and sending the log to a message client (e.g., a mail client) by the crash classifier.
It should be noted that the Fuzzer 101b may include a generator and a mutator, where the generator is configured to generate the test case, and the mutator is configured to extract the preset test template code, and may also automatically generate the test template code through deep learning.
In some examples, the method 200 further comprises: sending the compiled test case to the program to be tested so that the program to be tested runs the compiled test case; step 207: and when the operation is abnormal, sending abnormal information to the message client.
Wherein, sending the exception information to the message client may include but is not limited to: the exception information may be sent to the mail client by the Fuzzer 101b or a classifier (e.g., a crash classifier) in the form of a mail, so that the relevant person can process the exception information.
The exception information may include: the time at which the exception (e.g., a program bug exception event) occurred, the location of the exception occurrence, and the type of exception occurrence, among others.
For example, as described above, when the program to be tested executes the compiled file, for example, the program to be tested is an ActionScript virtual machine of Adobe flashlayer, the Fuzzer (bug detector) 101b may directly send the compiled test case to the program to be tested deployed in the same first server 101, for example, the program to be tested running javascript programming language, or the program to be tested deployed in the second server 103, after receiving the compiled test case, the program to be tested runs the compiled test case, monitors the running process through the crash classifier deployed on the first server 101, when the crash classifier monitors that the compiled test case runs abnormally, captures abnormal information, writes the abnormal information into the log, and sends the log to the message client by the crash classifier (for example, a mail client).
In some examples, as shown in fig. 2B, the method 200 further includes step 209: when the situation that the program to be tested operates the test case is monitored to be abnormal, the test case is obtained; and sending the test case to a message client.
For example, according to the foregoing, for a program to be tested running source code, when an exception occurs, a classifier (e.g., a crash classifier) may acquire the test instance from the program to be tested and send the test instance to a message client (e.g., a mail client) along with a log.
In some examples, the method 200 further comprises: when the situation that the program to be tested operates the test case is monitored to be abnormal, the test case and the compiled test case are obtained; and issuing the test case and the compiled test case.
For example, according to the foregoing, for a program to be tested running a binary file, when an exception occurs, the crash classifier may acquire the compiled test case from the program to be tested, acquire the test case from the Fuzzer (bug detector) 101b, and send the test case and the compiled test case to a message client (e.g., a mail client) along with a log.
It should be noted that, in the above example, when the crash classifier acquires multiple logs, the crash classifier may classify and deduplicate the logs, remove invalid redundant logs, and send the processed logs.
In some examples, the method 200 further comprises: acquiring other test template codes; and returning to the step of determining the position to be added of the interface in the test template code.
For example, according to the foregoing, after the running of one test case or compiled test case is finished, the test template codes may be continuously added, and when there is a new test template code, the new test template code is obtained, and the execution is continued by returning to step 202.
It should be noted that other test template codes may also be obtained without the test case or the compiled test case running end, for example, other test template codes may be obtained by running the test case before the test case runs or the compiled test case runs.
In addition, the test template code can be written in a manual mode and can also be generated in a deep learning mode.
According to the technical scheme, the test template code can be generated manually, a large number of vulnerability code samples of one type of vulnerability can also be obtained, the vulnerability code sample plate is input into a Fuzzer (vulnerability detection machine) 101b, the Fuzzer (vulnerability detection machine) 101b learns a large number of vulnerability codes, the forming rule of the vulnerability codes is found, and therefore the test template code is generated automatically.
In addition, according to the technical scheme, a large number of holes are found through the generated test examples, and the effectiveness of the technical scheme is sufficiently demonstrated.
By the technical scheme, the program to be tested can be subjected to fuzzy test efficiently, and the best code coverage path can be reached by using the minimum test set through the combination of the fixed grammar template (namely the test template) and the codes corresponding to the random interface. The fuzz test can also be effectively performed on the program to be tested, and the grammar generator in the first server 101 (i.e., the generator in the Fuzzer 101 b) generates the test case according to the test template code and the code corresponding to the interface, so that the legality of the generated grammar file (i.e., the test case) can be ensured, and the test case can be generated into a binary file through the compiler.
With the increasing popularity of browsers on client sides, various scripting languages, such as Java Applet, Flash ActionScript and JavaScript, provide rich interactive functions for the browsers and introduce new potential safety hazards. The technical scheme can discover the security loopholes existing in the product as early as possible and inform a manufacturer to take measures to repair, so that the user is prevented from being broken through a defense line by an attacker under the unconscious condition and capturing the control right of the computer. The technical scheme can be used for automatically carrying out the fuzzy test on the product only by being applied to the server, for example, the fuzzy test is carried out on the Adobe Flash Player, the generated operation result is summarized and summarized, and an author is informed to further process. Through experiments, the technical scheme has found the crash problem of more than 100 Adobe Flash players, wherein more than 50 Adobe companies consider as high-risk bugs and allocate a Common bug and an exposed CVE (Common Vulnerabilities & Exposuers) number to each bug.
Based on the above example, the present application further provides a code processing apparatus, which is applied in the first server 101; as shown in fig. 5, the processing device 500 includes: an obtaining module 501, a determining module 502, an adding module 503, and a providing module 504, and the functions of the modules are as follows:
the obtaining module 501 obtains a test template code, where the test template code is set according to a syntax of a programming language.
A determining module 502, configured to determine, when a preset identifier in the test module code is read, a position where the preset identifier is located as a position to be added to an interface in the test template code;
and a replacing module 503, replacing the preset identifier with the code corresponding to the interface, so as to add the code corresponding to the interface to the position to be added, and generate a test case.
And the providing module 504 is used for providing the test case to the program to be tested so that the program to be tested runs the test case.
In some examples, the device 500 further comprises: a selection module that randomly selects at least one interface from a plurality of interfaces as the interface, the interface including any one of: a method call interface and an attribute call interface.
In some examples, the determining module 502 determines a programming language of the test template code from the test template code; the selection module randomly selects the interface from a plurality of interfaces corresponding to the programming language.
In some examples, the determining module 502 determines a programming language of the test template code from the test template code; an obtaining module 501, configured to obtain a class code corresponding to the programming language, where the class code includes a method code and/or an attribute code; the apparatus 500 further comprises: and the generating module generates a code corresponding to the interface according to the class code.
In some examples, the device 500 further comprises: the compiling module is used for compiling the test case; the providing module 504 provides the compiled test case to the program to be tested.
In some examples, the device 500 further comprises: the monitoring module is used for monitoring the running condition of the test case of the program to be tested; when the situation that the program to be tested operates the test case is monitored to be abnormal, acquiring the abnormal information; and the sending module is used for sending the abnormal information to the message client after the abnormal information is obtained.
In some examples, the monitoring module acquires the test case when monitoring that the program to be tested is abnormal in the condition of running the test case; and sending the test case to a message client.
In some examples, the obtaining module 501 obtains other test template codes; the apparatus 500 further comprises: and the returning module returns the step of determining the position to be added of the interface in the test template code.
Fig. 6 shows a block diagram of the components of a computing device 600 in which the processing apparatus 500 is located. This computing device 600 may be a server. As shown in FIG. 6, the computing device 600 includes one or more processors (CPUs) 602, a communications module 604, a memory 606, a user interface 610, and a communications bus 608 that interconnects these components.
The processor 602 may receive and transmit data via the communication module 604 to enable network communications and/or local communications.
The user interface 610 includes one or more output devices 612, including one or more speakers and/or one or more visual displays. The user interface 610 also includes one or more input devices 614, including, for example, a keyboard, a mouse, a voice command input unit or microphone, a touch screen display, a touch sensitive tablet, a gesture capture camera or other input buttons or controls, and the like.
Memory 606 may be high-speed random access memory, such as DRAM, SRAM, DDR RAM, or other random access solid state memory devices; or non-volatile memory, such as one or more magnetic disk storage devices, optical disk storage devices, flash memory devices, or other non-volatile solid-state storage devices.
The memory 606 stores a set of instructions executable by the processor 602, including:
an operating system 616, including programs for handling various basic system services and for performing hardware related tasks;
the application 618 includes various application programs for video playing, and such application programs can implement the processing flow in the above examples, for example, the application programs may include part or all of the modules in the processing apparatus 500 shown in fig. 5, at least one of the modules 501 and 504 may store machine executable instructions, and the processor 602 can implement the functions of at least one of the modules 501 and 504 by executing the machine executable instructions in at least one of the modules 501 and 504 in the memory 606.
It should be noted that not all steps and modules in the above flows and structures are necessary, and some steps or modules may be omitted according to actual needs. The execution order of the steps is not fixed and can be adjusted as required. The division of each module is only for convenience of describing adopted functional division, and in actual implementation, one module may be divided into multiple modules, and the functions of multiple modules may also be implemented by the same module, and these modules may be located in the same device or in different devices.
The hardware modules in the embodiments may be implemented in hardware or a hardware platform plus software. The software includes machine-readable instructions stored on a non-volatile storage medium. Thus, embodiments may also be embodied as software products.
In various examples, the hardware may be implemented by specialized hardware or hardware executing machine-readable instructions. For example, the hardware may be specially designed permanent circuits or logic devices (e.g., special purpose processors, such as FPGAs or ASICs) for performing the specified operations. Hardware may also include programmable logic devices or circuits temporarily configured by software (e.g., including a general purpose processor or other programmable processor) to perform certain operations.
In addition, each example of the present application can be realized by a data processing program executed by a data processing apparatus such as a computer. It is clear that a data processing program constitutes the present application. Further, the data processing program, which is generally stored in one storage medium, is executed by directly reading the program out of the storage medium or by installing or copying the program into a storage device (such as a hard disk and/or a memory) of the data processing device. Such a storage medium therefore also constitutes the present application, which also provides a non-volatile storage medium in which a data processing program is stored, which data processing program can be used to carry out any one of the above-mentioned method examples of the present application.
The machine-readable instructions corresponding to the modules in fig. 5 may cause an operating system or the like operating on the computer to perform some or all of the operations described herein. The nonvolatile computer-readable storage medium may be a memory provided in an expansion board inserted into the computer or written to a memory provided in an expansion unit connected to the computer. A CPU or the like mounted on the expansion board or the expansion unit may perform part or all of the actual operations according to the instructions.
In addition, the devices and modules in the examples of the present application may be integrated into one processing unit, or each module may exist alone physically, or two or more devices or modules may be integrated into one unit. The integrated unit can be realized in a form of hardware, and can also be realized in a form of a software functional unit.
The above description is only for the purpose of illustrating the preferred embodiments of the present invention and is not to be construed as limiting the invention, and any modifications, equivalents, improvements and the like made within the spirit and principle of the present invention should be included in the scope of the present invention.

Claims (10)

1. A code processing method applied to a server, the method comprising:
the method comprises the steps that an installation file of a vulnerability detection machine and a resource file required by running the vulnerability detection machine are made into an image file identified by a virtual machine, the image file is deployed on a server through a configuration file, the virtual machine is called to run the image file to install and run the vulnerability detection machine, wherein the resource file comprises a test template code file;
the vulnerability detection machine acquires a test template code stored in the test template code file, wherein a vulnerability code sample of one type of vulnerability is input into the vulnerability detection machine, so that the vulnerability detection machine learns the vulnerability code, finds out the forming rule of the vulnerability code and generates the test template code;
the vulnerability detection machine determines a programming language corresponding to the test template code according to the grammar of the test template code, acquires a class code corresponding to the programming language in the image file, and generates a code corresponding to an interface according to the class code;
when the vulnerability detection machine reads the preset identification in the test module code, determining the position of the preset identification as the position to be added of the interface in the test template code, adding the code corresponding to the interface to the position to be added, generating a test case, and compiling the test case;
and providing the compiled test case for a program to be tested so that the program to be tested runs the compiled test case, wherein the program to be tested is an ActionScript virtual machine.
2. The method of claim 1, wherein the interface comprises a method call interface and an attribute call interface.
3. The method of claim 2, wherein the code corresponding to the interface comprises a method code and an attribute code, and wherein the method further comprises:
and when the method codes and the attribute codes are encapsulated into corresponding calling interfaces, assigning the parameters in the method codes and the attribute codes to the identifiers corresponding to the corresponding calling interfaces.
4. The method of claim 1, wherein the class code comprises method code and/or property code.
5. The method of claim 1, wherein compiling the test case comprises:
and generating the test case into a binary file through a compiler.
6. The method of claim 1, further comprising:
monitoring the condition that the program to be tested runs the compiled test case;
when the situation that the program to be tested runs the compiled test case is monitored to be abnormal, acquiring abnormal information;
and after the abnormal information is obtained, sending the abnormal information to a message client.
7. The method of claim 6, further comprising:
when the situation that the program to be tested runs the compiled test case is monitored to be abnormal, acquiring the compiled test case;
and sending the compiled test case to a message client.
8. A code processing apparatus, characterized in that the apparatus comprises:
the system comprises an acquisition module, a storage module and a processing module, wherein the acquisition module is used for manufacturing an installation file of a vulnerability detection machine and a resource file required by running the vulnerability detection machine into an image file identified by a virtual machine, deploying the image file to a server through a configuration file, and installing and running the vulnerability detection machine by calling the virtual machine to run the image file, wherein the resource file comprises a test template code file; acquiring a test template code stored in the test template code file, wherein a vulnerability code sample of one type of vulnerability is input into the vulnerability detection machine, so that the vulnerability detection machine learns the vulnerability code, finds out the forming rule of the vulnerability code and generates the test template code; determining a programming language corresponding to the test template code according to the grammar of the test template code, acquiring a class code corresponding to the programming language in the image file, and generating a code corresponding to an interface according to the class code;
the determining module is used for determining the position of the preset identifier as the position to be added of the interface in the test template code when the vulnerability detection machine reads the preset identifier in the test module code;
the replacing module is used for adding a code corresponding to the interface to the position to be added, generating a test case and compiling the test case;
and the providing module is used for providing the compiled test case to a program to be tested so as to enable the program to be tested to run the compiled test case, wherein the program to be tested is an ActionScript virtual machine.
9. A computing device comprising a memory, a processor, and a computer program stored on the memory and run on the processor; the processor, when executing the computer program, implements the method of any of claims 1-7.
10. A computer readable storage medium, storing one or more programs, the one or more programs comprising instructions, which when executed by a computing device, cause the computing device to perform the method of any of claims 1-7.
CN201810994304.2A 2018-08-29 2018-08-29 Code processing method and device, computing equipment and storage medium Active CN109241746B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201810994304.2A CN109241746B (en) 2018-08-29 2018-08-29 Code processing method and device, computing equipment and storage medium

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201810994304.2A CN109241746B (en) 2018-08-29 2018-08-29 Code processing method and device, computing equipment and storage medium

Publications (2)

Publication Number Publication Date
CN109241746A CN109241746A (en) 2019-01-18
CN109241746B true CN109241746B (en) 2022-01-28

Family

ID=65068814

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201810994304.2A Active CN109241746B (en) 2018-08-29 2018-08-29 Code processing method and device, computing equipment and storage medium

Country Status (1)

Country Link
CN (1) CN109241746B (en)

Families Citing this family (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109992503B (en) * 2019-01-25 2022-10-11 北京丁牛科技有限公司 Automatic testing method and device
CN110413525B (en) * 2019-07-29 2023-05-23 国网新疆电力有限公司电力科学研究院 Safety testing method and device
CN112306853B (en) * 2019-08-01 2023-12-12 深圳市腾讯计算机系统有限公司 Fuzzy test method, device, equipment and medium
CN113238937B (en) * 2021-05-11 2023-02-03 西北大学 Compiler fuzzy test method based on code compaction and false alarm filtering

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103500139A (en) * 2013-09-25 2014-01-08 刘爱琴 Communication software integration testing system and method
CN104035873A (en) * 2014-06-30 2014-09-10 青岛海信电器股份有限公司 Method and device for generating testing codes
CN107168864A (en) * 2016-03-08 2017-09-15 上海大唐移动通信设备有限公司 Code stream generation method and device

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103500139A (en) * 2013-09-25 2014-01-08 刘爱琴 Communication software integration testing system and method
CN104035873A (en) * 2014-06-30 2014-09-10 青岛海信电器股份有限公司 Method and device for generating testing codes
CN107168864A (en) * 2016-03-08 2017-09-15 上海大唐移动通信设备有限公司 Code stream generation method and device

Also Published As

Publication number Publication date
CN109241746A (en) 2019-01-18

Similar Documents

Publication Publication Date Title
CN109241746B (en) Code processing method and device, computing equipment and storage medium
CN108133139B (en) Android malicious application detection system based on multi-operation environment behavior comparison
Spreitzenbarth et al. Mobile-sandbox: having a deeper look into android applications
US10587641B2 (en) Point-wise protection of application using runtime agent and dynamic security analysis
CN110795734B (en) Malicious mobile application detection method
CN106126423B (en) The test method of game application, apparatus and system
US20160378989A1 (en) Apparatus and method for monitoring android platform-based application
CN104331662B (en) Android malicious application detection method and device
US20090271867A1 (en) Virtual machine to detect malicious code
Van Der Veen et al. Dynamic analysis of android malware
CA2773981C (en) System and method of substituting parameter sets in self-contained mini-applications
Shahriar et al. Testing of memory leak in android applications
CN110704306B (en) Assertion processing method, device, equipment and storage medium in test
CN111831538B (en) Debugging method, device and storage medium
CN106776338B (en) Test method, test device and server
US10681076B1 (en) Automated security analysis of software libraries
CN110325994A (en) Enhance the device and method of the control stream integrality of software application
Huang et al. Code coverage measurement for Android dynamic analysis tools
US20170185784A1 (en) Point-wise protection of application using runtime agent
CN114116078A (en) Application data processing method, device, equipment and medium based on micro front end
CN112100620B (en) Code security detection method, apparatus, device and readable storage medium
CN110781081B (en) Mobile application callback forced triggering method, system and storage medium
CN112632547A (en) Data processing method and related device
US7458063B2 (en) Method and apparatus for supporting functionality documentation
CN116305120A (en) Dual-verification android malicious software hybrid detection system and method

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant