CN109508547A - A kind of localization method of vulnerability of application program, device, storage medium and terminal - Google Patents

A kind of localization method of vulnerability of application program, device, storage medium and terminal Download PDF

Info

Publication number
CN109508547A
CN109508547A CN201811366149.6A CN201811366149A CN109508547A CN 109508547 A CN109508547 A CN 109508547A CN 201811366149 A CN201811366149 A CN 201811366149A CN 109508547 A CN109508547 A CN 109508547A
Authority
CN
China
Prior art keywords
loophole
user
log
reappear
application program
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN201811366149.6A
Other languages
Chinese (zh)
Inventor
周俊
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Beijing Urban Network Neighbor Information Technology Co Ltd
Beijing City Network Neighbor Technology Co Ltd
Original Assignee
Beijing City Network Neighbor Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Beijing City Network Neighbor Technology Co Ltd filed Critical Beijing City Network Neighbor Technology Co Ltd
Priority to CN201811366149.6A priority Critical patent/CN109508547A/en
Publication of CN109508547A publication Critical patent/CN109508547A/en
Pending legal-status Critical Current

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/57Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
    • G06F21/577Assessing vulnerabilities and evaluating computer system security

Abstract

The invention discloses a kind of localization method of vulnerability of application program, device, storage medium and terminals, this method comprises: receiving the feedback information for the default application program that user submits, feedback information includes at least the description of loophole;Detect whether loophole is the loophole that can not reappear according to the description of loophole;In the case where loophole is the loophole that can not reappear, collects user and reappear the operation log after loophole, operation log includes at least: reappearing the reproduction step of loophole;The position of loophole is determined according to reproduction step.The present invention is after receiving the feedback information of user, detect whether the loophole can be reappeared, when that cannot reappear, operation log after reappearing loophole by collection user carries out the accurate positionin of loophole according to the detailed reproduction step recorded in operation log, to achieve the purpose that timely patching bugs, the problem of having further prevented that loophole reparation can not be carried out for a long time, usage experience reduction of the caused user to App, having caused customer churn.

Description

A kind of localization method of vulnerability of application program, device, storage medium and terminal
Technical field
The present invention relates to software test fields, more particularly to the localization method, device, storage of a kind of vulnerability of application program Medium and terminal.
Background technique
Nowadays various application programs (App, Application) enrich the daily life of user, but since user makes Type is many kinds of, and developer possibly can not consider institute's organic type and system adaptation journey in development and application program Degree, therefore, exploitation or tester can also such as wish to add by receiving user using the feedback content after App after App is online The functional information that adds, using App error situation occurred etc., function supplement or loophole (bug), which are repaired, to be realized to App.
In the prior art, since the loophole description of user feedback may be relatively simple or unprofessional, exploitation or tester The accurate positionin of loophole can not be carried out, and then loophole problem can not be repaired in time, user is will affect when serious and body is used to App It tests, causes customer churn.
Summary of the invention
The present invention provides localization method, device, storage medium and the terminal of a kind of vulnerability of application program, existing to solve For technology since the loophole description of user feedback may be relatively simple or unprofessional, exploitation or tester can not carry out the standard of loophole The problem of determining position, and then loophole can not be repaired in time.
In order to solve the above technical problems, on the one hand, the present invention provides a kind of localization method of vulnerability of application program, comprising: Receive the feedback information for the default application program that user submits, wherein the feedback information includes at least the description of loophole;According to The description of the loophole detects whether the loophole is the loophole that can not reappear;In the feelings that the loophole is the loophole that can not reappear Under condition, collects the user and reappear the operation log after the loophole, wherein the operation log includes at least: described in reproduction The reproduction step of loophole;The position of the loophole is determined according to the reproduction step.
Further, the collection user reappears the operation log after the loophole, comprising: opens the user and uses Terminal log collection switch;It indicates that the user reappears the loophole, and collects after the user reappears the loophole Operation log;Close the log collection switch for the terminal that the user uses.
Further, described to detect whether the loophole is the loophole that reappear according to the description of the loophole, comprising: root Automatic detection script is created according to the description of the loophole, wherein the automatic detection script is for reappearing the loophole;It obtains Take the result screenshot executed each time after the automatic detection script execution preset times;The detection knot executed each time It is different from predetermined correct implementing result figure with the presence or absence of an at least result screenshot in fruit screenshot;Described each In the result screenshot of secondary execution at least exist a result screenshot it is different from the correct implementing result figure in the case where, the leakage Hole is reproducible loophole, and otherwise, the loophole is the loophole that can not reappear.
Further, it is described obtain the result screenshot that is executed each time after the automatic detection script execution preset times it Before, further includes: empty all data cached of the application program.
On the other hand, the present invention also provides a kind of positioning devices of vulnerability of application program, comprising: receiving module, for connecing Receive the feedback information for the default application program that user submits, wherein the feedback information includes at least the description of loophole;Detect mould Block, for detecting whether the loophole is the loophole that can not reappear according to the description of the loophole;Collection module, for described In the case that loophole is the loophole that can not reappear, collects the user and reappear the operation log after the loophole, wherein the behaviour It is included at least as log: reappearing the reproduction step of the loophole;Locating module, for determining the leakage according to the reproduction step The position in hole.
Further, the collection module, is specifically used for: opening the log collection switch for the terminal that the user uses;Refer to Show that the user reappears the loophole, and collects the user and reappear the operation log after the loophole;Closing the user makes The log collection of terminal switchs.
Further, the detection module, is specifically used for: automatic detection script is created according to the description of the loophole, In, the automatic detection script is for reappearing the loophole;It obtains every after the automatic detection script execution preset times The result screenshot once executed;With the presence or absence of an at least result screenshot in the detection result screenshot executed each time It is different from predetermined correct implementing result figure;At least there is a result in the result screenshot executed each time to cut In the case that figure is different from the correct implementing result figure, the loophole is reproducible loophole, and otherwise, the loophole is can not The loophole of reproduction.
Further, the detection module, is also used to: emptying all data cached of the application program.
On the other hand, the present invention also provides a kind of storage mediums, are stored with computer program, computer program is by processor The step of localization method of above-mentioned vulnerability of application program is realized when execution.
On the other hand, the present invention also provides a kind of terminals, include at least memory, processor, are stored with meter on memory Calculation machine program, processor realize the localization method of above-mentioned vulnerability of application program when executing the computer program on memory Step.
The present invention after receiving the feedback information of user, carry out detecting the loophole according to the feedback information of user first be It is no to be reappeared, if can reappear, problem can be directly repaired, if cannot reappear, loophole can be reappeared by collecting user Operation log afterwards carries out the accurate positionin of loophole, is repaired in time with reaching according to the detailed reproduction step recorded in operation log The purpose of multiple loophole has further prevented that loophole reparation can not be carried out for a long time, and the usage experience of App drops in caused user It is low, the problem of causing customer churn.
Detailed description of the invention
Fig. 1 is the flow chart of the localization method of vulnerability of application program in first embodiment of the invention;
Fig. 2 is the flow chart of the localization method of vulnerability of application program in second embodiment of the invention;
Fig. 3 is the flow chart of the localization method of vulnerability of application program in third embodiment of the invention;
Fig. 4 is the structural schematic diagram of the positioning device of vulnerability of application program into sixth embodiment of the present invention the 4th.
Specific embodiment
In order to solve the prior art since the loophole description of user feedback may be relatively simple or unprofessional, develops or test Personnel can not carry out the accurate positionin of loophole, and then the problem of can not repair loophole in time, apply journey the present invention provides a kind of Localization method, device, storage medium and the terminal of sequence loophole carry out into one the present invention below in conjunction with attached drawing and embodiment Step is described in detail.It should be appreciated that the specific embodiments described herein are merely illustrative of the present invention, the present invention is not limited.
The first embodiment of the present invention provides a kind of localization method of vulnerability of application program, flow chart as shown in Figure 1, Mainly include step S101 to S104:
S101 receives the feedback information for the default application program that user submits.
User can applied during using default application program because different operations triggers different functions Program there are when loophole, certain operations of user will lead to application program can not normal use, as dodge move back, white screen, can not be normal It jumps, these problems influence whether that user to the normal use of application program, therefore, would generally be provided in the application Feedback mechanism, so that user feeds back to by the problem in itself use process verbal description or by way of combining screenshot Application program backstage, backstage receive the feedback information that user submits, also, at least should include that user is using in feedback information The description of the loophole occurred in default application program.
It will be appreciated that presetting any one application program installed in the mobile terminal that application program is user, very To being the included application program of operating system, the present embodiment is not herein to default application program progress concrete restriction.
S102 detects whether loophole is the loophole that can not reappear according to the description of loophole, is the leakage that can not reappear in loophole When hole, step S103 is executed, otherwise, directly positions simultaneously patching bugs.
S103 collects user and reappears the operation log after loophole.
S104 determines the position of loophole according to reproduction step.
Reproducible loophole is the feedback information that backstage is submitted according to user, can be with by the circulate operation of certain number Reappear the loophole of correspondence problem, but since the description of the loophole of user feedback may be relatively simple or unprofessional, it from the background can not root The description of the problem of carrying out problem repetition according to description, or reappearing out and user are not inconsistent or the loophole is only at the end of certain model Occur on end, thinks the problem of user submits at this time for the loophole that can not reappear.
It for the loophole that can be directly reappeared, is described according to the loophole of the result of reproduction and user, backstage or exploitation Tester can directly position the position to go wrong into application program, and directly carry out problem reparation, multiple by hot repair Mode is issued to user.For the loophole that can not reappear, then reappear the operation day after the loophole by real-time collecting user Will, to obtain the reproduction step for reappearing the loophole.Specifically, operation log is log file, usually system or certain soft Part to it is completed certain processing record, so as to will as reference, in the present embodiment, operation log include at least reproduction The reproduction step of loophole can also further comprise the concrete condition of the mistake occurred, the information etc. of loophole type.
After obtaining reproduction step, it is only necessary to the accurate positionin of loophole can be carried out according to the reproduction step, developer exists The reparation of loophole can be carried out after positioning loophole, loophole will not occur again after determining reparation, and not influence other normal function In the case where energy, platform is answered by hot repair and updates reparation code, the user for there is the loophole is downloaded repairing.
The present embodiment carries out detecting first the loophole according to the feedback information of user after receiving the feedback information of user Whether can be reappeared, if can reappear, can directly repair problem, if cannot reappear, leakage can be reappeared by collecting user Operation log behind hole carries out the accurate positionin of loophole according to the detailed reproduction step recorded in operation log, to reach timely The purpose of patching bugs has further prevented that loophole reparation can not be carried out for a long time, and the usage experience of App drops in caused user It is low, the problem of causing customer churn.
The second embodiment of the present invention provides a kind of localization method of vulnerability of application program, and flow chart is as indicated with 2, main To include step S201 to S206:
S201 receives the feedback information for the default application program that user submits.
S202 detects whether loophole is the loophole that can not reappear according to the description of loophole, is the leakage that can not reappear in loophole When hole, step S203 is executed, otherwise, directly positions simultaneously patching bugs.
S203 opens the log collection switch for the terminal that user uses;
S204, instruction user reappear loophole, and collect user and reappear the operation log after loophole;
S205 closes the log collection switch for the terminal that user uses.
S206 determines the position of loophole according to reproduction step.
In the present embodiment, step S201 and S202 is identical as the step S101 and S102 in first embodiment of the invention, step Rapid S206 is identical as the step S104 in first embodiment of the invention, is no longer described in detail in the present embodiment, in the present embodiment It is described just for the step S203 to S205 different from first embodiment of the invention.
For the loophole that can not reappear, then reappear the operation log after the loophole by real-time collecting user, it is multiple to obtain The now reproduction step of the loophole.Whole processing records of the operation file due to having recorded system or software, what is occupied deposits It is larger to store up space, it is generally the case that user directly uses the number of operation log less, in order to save memory space, operates day The collection switch of will is in off state.In the present embodiment, application software backstage is due to can not be directly according to user about loophole Description when reappearing and positioning loophole, according to the ID for the user for submitting feedback, the terminal for controlling the user is opened log collection and is opened It closes.After switch is opened, the disposition of all operations and application program that user is carried out can be recorded in operation log In, at this point, instruction user reappears the loophole of its feedback, and after user reappears the loophole, collects and record leaky reproduction step Operation log.After collection, the log collection switch of user's using terminal is closed, unlatching log collection can be deleted when necessary The operation log generated in a period of switch, to discharge memory space.
The present embodiment by opening log collection switch when needed, and closing journal is received after getting operation log in time Collection switch realizes acquisition operation log in time and achievees the purpose that timely patching bugs to position loophole, and can save terminal For storing the memory space of operation log, only open when needed.
The third embodiment of the present invention provides a kind of localization method of vulnerability of application program, and flow chart is as indicated at 3, main To include step S301 to S306:
S301 receives the feedback information for the default application program that user submits.
S302 creates automatic detection script according to the description of loophole.
S303 obtains the result screenshot executed each time after automatic detection script execution preset times.
S304, detect in the result screenshot that executes each time with the presence or absence of an at least result screenshot and it is predetermined just True implementing result figure is different, at least there is a result screenshot and correct implementing result figure in the result screenshot executed each time In the case where difference, loophole is reproducible loophole, directly positioning and patching bugs;Otherwise, loophole can not reappear Loophole executes step S305.
S305 collects user and reappears the operation log after loophole.
S306 determines the position of loophole according to reproduction step.
In the present embodiment, step S301 is identical as the step S101 in first embodiment of the invention, step S305 and S306 It is identical as the step S103 and S104 in first embodiment of the invention, it is no longer described in detail in the present embodiment, in the present embodiment It is described just for the step S302 to S304 different from first embodiment of the invention.
It include user's description as described in loophole in the feedback information that user submits, application program background server receives this After description, according to its there may be the reason of, create automatic detection script to reappear the loophole;Then by the automatized script Preset times are continuously performed, save the implementing result screenshot of application program after automatized script is finished each time as judgement The foundation whether to start a leak;By automatized script execute preset times after, by the result screenshot executed each time with set in advance Fixed correct implementing result figure compares, and detects in all result screenshots with the presence or absence of at least result screenshot and in advance Determining correct implementing result figure is different;If in all result screenshots, exist an at least result screenshot with it is predetermined Correct implementing result figure is different, then illustrates once occurred at least once not in the automatized script of preset times executes It correct the case where executing, can determine at this time, by the circulate operation of finite number of time, the reproduction of loophole may be implemented, which is Loophole can be reappeared, backstage or exploitation tester can directly position the position to go wrong into application program, and directly carry out Problem reparation is issued by the multiple mode of hot repair to user;If all result screenshots are correctly held with preset Row result figure is identical, then by the circulate operation of finite number of time, can not reappear the loophole, determines that the loophole is not reproducible leakage Hole executes step S305 at this time and collects the operation log of user to position loophole place.
It will be appreciated that in the present embodiment, preset times be tester rule of thumb or the severity of loophole The numerical value of setting, usually 100 times.Also, all data cached of application program before execution, is emptied first, guarantees to survey Examination process not will receive the interference of other data, it is preferable that can empty primary application after having executed an automatized script Program it is data cached, guarantee that the environment that executes every time is identical, promote testing efficiency.
Perform script of the present embodiment by automation, the judgement whether loophole of Lai Jinhang user feedback can reappear, The operating time manually reappeared can be saved, further shortens the repairing efficiency of loophole, achievees the purpose that timely patching bugs.
The fourth embodiment of the present invention provides a kind of positioning device of vulnerability of application program, after being installed on application program In platform server, structural schematic diagram is as shown in figure 4, specifically include that receiving module 10, for receiving default the answering of user's submission With the feedback information of program, wherein feedback information includes at least the description of loophole;Detection module 20 is coupled with order module 10, For detecting whether loophole is the loophole that can not reappear according to the description of loophole;Collection module 30 is coupled with detection module 20, is used Reappear the operation log after loophole in the case where loophole is the loophole that can not reappear, collecting user, wherein operation log is extremely It less include: the reproduction step for reappearing loophole;Locating module 40 is coupled with collection module 30, for determining leakage according to reproduction step The position in hole.
User can applied during using default application program because different operations triggers different functions Program there are when loophole, certain operations of user will lead to application program can not normal use, as dodge move back, white screen, can not be normal It jumps, these problems influence whether that user to the normal use of application program, therefore, would generally be provided in the application Feedback mechanism, so that user feeds back to by the problem in itself use process verbal description or by way of combining screenshot The background server of application program receives the feedback information that user submits by receiving module 10, also, at least answers in feedback information This includes the description for the loophole that user is occurred in using default application program.
Reproducible loophole is the feedback information that backstage is submitted according to user, the circulation that detection module 20 passes through certain number Operation, can reappear the loophole of correspondence problem, it is determined that the loophole is reproducible loophole;But due to the loophole of user feedback Description may be relatively simple or unprofessional, and detection module 20 can not carry out problem repetition according to description, or the problem of reappear out with The description of user is not inconsistent or the loophole only occurs in the terminal of certain model, thinks that the problem of user submits is nothing at this time The loophole of method reproduction.
It for the loophole that can be directly reappeared, is described according to the loophole of the result of reproduction and user, backstage or exploitation Tester can directly position the position to go wrong into application program, and directly carry out problem reparation, multiple by hot repair Mode is issued to user.For the loophole that can not reappear, then the loophole is reappeared by 30 real-time collecting user of collection module Operation log afterwards, to obtain the reproduction step for reappearing the loophole.Specifically, operation log is log file, usually system Or certain softwares, to the record of certain completed processing, so as to will be as reference, in the present embodiment, operation log be extremely Few includes the reproduction step of reproduction loophole, can also further comprise the concrete condition of the mistake occurred, the information etc. of loophole type.
After obtaining reproduction step, locating module 40 need to carry out the accurate positionin of loophole according to the reproduction step, Developer can carry out the reparation of loophole after positioning loophole, and loophole will not occur again after determining reparation, and not influence In the case where other normal functions, platform is answered by hot repair and updates reparation code, the user for there is the loophole, which is downloaded, to repair It mends.
The present embodiment carries out detecting first the loophole according to the feedback information of user after receiving the feedback information of user Whether can be reappeared, if can reappear, can directly repair problem, if cannot reappear, leakage can be reappeared by collecting user Operation log behind hole carries out the accurate positionin of loophole according to the detailed reproduction step recorded in operation log, to reach timely The purpose of patching bugs has further prevented that loophole reparation can not be carried out for a long time, and the usage experience of App drops in caused user It is low, the problem of causing customer churn.
The fifth embodiment of the present invention provides a kind of positioning device of vulnerability of application program, after being installed on application program In platform server, structural schematic diagram is as shown in figure 4, specifically include that receiving module 10, for receiving default the answering of user's submission With the feedback information of program, wherein feedback information includes at least the description of loophole;Detection module 20 is coupled with order module 10, For detecting whether loophole is the loophole that can not reappear according to the description of loophole;Collection module 30 is coupled with detection module 20, is opened Enable the log collection switch for the terminal that family uses;It indicates that user reappears loophole, and collects user and reappear the operation day after loophole Will;Close the log collection switch for the terminal that user uses;Locating module 40 is coupled with collection module 30, for according to reproduction Step determines the position of loophole.
In the present embodiment in the function and fourth embodiment of the invention of receiving module 10, detection module 20 and locating module 40 Receiving module 10, detection module 20 are identical as the function of locating module 40, and in this not go into detail, in the present embodiment only in detail The concrete function of the thin description collection module 30 different from fourth embodiment.
For the loophole that can not reappear, then reappear the operation day after the loophole by 30 real-time collecting user of collection module Will, to obtain the reproduction step for reappearing the loophole.Whole processing records of the operation file due to having recorded system or software, The memory space that it is occupied is larger, it is generally the case that user directly uses the number of operation log less, empty in order to save storage Between, the collection switch of operation log is in off state.In the present embodiment, application software backstage is due to can not be directly according to user When the description as described in loophole reappears and positions loophole, collection module 30 controls the user's according to the ID for the user for submitting feedback Terminal opens log collection switch;After switch is opened, the disposition of all operations and application program that user is carried out can It is recorded in operation log, at this point, instruction user reappears the loophole of its feedback, and after user reappears the loophole, collects note It is loaded with the operation log of loophole reproduction step;After collection, the log collection that collection module 30 closes user's using terminal is opened It closes, the operation log generated in a period of opening log collection switch can be deleted, when necessary to discharge memory space.
The present embodiment by opening log collection switch when needed, and closing journal is received after getting operation log in time Collection switch realizes acquisition operation log in time and achievees the purpose that timely patching bugs to position loophole, and can save terminal For storing the memory space of operation log, only open when needed.
The sixth embodiment of the present invention provides a kind of positioning device of vulnerability of application program, after being installed on application program In platform server, structural schematic diagram is as shown in figure 4, specifically include that receiving module 10, for receiving default the answering of user's submission With the feedback information of program, wherein feedback information includes at least the description of loophole;Detection module 20 is coupled with order module 10, Automatic detection script is created according to the description of loophole, wherein automatic detection script is for reappearing loophole;Obtain automation inspection Survey the result screenshot executed each time after script execution preset times;It detects in the result screenshot executed each time with the presence or absence of extremely A few result screenshot is different from predetermined correct implementing result figure;At least exist in the result screenshot executed each time In the case that one result screenshot is different from correct implementing result figure, loophole is reproducible loophole, and otherwise, loophole is that can not answer Existing loophole;Collection module 30 is coupled with detection module 20, for collecting in the case where loophole is the loophole that can not reappear User reappears the operation log after loophole, wherein operation log includes at least: reappearing the reproduction step of loophole;Locating module 40, It is coupled with collection module 30, for determining the position of loophole according to reproduction step.
In the present embodiment in the function and fourth embodiment of the invention of receiving module 10, collection module 30 and locating module 40 Receiving module 10, collection module 30 are identical as the function of locating module 40, and in this not go into detail, in the present embodiment only in detail The concrete function of the thin description detection module 20 different from fourth embodiment.
It include user's description as described in loophole in the feedback information that user submits, after receiving module 10 receives the description, According to its there may be the reason of, detection module 20 create automatic detection script to reappear the loophole;Then by the automation Script continuously performs preset times, saves the implementing result screenshot conduct of application program after automatized script is finished each time Judge whether the foundation to start a leak;The knot that detection module 20 after automatized script execution preset times, will will execute each time Fruit screenshot is compared with preset correct implementing result figure, is detected in all result screenshots with the presence or absence of at least one As a result screenshot is different from predetermined correct implementing result figure;If in all result screenshots, there is an at least result and cut Figure is different from predetermined correct implementing result figure, then illustrates once occurred in the automatized script of preset times executes The case where crossing at least once and being not performing properly, detection module 20 can determine at this time, can be with by the circulate operation of finite number of time Realize the reproduction of loophole, which is that can reappear loophole, and backstage or exploitation tester can directly position into application program The position of existing problem, and problem reparation is directly carried out, it is issued by the multiple mode of hot repair to user;If all results are cut Figure is identical as preset correct implementing result figure, then by the circulate operation of finite number of time, can not reappear the loophole, examines It surveys module 20 and determines that the loophole is not reproducible loophole, the operation log of user is collected to position by collection module 30 at this time Where loophole.
It will be appreciated that before execution, detection module 20 empties all data cached of application program first, guarantee Test process not will receive the interference of other data, it is preferable that can empty after having executed an automatized script and once answer It is data cached with program, guarantee that the environment executed every time is identical, promotes testing efficiency.
Perform script of the present embodiment by automation, the judgement whether loophole of Lai Jinhang user feedback can reappear, The operating time manually reappeared can be saved, further shortens the repairing efficiency of loophole, achievees the purpose that timely patching bugs.
Seventh embodiment of the invention provides a kind of storage medium, is stored with computer program, and computer program is processed Following steps S11 to S14 is realized when device executes:
S11 receives the feedback information for the default application program that user submits, wherein feedback information includes at least loophole Description;
S12 detects whether loophole is the loophole that can not reappear according to the description of loophole;
S13 collects user and reappears the operation log after loophole in the case where loophole is the loophole that can not reappear, wherein Operation log includes at least: reappearing the reproduction step of loophole;
S14 determines the position of loophole according to reproduction step.
In the present embodiment, storage medium may be mounted in the background server of application program.Due to implementing first The specific steps of the localization method of vulnerability of application program are described in detail in example, therefore, in the present embodiment not It repeats again.
Optionally, in the present embodiment, above-mentioned storage medium can include but is not limited to: USB flash disk, read-only memory (ROM, Read-Only Memory), random access memory (RAM, Random Access Memory), mobile hard disk, magnetic disk or The various media that can store program code such as CD.Optionally, in the present embodiment, processor has been deposited according in storage medium The program code of storage executes the method and step of above-described embodiment record.Optionally, the specific example in the present embodiment can refer to Example described in above-described embodiment and optional embodiment, details are not described herein for the present embodiment.Obviously, the technology of this field Personnel should be understood that each module of the above invention or each step can be realized with general computing device, they can be with It is concentrated on a single computing device, or is distributed over a network of multiple computing devices, optionally, they can be used Computing device executable program code is realized, is held it is thus possible to be stored in storage device by computing device Row, and in some cases, can with the steps shown or described are performed in an order that is different from the one herein, or by they point It is not fabricated to each integrated circuit modules, or makes multiple modules or steps in them to single integrated circuit module It realizes.In this way, the present invention is not limited to any specific hardware and softwares to combine.
The eighth embodiment of the present invention provides a kind of terminal, includes at least memory, processor, is stored on memory Computer program, processor realize following steps S21 to S24 when executing the computer program on memory:
S21 receives the feedback information for the default application program that user submits, wherein feedback information includes at least loophole Description;
S22 detects whether loophole is the loophole that can not reappear according to the description of loophole;
S23 collects user and reappears the operation log after loophole in the case where loophole is the loophole that can not reappear, wherein Operation log includes at least: reappearing the reproduction step of loophole;
S24 determines the position of loophole according to reproduction step.
In the present embodiment, terminal can be the background server equipment of application program.Due in the first embodiment Specific steps through the localization method to vulnerability of application program are described in detail, and therefore, repeat no more in the present embodiment.
Although for illustrative purposes, the preferred embodiment of the present invention has been disclosed, those skilled in the art will recognize It is various improve, increase and replace be also it is possible, therefore, the scope of the present invention should be not limited to the above embodiments.

Claims (10)

1. a kind of localization method of vulnerability of application program characterized by comprising
Receive the feedback information for the default application program that user submits, wherein the feedback information includes at least the description of loophole;
Detect whether the loophole is the loophole that can not reappear according to the description of the loophole;
In the case where the loophole is the loophole that can not reappear, collects the user and reappears the operation log after the loophole, Wherein, the operation log includes at least: reappearing the reproduction step of the loophole;
The position of the loophole is determined according to the reproduction step.
2. localization method as described in claim 1, which is characterized in that the collection user reappears the behaviour after the loophole Make log, comprising:
Open the log collection switch for the terminal that the user uses;
It indicates that the user reappears the loophole, and collects the user and reappear the operation log after the loophole;
Close the log collection switch for the terminal that the user uses.
3. localization method as claimed in claim 1 or 2, which is characterized in that described according to the description of loophole detection Whether loophole is the loophole that can not reappear, comprising:
Automatic detection script is created according to the description of the loophole, wherein the automatic detection script is described for reappearing Loophole;
Obtain the result screenshot executed each time after the automatic detection script execution preset times;
In the detection result screenshot executed each time with the presence or absence of an at least result screenshot and it is predetermined just True implementing result figure is different;
It is different from the correct implementing result figure at least to there is a result screenshot in the result screenshot executed each time In the case where, the loophole is reproducible loophole, and otherwise, the loophole is the loophole that can not reappear.
4. localization method as claimed in claim 3, which is characterized in that the acquisition automatic detection script execution is default Before the result screenshot executed each time after number, further includes:
Empty all data cached of the application program.
5. a kind of positioning device of vulnerability of application program characterized by comprising
Receiving module, the feedback information of the default application program for receiving user's submission, wherein the feedback information at least wraps Include the description of loophole;
Detection module, for detecting whether the loophole is the loophole that can not reappear according to the description of the loophole;
Collection module reappears the loophole in the case where the loophole is the loophole that can not reappear, collecting the user Operation log afterwards, wherein the operation log includes at least: reappear the reproduction step of the loophole;
Locating module, for determining the position of the loophole according to the reproduction step.
6. positioning device as claimed in claim 5, which is characterized in that the collection module is specifically used for:
Open the log collection switch for the terminal that the user uses;
It indicates that the user reappears the loophole, and collects the user and reappear the operation log after the loophole;
Close the log collection switch for the terminal that the user uses.
7. such as positioning device described in claim 5 or 6, which is characterized in that the detection module is specifically used for:
Automatic detection script is created according to the description of the loophole, wherein the automatic detection script is described for reappearing Loophole;
Obtain the result screenshot executed each time after the automatic detection script execution preset times;
In the detection result screenshot executed each time with the presence or absence of an at least result screenshot and it is predetermined just True implementing result figure is different;
It is different from the correct implementing result figure at least to there is a result screenshot in the result screenshot executed each time In the case where, the loophole is reproducible loophole, and otherwise, the loophole is the loophole that can not reappear.
8. positioning device as claimed in claim 7, which is characterized in that the detection module is also used to:
Empty all data cached of the application program.
9. a kind of storage medium, is stored with computer program, which is characterized in that real when the computer program is executed by processor The step of localization method of existing vulnerability of application program described in any one of Claims 1-4.
10. a kind of terminal includes at least memory, processor, is stored with computer program on the memory, feature exists In the processor realizes described in any one of Claims 1-4 answer when executing the computer program on the memory The step of with the localization method of program bug.
CN201811366149.6A 2018-11-16 2018-11-16 A kind of localization method of vulnerability of application program, device, storage medium and terminal Pending CN109508547A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201811366149.6A CN109508547A (en) 2018-11-16 2018-11-16 A kind of localization method of vulnerability of application program, device, storage medium and terminal

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201811366149.6A CN109508547A (en) 2018-11-16 2018-11-16 A kind of localization method of vulnerability of application program, device, storage medium and terminal

Publications (1)

Publication Number Publication Date
CN109508547A true CN109508547A (en) 2019-03-22

Family

ID=65748726

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201811366149.6A Pending CN109508547A (en) 2018-11-16 2018-11-16 A kind of localization method of vulnerability of application program, device, storage medium and terminal

Country Status (1)

Country Link
CN (1) CN109508547A (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110990842A (en) * 2019-12-19 2020-04-10 上海米哈游网络科技股份有限公司 Recurrence method and device of small probability event, storage medium and electronic equipment

Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20110040924A1 (en) * 2009-08-11 2011-02-17 Selinger Robert D Controller and Method for Detecting a Transmission Error Over a NAND Interface Using Error Detection Code
CN106294149A (en) * 2016-08-09 2017-01-04 北京邮电大学 A kind of method detecting Android application component communication leak
CN106844204A (en) * 2017-01-11 2017-06-13 福建星网视易信息系统有限公司 A kind of utilization mobile terminal generates the method and system of defect report
CN107657177A (en) * 2017-09-30 2018-02-02 北京奇虎科技有限公司 A kind of leak detection method and device
CN107844486A (en) * 2016-09-18 2018-03-27 腾讯科技(深圳)有限公司 A kind of method and system of analysis webpage problem for client
CN108446134A (en) * 2018-03-30 2018-08-24 努比亚技术有限公司 Loophole restorative procedure, mobile terminal and the readable storage medium storing program for executing of application program

Patent Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20110040924A1 (en) * 2009-08-11 2011-02-17 Selinger Robert D Controller and Method for Detecting a Transmission Error Over a NAND Interface Using Error Detection Code
CN106294149A (en) * 2016-08-09 2017-01-04 北京邮电大学 A kind of method detecting Android application component communication leak
CN107844486A (en) * 2016-09-18 2018-03-27 腾讯科技(深圳)有限公司 A kind of method and system of analysis webpage problem for client
CN106844204A (en) * 2017-01-11 2017-06-13 福建星网视易信息系统有限公司 A kind of utilization mobile terminal generates the method and system of defect report
CN107657177A (en) * 2017-09-30 2018-02-02 北京奇虎科技有限公司 A kind of leak detection method and device
CN108446134A (en) * 2018-03-30 2018-08-24 努比亚技术有限公司 Loophole restorative procedure, mobile terminal and the readable storage medium storing program for executing of application program

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110990842A (en) * 2019-12-19 2020-04-10 上海米哈游网络科技股份有限公司 Recurrence method and device of small probability event, storage medium and electronic equipment

Similar Documents

Publication Publication Date Title
US9032371B2 (en) Method and apparatus for automatic diagnosis of software failures
US5629878A (en) Test planning and execution models for generating non-redundant test modules for testing a computer system
CN104050075B (en) The method of testing and device of Andriod application programs
US10585668B2 (en) Processor testing using randomly generated branch instructions
CN103365770A (en) Mobile terminal software testing system and software testing method
US20050204241A1 (en) Method and device for analyzing software error
US20090204946A1 (en) Intelligent software code updater
US20210011840A1 (en) Software testing method, system, apparatus, device medium, and computer program product
CN107820608A (en) For the method and apparatus for the Debugging message for producing, capture, storing and loading the test script to fail
CN109508547A (en) A kind of localization method of vulnerability of application program, device, storage medium and terminal
CN105653946A (en) Android malicious behavior detection system based on combined event behavior triggering and detection method of Android malicious behavior detection system
US9471454B2 (en) Performing automated system tests
CN105975373A (en) Running monitoring method and apparatus for software program
CN107704389B (en) Page testing method and device
CN109726107A (en) Test method, device, equipment and storage medium
CN103049374B (en) Automatic testing method and device
US8855801B2 (en) Automated integration of feedback from field failure to order configurator for dynamic optimization of manufacturing test processes
US20200065630A1 (en) Automated early anomaly detection in a continuous learning model
US7546589B2 (en) Semi-automated desk checking system and method
CN111124919A (en) User interface testing method, device, equipment and storage medium
CN109460359A (en) A kind of software version test method and system for embedded device
CN111198811A (en) Page automatic test method and device, electronic equipment and storage medium
CN107102938B (en) Test script updating method and device
CN106649074A (en) Method and device for program debugging of intelligent card
Barrett et al. Test process optimization: Closing the gap in the defect spectrum

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination