CN109656809A - A kind of application programming interfaces detection method, device and computer readable storage medium - Google Patents
A kind of application programming interfaces detection method, device and computer readable storage medium Download PDFInfo
- Publication number
- CN109656809A CN109656809A CN201811320801.0A CN201811320801A CN109656809A CN 109656809 A CN109656809 A CN 109656809A CN 201811320801 A CN201811320801 A CN 201811320801A CN 109656809 A CN109656809 A CN 109656809A
- Authority
- CN
- China
- Prior art keywords
- api
- application program
- operating system
- committed
- privately owned
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F11/00—Error detection; Error correction; Monitoring
- G06F11/36—Preventing errors by testing or debugging software
- G06F11/3668—Software testing
- G06F11/3672—Test management
- G06F11/3688—Test management for test execution, e.g. scheduling of test suites
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/51—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems at application loading time, e.g. accepting, rejecting, starting or inhibiting executable software based on integrity or source reliability
Abstract
The present invention provides a kind of application programming interfaces detection method, device and computer readable storage mediums, belong to field of computer technology.Specifically, all API and open API provided in the available operating system of this method, all API provided in operating system and open API are provided, determine the privately owned API of operating system, to determine all privately owned API for including in operating system, guarantee the complete and accurate of privately owned API information, then, all API used in application program to be committed can be extracted, based on all API used in privately owned API and application program to be committed, determine privately owned API used in application program to be committed, since the privately owned API for comparison is whole privately owned API in operating system, and then guarantee to determine all privately owned API used in application program to be committed, improve the accuracy rate of detection.
Description
Technical field
The invention belongs to field of computer technology, more particularly to a kind of application programming interfaces detection method, device and meter
Calculation machine readable storage medium storing program for executing.
Background technique
With the continuous development of computer technology, more and more for the application program of operating system exploitation.Operating system
Whether side can audit and the privately owned application program of the offer of the operating system has been used to connect in the application program to guarantee safety
Mouth (Application Programming Interface, API), has used privately owned API if detected in application program,
So the application program can not then be issued in the operating system, and then application issued is caused to be obstructed.In order to guarantee to apply
Program can be issued sequentially, and application development side would generally detect application program before submitting application program.
In the prior art, the open API document of operating system side's offer is normally based on to detect, if detecting application
There is the API not recorded in the disclosure API document in program, it is determined that there are privately owned API in the application program.
But with the update of operating system, the API that operating system provides may be increase accordingly, in this way, will lead to this
The information recorded in open API document is not comprehensive enough, and then leads to not the privately owned API that accurate detection goes out in application program.
Summary of the invention
The present invention provides a kind of application programming interfaces detection method, device and computer readable storage medium, to solve
The lower problem of the accuracy rate of detection.
According to the present invention in a first aspect, providing a kind of application programming interfaces detection method, this method may include:
It is provided in all application programming interfaces API provided in acquisition operating system, and the acquisition operating system
Open API;
Based on all API provided in the operating system and open API, the privately owned API of the operating system is determined;
Extract all API used in application program to be committed;
Based on all API used in the privately owned API and the application program to be committed, described to be committed answer is determined
The privately owned API used in program.
It is optionally, described that all API provided in operating system are provided, comprising:
Class dump command is called, so that the class dump command is extracted in the operating system in each dynamic base
API obtains all API provided in the operating system.
It is optionally, described that the open API provided in the operating system is provided, comprising:
Based on preset canonical matching expression, extract in the operating system included in the header file of each dynamic base
The first open API;
From the open API document that the operating system provides, the second open API is determined;
Described first open API and the second open API are merged, the disclosure that the operating system provides is obtained
API。
It is optionally, described to extract all API used in application program to be committed, comprising:
Character string command is called, so that the character string command determines in the application program to be committed with character style
The API of calling obtains the first application program API;
Invocation target document presentation order, so that the file destination shows that order determines the application program to be committed
Used in the second application program;
Call sign table order, so that the symbol table order determines used in the application program to be committed
Three application program API;
The first application program API, the second application program API and the third application program API are carried out
Merge, obtains all API used in the application program to be committed.
Optionally, described based on all API provided in the operating system and open API, determine that the operation is
The privately owned API of system, comprising:
Identical API in all API provided in the operating system the and open API is provided;
By the API in all API provided in the operating system in addition to the identical API, it is determined as the behaviour
Make the privately owned API of system.
Optionally, described based on all API used in the privately owned API and the application program to be committed, it determines
After privately owned API used in the application program to be committed, the method also includes:
Prompting message is modified in display, includes privately owned used in the application program to be committed in the modification prompting message
API。
Second aspect according to the present invention provides a kind of application programming interfaces detection device, the apparatus may include:
Module is obtained, for obtaining all application programming interfaces API provided in operating system, and the acquisition operation
The open API provided in system;
First determining module, described in determining based on all API provided in the operating system and open API
The privately owned API of operating system;
Extraction module, for extracting all API used in application program to be committed;
First determining module, for based on all used in the privately owned API and the application program to be committed
API determines privately owned API used in the application program to be committed.
Optionally, the acquisition module, is used for:
Class dump command is called, is determined in the operating system in each dynamic base so that the class dump command is extracted
API, all API provided in the operating system are provided.
Optionally, the acquisition module, is used for:
Based on preset canonical matching expression, extract in the operating system included in the header file of each dynamic base
The first open API;
From the open API document that the operating system provides, the second open API is determined;
Described first open API and the second open API are merged, the disclosure that the operating system provides is obtained
API。
Optionally, the extraction module, is used for:
Character string command is called, so that the character string command determines in the application program to be committed with character style
The API of calling obtains the first application program API;
Invocation target document presentation order, so that the file destination shows that order determines the application program to be committed
Used in the second application program API;
Call sign table order, so that the symbol table order determines used in the application program to be committed
Three application program API;
The first application program API, the second application program API and the third application program API are carried out
Merge, obtains all API used in the application program to be committed.
Optionally, first determining module, is used for:
Identical API in all API provided in the operating system the and open API is provided;
By the API in all API provided in the operating system in addition to the identical API, it is determined as the behaviour
Make the privately owned API of system.
Optionally, described device further include:
Display module includes described to be committed using journey for showing modification prompting message, in the modification prompting message
Privately owned API used in sequence.
The third aspect, the embodiment of the invention provides a kind of computer readable storage mediums, which is characterized in that the calculating
Computer program is stored on machine readable storage medium storing program for executing, is realized as described in relation to the first aspect when the computer program is executed by processor
Application programming interfaces detection method the step of.
For first technology, the present invention has following advantage:
All API and open API provided in available operating system, are then based on the institute provided in operating system
There is API and open API, determines the privately owned API of operating system, to determine all privately owned API for including in operating system,
Guarantee the complete and accurate of privately owned API information, then, all API used in application program to be committed can be extracted, based on privately owned
All API used in API and application program to be committed, determine privately owned API used in application program to be committed, due to
It is whole privately owned API in operating system in the privately owned API of comparison, and then guarantees to determine to use in application program to be committed
All privately owned API, improve the accuracy rate of detection.
The above description is only an overview of the technical scheme of the present invention, in order to better understand the technical means of the present invention,
And it can be implemented in accordance with the contents of the specification, and in order to allow above and other objects of the present invention, feature and advantage can
It is clearer and more comprehensible, the followings are specific embodiments of the present invention.
Detailed description of the invention
By reading the following detailed description of the preferred embodiment, various other advantages and benefits are common for this field
Technical staff will become clear.The drawings are only for the purpose of illustrating a preferred embodiment, and is not considered as to the present invention
Limitation.And throughout the drawings, the same reference numbers will be used to refer to the same parts.In the accompanying drawings:
Fig. 1 is a kind of step flow chart of application programming interfaces detection method provided in an embodiment of the present invention;
Fig. 2-1 is the step flow chart of another application programming interfaces detection method provided in an embodiment of the present invention;
Fig. 2-2 is a kind of signal for determining privately owned API used in application program to be committed provided in an embodiment of the present invention
Figure;
Fig. 3 is a kind of block diagram of application programming interfaces detection device provided in an embodiment of the present invention;
Fig. 4 is a kind of block diagram of application programming interfaces detection device provided in an embodiment of the present invention.
Specific embodiment
The exemplary embodiment that the present invention will be described in more detail below with reference to accompanying drawings.Although showing the present invention in attached drawing
Exemplary embodiment, it being understood, however, that may be realized in various forms the present invention without should be by embodiments set forth here
It is limited.It is to be able to thoroughly understand the present invention on the contrary, providing these embodiments, and can be by the scope of the present invention
It is fully disclosed to those skilled in the art.
Fig. 1 is a kind of step flow chart of application programming interfaces detection method provided in an embodiment of the present invention, such as Fig. 1 institute
Show, this method may include:
Step 101 obtains all application programming interfaces API provided in operating system, and obtains the operating system
The open API of middle offer.
In the embodiment of the present invention, which can be suitable for various terminals operation for the exploitation of operating system side
System, for example, being suitable for the operating system of mobile phone, exemplary suitable for the operating system of computer or other electronic equipments, the behaviour
Making system can be Apple Macintosh operating system (iphone Operating System, iOS).Generally, operating system can provide more
API, wherein a part of API is as privately owned API, for being used when operating system side's development system function, another part API make
For open API, the use in the application program run in the operating system is developed for application developer.Further, eventually
End in order to accurately determine the privately owned API for including in application program, can first determine all API for being provided in operating system with
And open API, the privately owned API in operating system is determined with this.
Step 102, based on all API for being provided in the operating system and open API, determine the operating system
Privately owned API.
There may be the API that user oneself writes in practical application, in application program, if to use in application program
API whether there is the open API that provides in operating system to determine whether API used in application program is privately owned API,
It may result in judging result inaccuracy, for example, may include being write in application program by application developer oneself
API, the API oneself write are not open API, if being based only upon the open API provided in operating system compares judgement
If, since the API oneself write is not present in the open API of operating system offer, then this oneself will be write
API is mistaken for privately owned API.Therefore, in this step, terminal can based on all API for being provided in operating system and open API,
Determine the privately owned API of operating system, in order in subsequent step can using the privately owned API of the operating system as determination basis,
And then erroneous judgement problem is avoided, improve accuracy.
Step 103 extracts all API used in application program to be committed.
In the embodiment of the present invention, application program to be committed can be the application program that will be committed to operating system, into
One step, terminal can extract all API used in the application program to be committed, in order to determine it in subsequent step
Used in privately owned API.
Step 104, based on all API used in the privately owned API and the application program to be committed, determine described in
Privately owned API used in application program to be committed.
In the embodiment of the present invention, all API and open API which, which is terminal, is provided based on operating system are true
Fixed, it is therefore contemplated that it comprises privately owned API whole in operating system, correspondingly, terminal is based on complete in operating system
The privately owned API in portion determines privately owned API used in application program to be committed, can be to avoid the problem of omission, and then improves detection
Accuracy rate.
In conclusion application programming interfaces detection method provided in an embodiment of the present invention, mentioned in available operating system
All API and open API supplied, are then based on all API provided in operating system and open API, determine operation system
The privately owned API of system guarantees the complete and accurate of privately owned API information to determine all privately owned API for including in operating system
Property, then, can extract all API used in application program to be committed, based on making in privately owned API and application program to be committed
All API determine privately owned API used in application program to be committed, since the privately owned API for comparison is operating system
The middle privately owned API of whole, and then guarantee to determine all privately owned API used in application program to be committed, improve detection
Accuracy rate.
Fig. 2-1 is the step flow chart of another application programming interfaces detection method provided in an embodiment of the present invention, is such as schemed
Shown in 2-1, this method may include:
Step 201 obtains all application programming interfaces API provided in operating system, and obtains the operating system
The open API of middle offer.
Specifically, terminal can realize the institute for obtaining and providing in operating system by following sub-steps (1)~sub-step (4)
There is application programming interfaces API and open API:
Sub-step (1): based on class dump command is called, so that the class dump command is extracted in the operating system often
API in a dynamic base obtains all API provided in the operating system.
In this step, such dump command can be Class dump order, which can be based on
The library Runtime that Objective-C language is write is handled towards the global object in dynamic base, wherein Objective-C
Language is a dynamic language, and many static instructions in compiling and can be linked processing when the thing that period does is put into operation by it,
The library Runtime indicates that a runtime system, the runtime system can be handled dynamically, the energy with object-oriented
Power.Specifically, in this step, terminal can call Class dump order can first to each dynamic base in operating system into
Then row global search based on the class and agreement for including in each dynamic base, generates claim information, finally respectively from each
Included method, and the attribute for being included are extracted in the corresponding claim information of class and the corresponding claim information of each agreement
Corresponding setting method and acquisition methods, and then obtain the API in each dynamic base.
Sub-step (2): being based on preset canonical matching expression, extracts the head text of each dynamic base in the operating system
First open API included in part.
In this step, terminal can carry out canonical matching to the header file in each dynamic base in the form of Run Script,
The preset canonical matching expression may include the first canonical matching expression and the second canonical matching expression.Specifically
, terminal can extract every header file in each dynamic base, the comment section in every header file is then deleted, to avoid
Comment section API operation open to extraction first interferes.
Then, terminal can match every header file by preset first canonical matching expression, extract every
The class and agreement for including in header file, wherein the first matching key can be set in the first canonical matching expression
Word, which can be intersace, protocol, and intersace can be used for matching in header file
Class ,@protocol can be used for matching the agreement in header file.Further, terminal can pass through preset second canonical
Matching expression matches each class extracted and agreement, extracts the method for including in each class and each agreement
And attribute, finally, extracting the corresponding setting method of each attribute in each attribute and acquisition methods, each method extracted
And the corresponding setting method of each attribute and acquisition methods are the first open API.Wherein, the second canonical matching expression
In can be set with the second matching keyword, this second matching keyword can be can represent method keyword and can
The keyword of attribute is represented, for example,@property.
Sub-step (3): from the open API document that operating system provides, the second open API is determined.
Specifically, the disclosure API document can be the document of the open API of record of operating system side's offer, generally, the public affairs
Opening API document is database format, and therefore, in this step, terminal can be ordered based on the operation for database format file
It enables to determine all API recorded in the disclosure API document, obtains the second open API.
Sub-step (4): the described first open API and the second open API are merged, the operating system is obtained
The open API of offer.
Specifically, terminal can will include and the API that does not include in the second open API is added to the in the first open API
Two open API are exactly, the difference set of set and the second open API set constituted that the first open API is constituted is added to the
In the set that two open API are constituted, and then obtain the open API of operating system offer.
In practical application, since header file is convenient for reading, operating system side, generally can be by open API setting in order to manage
It, therefore, can be directly by the first disclosure in another alternative embodiment of the invention inside the header file in each dynamic base
API is determined as the open API of operating system offer.But due to it is possible that mistake, and then leading to part in extraction process
API does not extract success, in this way, may lack the open API of part operation system offer, therefore, this hair in the first open API
In bright embodiment, terminal can extract the second open API from the open API document that operating system provides, by the first open API with
And second open API merge to determine open API that operating system provides, in this way, can be by including in the second open API
Information makes up the first open API loss of learning problem that may be present as far as possible, and then improves the complete of the open API obtained
Degree.
Step 202, based on all API for being provided in the operating system and open API, determine the operating system
Privately owned API.
Specifically, terminal can first determine that all API provided in operating system are identical with open API in this step
API the API in all API provided in operating system in addition to identical API is then determined as to the private of operating system
There is API.It is exemplary, it is assumed that all API provided in operating system include (a, b, c, d, e), and open API includes (b, c), then
It can determine that the privately owned API of operating system includes (a, d, e).Certainly, terminal can also realize determining institute by other means
The privately owned API of operating system is stated, for example, set and disclosure API structure that all API directly provided in calculating operation system are constituted
At set difference set, and then obtain the privately owned API of operating system.
Step 203 extracts all API used in application program to be committed.
Specifically, terminal, which can be realized to extract in application program to be committed by following sub-steps (5)~sub-step (8), to be made
All API:
Sub-step (5): character string command is called, so that the character string command determines in the application program to be committed
With the API that character string forms are called, the first application program API is obtained.
Wherein, which can be the strings order that system provides, due to that may exist in application program
With the API that character string is called, and the strings order can search character string forms tune in obj ect file or binary file
API, therefore, in this step, terminal first can be handled application program based on the strings order, to determine
First application program API.
Sub-step (6): invocation target document presentation order, so that the file destination shows order described in determining wait mention
Hand over the second application program API used in application program.
In this step, which shows that order can be the otool order that system provides, and terminal can be with invocation target
Document presentation order so that the file destination show order will the method that be called in the system library that used in application program and
Used attribute is shown, and the second application program used in application program can be obtained in the content for being then based on displaying
API, the second application program API are in the method called in the application program for including and each attribute in the content shown
Including setting method and acquisition methods.
Sub-step (7): call sign table order, so that the symbol table order determines in the application program to be committed
Used third application program API.
Specifically, terminal can be with call sign table order, so that the symbol table order is by the symbol table in application program
It shows, the API for including in the symbol table of the display is third application program API, wherein the symbol table order can be
The nm order that system provides.
Sub-step (8): to the first application program API, the second application program API and the third application journey
Sequence API is merged, and obtains all API used in the application program to be committed.
Specifically, the API that terminal can will include and not include in third application program API in the first application program API
It is added to third application program API, the API for including in the second application program API and not including in third application program API is added
Third application program API is added to, that is, is exactly, the first application program API set constituted and third application program API are constituted
The difference set of set is added in the set of third application program API composition, the set and third that the second application program API is constituted
The difference set for the set that application program API is constituted is added in the set of third application program API composition, and then obtains to be committed answer
All API used in program.
Due to the second application program API based on preset otool order determination, determining based on preset nm order
May exist in third application program API and omit, it therefore, can be in conjunction with the first application program API, the in the embodiment of the present invention
Two application program API and third application program API determine all API used in application program to be committed, make up as far as possible
Loss of learning problem, to guarantee the integrity degree of all API used in determining application program to be committed.Certainly, practical application
In, it can also be directly by the first application program API in conjunction with the second application program API, or by the second application program API and
Three application program API are combined, to determine that all API, the embodiment of the present invention used in application program to be committed do not limit this
It is fixed.
Step 204, based on all API used in the privately owned API and the application program to be committed, determine described in
Privately owned API used in application program to be committed.
In this step, terminal can calculate all API used in the set and application program to be committed that privately owned API is constituted
If the intersection is sky not used privately owned API in application program to be committed can be confirmed, such as in the intersection of sets collection of composition
The fruit intersection is not sky, then the API for including in the intersection can be confirmed as to privately owned API used in application program to be committed.
Exemplary, Fig. 2-2 is a kind of signal for determining privately owned API used in application program to be committed provided in an embodiment of the present invention
Figure obtains all API provided in operating system, the first open API and the second disclosure as can be seen that passing through from Fig. 2-2
API can determine all privately owned API provided in operating system, by obtaining included in application program to be committed the
One application program API, the second application program API and third application program API, can determine to make in application program to be committed
All API, according to all API used in all privately owned API provided in operating system and application program to be committed,
It can determine that privately owned API used in application program to be committed.
Further, since operating system side is in audit, it may be referred to as judgment criteria based on the name of API, i.e.,
It is exactly that, if there is API identical with privately owned API Name in application program, just will be considered that application program has used privately owned API,
Therefore, in this step, terminal is also possible to make in the set and application program to be committed that calculate the title composition of each privately owned API
The intersection of sets collection that the title of all API is constituted can be confirmed in application program to be committed not if the intersection is sky
The privately owned API used, if the intersection be not it is empty, the corresponding API of the API Name for including in the intersection can be confirmed as to
Privately owned API used in application program is submitted, in this way, can be convenient developer being capable of private to including in application program to be committed
There is API comprehensively to be modified, reduce after application program to be committed submits, can not by probability.
Step 205, display modify prompting message, include making in the application program to be committed in the modification prompting message
Privately owned API.
In practical application scene, if application program to be committed has used privately owned API, it can not just pass through subsequent operation system
The audit of method in the embodiment of the present invention, at the determination after privately owned API used in application program to be committed, can be shown
Modification prompting message including privately owned API used in application program to be committed, in order to which user can intuitively be known in time
Which privately owned API has been used, and then developer is facilitated to make corresponding modification.
In conclusion application programming interfaces detection method provided in an embodiment of the present invention, can first obtain in operating system
All API and open API provided, are then based on all API provided in operating system and open API, determine operation
The privately owned API of system guarantees the complete and accurate of privately owned API information to determine all privately owned API for including in operating system
Property, then, can extract all API used in application program to be committed, based on making in privately owned API and application program to be committed
All API determine privately owned API used in application program to be committed, since the privately owned API for comparison is operating system
The middle privately owned API of whole, and then guarantee to determine all privately owned API used in application program to be committed, improve detection
Accuracy rate, finally, terminal can also show modification prompting message, it include being used in application program to be committed in the modification prompting message
Privately owned API, in order to which developer can intuitively know the privately owned API used in time, and then developer is facilitated to make correspondence
Modification.
Fig. 3 is a kind of block diagram of application programming interfaces detection device provided in an embodiment of the present invention, as shown in figure 3, the dress
Setting 30 may include:
Module 301 is obtained, for obtaining all application programming interfaces API provided in operating system, and described in obtaining
The open API provided in operating system.
First determining module 302, for determining institute based on all API provided in the operating system and open API
State the privately owned API of operating system.
Extraction module 303, for extracting all API used in application program to be committed.
Second determining module 304, for based on all used in the privately owned API and the application program to be committed
API determines privately owned API used in the application program to be committed.
In conclusion application programming interfaces detection device provided in an embodiment of the present invention, operation system can be obtained by obtaining module
All API for being there is provided in system and open API, then the first determining module can based on all API provided in operating system with
And open API, it determines the privately owned API of operating system, to determine all privately owned API for including in operating system, guarantees private
There is the complete and accurate of API information, then, extraction module can extract all API used in application program to be committed, and second really
Cover half block can be determined and be used in application program to be committed based on all API used in privately owned API and application program to be committed
Privately owned API, since the privately owned API for comparison is whole privately owned API in operating system, and then guarantee to determine wait mention
All privately owned API used in application program are handed over, the accuracy rate of detection is improved.
Fig. 4 is a kind of block diagram of application programming interfaces detection device provided in an embodiment of the present invention, as shown in figure 4, the dress
Setting 40 may include:
Module 401 is obtained, for obtaining all application programming interfaces API provided in operating system, and described in obtaining
The open API provided in operating system.
First determining module 402, for determining institute based on all API provided in the operating system and open API
State the privately owned API of operating system.
Extraction module 403, for extracting all API used in application program to be committed.
Second determining module 404, for based on all used in the privately owned API and the application program to be committed
API determines privately owned API used in the application program to be committed.
Optionally, the acquisition module 401, is used for:
Class dump command is called, so that the class dump command is extracted in the operating system in each dynamic base
API obtains all API provided in the operating system.
Optionally, the acquisition module 401, is used for:
Based on preset canonical matching expression, extract in the operating system included in the header file of each dynamic base
The first open API;
From the open API document that the operating system provides, the second open API is determined;
Described first open API and the second open API are merged, the disclosure that the operating system provides is obtained
API。
Optionally, the extraction module 403, is used for:
Character string command is called, so that the character string command determines in the application program to be committed with character style
The API of calling obtains the first application program API.
Invocation target document presentation order, so that the file destination shows that order determines the application program to be committed
Used in the second application program API.
Call sign table order, so that the symbol table order determines used in the application program to be committed
Three application program API.
The first application program API, the second application program API and the third application program API are carried out
Merge, obtains all API used in the application program to be committed.
Optionally, first determining module 402, is used for:
Identical API in all API provided in the operating system the and open API is provided.
By the API in all API provided in the operating system in addition to the identical API, it is determined as the behaviour
Make the privately owned API of system.
Optionally, described device 40 further include:
Display module 405 includes the application to be committed in the modification prompting message for showing modification prompting message
Privately owned API used in program.
In conclusion application programming interfaces detection device provided in an embodiment of the present invention, operation system can be obtained by obtaining module
All API for being there is provided in system and open API, then the first determining module can based on all API provided in operating system with
And open API, it determines the privately owned API of operating system, to determine all privately owned API for including in operating system, guarantees private
There is the complete and accurate of API information, then, extraction module can extract all API used in application program to be committed, and second really
Cover half block can be determined and be used in application program to be committed based on all API used in privately owned API and application program to be committed
Privately owned API, since the privately owned API for comparison is whole privately owned API in operating system, and then guarantee to determine wait mention
All privately owned API used in application program are handed over, the accuracy rate of detection is improved, finally, display module can also show that modification is reminded
Information includes privately owned API used in application program to be committed in the modification prompting message, in order to which developer can be straight in time
That sees knows the privately owned API used, and then developer is facilitated to make corresponding modification.
For above-mentioned apparatus embodiment, since it is basically similar to the method embodiment, so be described relatively simple,
The relevent part can refer to the partial explaination of embodiments of method.
The embodiment of the present invention also provides a kind of computer readable storage medium, and meter is stored on computer readable storage medium
Calculation machine program, the computer program realize each mistake of above-mentioned application programming interfaces detection method embodiment when being executed by processor
Journey, and identical technical effect can be reached, to avoid repeating, which is not described herein again.Wherein, the computer-readable storage medium
Matter, such as read-only memory (Read-Only Memory, abbreviation ROM), random access memory (Random Access
Memory, abbreviation RAM), magnetic or disk etc..
All the embodiments in this specification are described in a progressive manner, the highlights of each of the examples are with
The difference of other embodiments, the same or similar parts between the embodiments can be referred to each other.
It would have readily occurred to a person skilled in the art that: any combination application of above-mentioned each embodiment is all feasible, therefore
Any combination between above-mentioned each embodiment is all embodiment of the present invention, but this specification exists as space is limited,
This is not just detailed one by one.
Provided herein application programming interfaces detection method not with any certain computer, virtual system or other equipment
It is intrinsic related.Various general-purpose systems can also be used together with teachings based herein.As described above, construction has this
Structure required by the system of scheme of the invention is obvious.In addition, the present invention is also not directed to any particular programming language.It answers
When understanding, it can use various programming languages and realize summary of the invention described herein, and language-specific is done above
Description be in order to disclose the best mode of carrying out the invention.
In the instructions provided here, numerous specific details are set forth.It is to be appreciated, however, that implementation of the invention
Example can be practiced without these specific details.In some instances, well known method, structure is not been shown in detail
And technology, so as not to obscure the understanding of this specification.
Similarly, it should be understood that in order to simplify the present invention and help to understand one or more of the various inventive aspects,
Above in the description of exemplary embodiment of the present invention, each feature of the invention is grouped together into single implementation sometimes
In example, figure or descriptions thereof.However, the disclosed method should not be interpreted as reflecting the following intention: i.e. required to protect
Shield the present invention claims features more more than feature expressly recited in each claim.More precisely, such as right
As claim reflects, inventive aspect is all features less than single embodiment disclosed above.Therefore, it then follows tool
Thus claims of body embodiment are expressly incorporated in the specific embodiment, wherein each claim conduct itself
Separate embodiments of the invention.
Those skilled in the art will understand that can be carried out adaptively to the module in the equipment in embodiment
Change and they are arranged in one or more devices different from this embodiment.It can be the module or list in embodiment
Member or component are combined into a module or unit or component, and furthermore they can be divided into multiple submodule or subelement or
Sub-component.Other than such feature and/or at least some of process or unit exclude each other, it can use any
Combination is to all features disclosed in this specification (including adjoint claim, abstract and attached drawing) and so disclosed
All process or units of what method or apparatus are combined.Unless expressly stated otherwise, this specification is (including adjoint power
Benefit require, abstract and attached drawing) disclosed in each feature can carry out generation with an alternative feature that provides the same, equivalent, or similar purpose
It replaces.
In addition, it will be appreciated by those of skill in the art that although some embodiments described herein include other embodiments
In included certain features rather than other feature, but the combination of the feature of different embodiments mean it is of the invention
Within the scope of and form different embodiments.For example, in detail in the claims, embodiment claimed it is one of any
Can in any combination mode come using.
Various component embodiments of the invention can be implemented in hardware, or to run on one or more processors
Software module realize, or be implemented in a combination thereof.It will be understood by those of skill in the art that can be used in practice
Microprocessor or digital signal processor (DSP) are realized in application programming interfaces detection method according to an embodiment of the present invention
Some or all components some or all functions.The present invention is also implemented as executing side as described herein
Some or all device or device programs (for example, computer program and computer program product) of method.It is such
It realizes that program of the invention can store on a computer-readable medium, or can have the shape of one or more signal
Formula.Such signal can be downloaded from an internet website to obtain, and perhaps be provided on the carrier signal or with any other shape
Formula provides.
It should be noted that the above-mentioned embodiments illustrate rather than limit the invention, and ability
Field technique personnel can be designed alternative embodiment without departing from the scope of the appended claims.In the claims,
Any reference symbol between parentheses should not be configured to limitations on claims.Word "comprising" does not exclude the presence of not
Element or step listed in the claims.Word "a" or "an" located in front of the element does not exclude the presence of multiple such
Element.The present invention can be by means of including the hardware of several different elements and being come by means of properly programmed computer real
It is existing.In the unit claims listing several devices, several in these devices can be through the same hardware branch
To embody.The use of word first, second, and third does not indicate any sequence.These words can be explained and be run after fame
Claim.
Claims (13)
1. a kind of application programming interfaces detection method, which is characterized in that the described method includes:
All application programming interfaces API provided in operating system are provided, and the disclosure provided in the operating system is provided
API;
Based on all API provided in the operating system and open API, the privately owned API of the operating system is determined;
Extract all API used in application program to be committed;
Based on all API used in the privately owned API and the application program to be committed, determine described to be committed using journey
Privately owned API used in sequence.
2. the method according to claim 1, wherein described obtain all API provided in operating system, packet
It includes:
Class dump command is called to obtain so that the class dump command extracts the API in the operating system in each dynamic base
All API provided into the operating system.
3. the method according to claim 1, wherein described obtain the open API provided in the operating system,
Include:
Based on preset canonical matching expression, extract in the operating system included in the header file of each dynamic base
One open API;
From the open API document that the operating system provides, the second open API is determined;
Described first open API and the second open API are merged, the open API that the operating system provides is obtained.
4. the method according to claim 1, wherein described extract used in application program to be committed is owned
API, comprising:
Character string command is called, is called so that the character string command determines in the application program to be committed with character style
API, obtain the first application program API;
Invocation target document presentation order, so that the file destination shows that order determines institute in the application program to be committed
The the second application program API used;
Call sign table order, so that the symbol table order determines that third used in the application program to be committed is answered
With program API;
The first application program API, the second application program API and the third application program API are merged,
Obtain all API used in the application program to be committed.
5. the method according to claim 1, wherein described based on all API provided in the operating system
And open API, determine the privately owned API of the operating system, comprising:
Identical API in all API provided in the operating system the and open API is provided;
By the API in all API provided in the operating system in addition to the identical API, it is determined as the operation system
The privately owned API of system.
6. based on the privately owned API and described to be committed being answered the method according to claim 1, wherein described
All API used in program, after determining privately owned API used in the application program to be committed, the method is also wrapped
It includes:
Prompting message is modified in display, includes privately owned API used in the application program to be committed in the modification prompting message.
7. a kind of application programming interfaces detection device, which is characterized in that described device includes:
Module is obtained, for obtaining all application programming interfaces API provided in operating system, and the acquisition operating system
The open API of middle offer;
First determining module, for determining the operation based on all API provided in the operating system and open API
The privately owned API of system;
Extraction module, for extracting all API used in application program to be committed;
Second determining module, for being based on all API used in the privately owned API and the application program to be committed, really
Privately owned API used in the fixed application program to be committed.
8. device according to claim 7, which is characterized in that the acquisition module is used for:
Class dump command is called to obtain so that the class dump command extracts the API in the operating system in each dynamic base
All API provided into the operating system.
9. device according to claim 7, which is characterized in that the acquisition module is used for:
Based on preset canonical matching expression, extract included in the header file in the operating system in each dynamic
One open API;
From the open API document that the operating system provides, the second open API is determined;
Described first open API and the second open API are merged, the open API that the operating system provides is obtained.
10. device according to claim 7, which is characterized in that the extraction module is used for:
Character string command is called, is called so that the character string command determines in the application program to be committed with character style
API, obtain the first application program API;
Invocation target document presentation order, so that the file destination shows that order determines institute in the application program to be committed
The the second application program API used;
Call sign table order, so that the symbol table order determines that third used in the application program to be committed is answered
With program API;
The first application program API, the second application program API and the third application program API are merged,
Obtain all API used in the application program to be committed.
11. device according to claim 7, which is characterized in that first determining module is used for:
Identical API in all API provided in the operating system the and open API is provided;
By the API in all API provided in the operating system in addition to the identical API, it is determined as the operation system
The privately owned API of system.
12. device according to claim 7, which is characterized in that described device further include:
Display module includes in the application program to be committed in the modification prompting message for showing modification prompting message
The privately owned API used.
13. a kind of computer readable storage medium, which is characterized in that store computer journey on the computer readable storage medium
Sequence realizes the application programming interfaces detection side as described in claim 1 to 6 is any when the computer program is executed by processor
Method.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201811320801.0A CN109656809A (en) | 2018-11-07 | 2018-11-07 | A kind of application programming interfaces detection method, device and computer readable storage medium |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201811320801.0A CN109656809A (en) | 2018-11-07 | 2018-11-07 | A kind of application programming interfaces detection method, device and computer readable storage medium |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN109656809A true CN109656809A (en) | 2019-04-19 |
Family
ID=66110635
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201811320801.0A Pending CN109656809A (en) | 2018-11-07 | 2018-11-07 | A kind of application programming interfaces detection method, device and computer readable storage medium |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN109656809A (en) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN111026435A (en) * | 2019-11-29 | 2020-04-17 | 北京奇艺世纪科技有限公司 | Method, device, equipment and storage medium for detecting application program private interface |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104200155A (en) * | 2014-08-12 | 2014-12-10 | 中国科学院信息工程研究所 | Monitoring device and method for protecting user privacy based on iPhone operating system (iOS) |
| CN106991298A (en) * | 2016-01-21 | 2017-07-28 | 阿里巴巴集团控股有限公司 | Access method, the authorization requests method and device of application program docking port |
| CN107346284A (en) * | 2016-05-05 | 2017-11-14 | 腾讯科技(深圳)有限公司 | The detection method and detection means of a kind of application program |
| CN107622200A (en) * | 2016-07-14 | 2018-01-23 | 腾讯科技(深圳)有限公司 | The safety detecting method and device of application program |
-
2018
- 2018-11-07 CN CN201811320801.0A patent/CN109656809A/en active Pending
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104200155A (en) * | 2014-08-12 | 2014-12-10 | 中国科学院信息工程研究所 | Monitoring device and method for protecting user privacy based on iPhone operating system (iOS) |
| CN106991298A (en) * | 2016-01-21 | 2017-07-28 | 阿里巴巴集团控股有限公司 | Access method, the authorization requests method and device of application program docking port |
| CN107346284A (en) * | 2016-05-05 | 2017-11-14 | 腾讯科技(深圳)有限公司 | The detection method and detection means of a kind of application program |
| CN107622200A (en) * | 2016-07-14 | 2018-01-23 | 腾讯科技(深圳)有限公司 | The safety detecting method and device of application program |
Non-Patent Citations (2)
| Title |
|---|
| HUSTCC: "iOS-private-api-checker", 《HTTPS://GITHUB.COM/NETEASEGAME/IOS-PRIVATE-API-CHECKER》 * |
| MRMIGN: "iOS私有API扫描工作总结", 《HTTPS://GITHUB.COM/MRMIGN/IOS-PRIVATE-API-SCANNER/BLOB/MASTER/IOS-API-SCAN.MD》 * |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN111026435A (en) * | 2019-11-29 | 2020-04-17 | 北京奇艺世纪科技有限公司 | Method, device, equipment and storage medium for detecting application program private interface |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US10169471B2 (en) | Generating and executing query language statements from natural language | |
| KR102067926B1 (en) | Apparatus and method for de-identifying personal information contained in electronic documents | |
| CN109101415A (en) | Interface test method, system, equipment and the storage medium compared based on database | |
| CN104715203B (en) | The method and system of the quantitative analysis of leakage of information leak | |
| CN108647355A (en) | Methods of exhibiting, device, equipment and the storage medium of test case | |
| EP2162833A1 (en) | A method, system and computer program for intelligent text annotation | |
| CN104899016B (en) | Allocating stack Relation acquisition method and device | |
| CN104679495B (en) | software identification method and device | |
| CN104572463A (en) | Method and device for testing interface information | |
| CN104380249A (en) | Folded views in development environment | |
| CN107943694A (en) | A kind of test data generating method and device | |
| CN110532107A (en) | Interface call method, device, computer equipment and storage medium | |
| CN104142881B (en) | The adaptation defect inspection method and detection device of application programming interface | |
| CN112905441A (en) | Test case generation method, test method, device and equipment | |
| CN108846069A (en) | A kind of document execution method and device based on markup language | |
| CN110442515A (en) | Application testing method, device, equipment and readable storage medium storing program for executing | |
| CN110737573B (en) | Method and device for automatically testing user interface UI | |
| CN109656809A (en) | A kind of application programming interfaces detection method, device and computer readable storage medium | |
| CN109933803A (en) | A kind of Chinese idiom information displaying method shows device, electronic equipment and storage medium | |
| US10042638B2 (en) | Evaluating documentation coverage | |
| CN114676231A (en) | Target information detection method, device and medium | |
| CN110489032B (en) | Dictionary query method for electronic book and electronic equipment | |
| CN109324973A (en) | A kind of method for testing software, device, equipment and computer readable storage medium | |
| CN110209880A (en) | Video content retrieval method, Video content retrieval device and storage medium | |
| US10846198B2 (en) | Automatic navigation from log statement to code |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| RJ01 | Rejection of invention patent application after publication | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20190419 |