CN110399300A - A kind of Python software obfuscation test method based on regime type perception - Google Patents
A kind of Python software obfuscation test method based on regime type perception Download PDFInfo
- Publication number
- CN110399300A CN110399300A CN201910663726.6A CN201910663726A CN110399300A CN 110399300 A CN110399300 A CN 110399300A CN 201910663726 A CN201910663726 A CN 201910663726A CN 110399300 A CN110399300 A CN 110399300A
- Authority
- CN
- China
- Prior art keywords
- test case
- function
- test
- python
- type
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
- 230000008447 perception Effects 0.000 title claims abstract description 11
- 238000010998 test method Methods 0.000 title claims abstract description 11
- 238000012360 testing method Methods 0.000 claims abstract description 175
- 230000006870 function Effects 0.000 claims abstract description 74
- 230000007547 defect Effects 0.000 claims abstract description 44
- 239000000284 extract Substances 0.000 claims abstract description 6
- 238000000034 method Methods 0.000 claims description 19
- 230000008569 process Effects 0.000 claims description 10
- 230000000877 morphologic effect Effects 0.000 claims description 4
- XSQUKJJJFZCRTK-NJFSPNSNSA-N UREA C 14 Chemical compound N[14C](N)=O XSQUKJJJFZCRTK-NJFSPNSNSA-N 0.000 claims description 3
- 230000002068 genetic effect Effects 0.000 claims description 2
- 238000011990 functional testing Methods 0.000 claims 1
- 230000035800 maturation Effects 0.000 claims 1
- 230000008439 repair process Effects 0.000 abstract description 8
- 238000005516 engineering process Methods 0.000 description 4
- 238000001514 detection method Methods 0.000 description 3
- 230000006378 damage Effects 0.000 description 2
- 230000001960 triggered effect Effects 0.000 description 2
- 201000004569 Blindness Diseases 0.000 description 1
- 240000005809 Prunus persica Species 0.000 description 1
- 235000006040 Prunus persica var persica Nutrition 0.000 description 1
- 230000008901 benefit Effects 0.000 description 1
- 230000008859 change Effects 0.000 description 1
- 238000013461 design Methods 0.000 description 1
- 238000011161 development Methods 0.000 description 1
- 238000010586 diagram Methods 0.000 description 1
- 235000013399 edible fruits Nutrition 0.000 description 1
- 230000010429 evolutionary process Effects 0.000 description 1
- 230000035772 mutation Effects 0.000 description 1
- 238000011160 research Methods 0.000 description 1
- 230000003068 static effect Effects 0.000 description 1
- 230000000153 supplemental effect Effects 0.000 description 1
- 230000009897 systematic effect Effects 0.000 description 1
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F11/00—Error detection; Error correction; Monitoring
- G06F11/36—Preventing errors by testing or debugging software
- G06F11/3668—Software testing
- G06F11/3672—Test management
- G06F11/3684—Test management for test design, e.g. generating new test cases
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F11/00—Error detection; Error correction; Monitoring
- G06F11/36—Preventing errors by testing or debugging software
- G06F11/3668—Software testing
- G06F11/3672—Test management
- G06F11/3688—Test management for test execution, e.g. scheduling of test suites
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F11/00—Error detection; Error correction; Monitoring
- G06F11/36—Preventing errors by testing or debugging software
- G06F11/3668—Software testing
- G06F11/3672—Test management
- G06F11/3692—Test management for test results analysis
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F8/00—Arrangements for software engineering
- G06F8/40—Transformation of program code
- G06F8/41—Compilation
- G06F8/42—Syntactic analysis
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F8/00—Arrangements for software engineering
- G06F8/40—Transformation of program code
- G06F8/41—Compilation
- G06F8/42—Syntactic analysis
- G06F8/425—Lexical analysis
Landscapes
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- General Engineering & Computer Science (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Computer Hardware Design (AREA)
- Quality & Reliability (AREA)
- Software Systems (AREA)
- Stored Programmes (AREA)
- Debugging And Monitoring (AREA)
Abstract
The present invention provides a kind of Python software obfuscation test method based on regime type perception, including the following steps: 1) source program code of open source Python software project is obtained from github;2) the corresponding abstract syntax tree of source program code is generated;3) it is identified from abstract syntax tree and extracts function definition node;4) parameter is generated using regime type perceptual strategy according to the information of function definition node, and generates the test case set that respective function defines;5) implementation of test cases generates test result report, carries out the fuzz testing based on variation according to the result of test report and provides the test case of latent defect.The present invention solves the problems, such as to lack the fuzz testing method for being directed to Python software at present, and it is capable of providing the input of triggering latent defect, and then developer is helped to debug and repair defect, the maintainability and robustness of software are improved, so as to preferably control the quality of software product.
Description
Technical field
The invention belongs to field of computer technology, especially softwares to analyze testing field.The present invention provides one kind towards
Python, based on regime type perception Python software obfuscation test method, for detecting Python software project
In potential defect and provide the input of triggering defect, help developer to debug and repair defect.
Background technique
Software defect is to cause one of root of network security threats.Defect is system design, realizes, in operation or management
Weakness, these defects can be utilized to violate the security strategy of system.By attacking safety defect, especially Oday defect,
It is likely to result in serious destruction and loss.Software defect brings serious danger to finance, many industries such as the energy and medical treatment
Machine problem of management causes huge loss.Therefore, potential defect is detected for improving program quality, and reducing loss has
Very important meaning.
In order to find these defects and repair them before they cause damages, developer proposes some technology detection peaces
Full defect, such as: static analysis, dynamic analysis, semiology analysis and fuzz testing etc..Wherein, fuzz testing due to its ease for use,
Scalability and the characteristics such as too many domain knowledge are not needed, be widely used by developer, become most popular defects detection and solve
Scheme.The concept of fuzz testing is put forward for the first time in the 1990s, and originally fuzz testing technology can only find simple memory
Conflict bug and covering very small part object code section.In addition to this, due to the randomness of fuzz testing and blindness, test
The result shows that fuzz testing detection bug task on efficiency it is unsatisfactory.Feedback information when in recent years, in conjunction with operation mentions
More flexible expansible fuzz testing frame has been supplied, the tool of fuzz testing becomes more intelligent and efficient, such as AFL,
Huge progress is achieved in terms of detecting defect.
Fuzz testing tool is broadly divided into the fuzz testing tool based on generation and the fuzz testing tool based on variation.Base
Program is needed to be grasped in the fuzz testing tool of generation and inputs relevant domain knowledge, and the representative of such fuzz testing tool has
Skyfire, SlowFuzz, Peach etc..Fuzz testing tool based on variation needs a set of legal initialization input, surveys
Trial work tool generates new test input by variation initialization input and carries out fuzz testing process, existing fuzzy based on variation
The representative of testing tool has AFL, FairFuzz, AFLFast etc..And the test object of these testing tools is mainly directed towards c language
The binary software write lacks carry out fuzz testing method to Python software at present.Python is as a kind of typical dynamic
State scripting language is widely used in the application such as Web framework, GUI exploitation, scientific algorithm, compared to the software that c language is write,
The dynamic characteristic of Python provides flexibility for software development, but also results in the uncertain of variable runtime type simultaneously,
Leading to Python program, there may be more defects in the process of running.Since the characteristic of different programming languages is different, have
For carry out binary software fuzz testing tool can not be used to directly to Python software carry out fuzz testing.
First public publication version distribution of Python was in 1991, and the time of being born is shorter, and academic circles at present is directed to Python language
The research of speech is less, but Python has had become most popular one of programming language since birth, therefore to Python
Software carries out fuzz testing, has certain values.
Generally speaking, existing fuzz testing tool has the following disadvantages: 1, the existing fuzz testing work based on generation
Tool can be only generated the parameter for meeting software input type, and cannot make a variation to the parameter type of input;2, do not have systematic
The method for carrying out fuzz testing for dynamic language;3, the test object of most of tools is the binary software that c language is write
Deng the fuzz testing method for the software write for Python is less.
Summary of the invention
The present invention provides a kind of Python software obfuscation test methods based on regime type perception, and this method is from source journey
Function definition node is identified and extracted in the abstract syntax tree of sequence code, and regime type is used according to the information of function definition node
Perceptual strategy generates different types of parameter (integer type, floating point type, character string type, Boolean type, list type and word
Allusion quotation type), and the test case set that respective function defines is generated, implementation of test cases generates test result report, according to survey
The result of examination report carries out the fuzz testing based on variation and provides the test case of latent defect.The present invention solves to be lacked at present
It is weary aiming at the problem that fuzz testing method of Python software, and be capable of providing triggering latent defect input, and then help
Developer debugs and repairs defect, the dimensional expansion and robustness of software is improved, so as to preferably control software product
Quality.
To reach above-mentioned purpose, the present invention proposes a kind of Python software obfuscation test side based on regime type perception
Method.Method includes the following steps:
1) source program code of open source Python software project is obtained from github;
2) abstract syntax tree of source program code is generated;
3) it is identified from abstract syntax tree and extracts function definition node;
4) each function is defined using regime type perceptual strategy and generates test case set;
5) implementation of test cases generates test result report, and the fuzzy survey based on variation is carried out according to the result of test report
The test case of examination and offer triggering latent defect.
Further, wherein above-mentioned steps 1) specific step is as follows:
Step 1) -1: initial state;
Step 1) -2: the project warehouse of Python software to be tested is found on project hosted platform github, uses git
Clone instruction copies the source program code of remote software project to local;
The acquisition of step 1) -3:Python source program code finishes.
Further, wherein above-mentioned steps 2) specific step is as follows:
Step 2) -1: initial state;
Step 2) -2: morphological analysis and syntactic analysis are carried out to the source program code of Python software, marked using Python
Ast module in quasi- library generates the abstract syntax tree of source program code;
Step 2) -3: the corresponding abstract syntax tree generation of source program code finishes.
Further, wherein above-mentioned steps 3) specific step is as follows:
Step 3) -1: initial state;
Step 3) -2: preorder traversal abstract syntax tree identifies function definition node therein;
Step 3) -3: the node defined for being identified as function records function with tuple F=(module, name, args)
The information of definition.Module representative function define where module name, the function name of name representative function node institute defined function,
Args indicates the parameter list of the function.
Step 3) -4: the collection of function definition node information finishes.
Further, wherein above-mentioned steps 4) specific step is as follows:
Step 4) -1: initial state;
Step 4) -2: for the tuple F for the information that each record function defines, the parameter list letter that function defines is obtained
Cease args;
Step 4) -3: to each of parameter list args parameter argsi, library is generated using Python false data
Faker sequentially generates integer type, floating point type, character string type, Boolean type, the parameter of list type and dictionary type;
Step 4) -4: repeating step 4) -3, all generates until function is defined all parameters in the parameter list args of F
After one false data, a new test case input is obtained;
Step 4) -5: repeating step 4) -3 and step 4) -4, until each parameter in parameter list args is generated not
The supplemental characteristic of same type obtains the test case set T that F is defined for functionF={ input1, input2...,
inputn};
Step 4) -6: test use cases symphysis is at finishing.
Further, wherein above-mentioned steps 5) specific step is as follows:
Step 5) -1: initial state;
Step 5) -2: execute step 4) generate test case set, for set each of test case, according to
Corresponding result carries out subsequent testing process in test report;
Step 5) -3: the test case set T of F is defined for functionFEach of test case inputi, when
result(inputiWhen)=pass, by inputiSeed test case as the fuzz testing tool AFL based on variation carries out
Fuzz testing;As result (inputiWhen)=fail, by inputiIt is reported as the test case of triggering latent defect;Wherein
The implementing result of result (input) expression test case input;
Step 5) -4: the test case that latent defect is triggered in step 5) -3 is reported to developer, remind developer into
Row debugging and defect repair;
Step 5) -5: it test case is provided finishes for the latent defect of Python software.
The present invention is based on regime type perceptual strategies to generate the test case set that function in Python software defines, right
Software carries out fuzz testing, provides the process that fuzz testing is carried out to the software for using this dynamic language of Python to write;
After recognition function definition node, the parameter information that function defines is obtained, and define to function using regime type perceptual strategy
Node generates test case set;It executes the test use cases generated and merges to the implementing result for corresponding to test case, use
AFL carries out the fuzz testing of depth as fuzz testing tool to find more potential defects, by latent defect and corresponding
Test case is supplied to developer, and assists developers debug and repair defect, improves the maintainability and robustness of software,
So as to preferably control the quality of software product.
Detailed description of the invention
Fig. 1 is a kind of totality of Python software obfuscation test method based on regime type perception of the embodiment of the present invention
Architecture diagram.
Fig. 2 is a kind of process of Python software obfuscation test method based on regime type perception of the embodiment of the present invention
Figure.
Fig. 3 is the pseudo-code of the algorithm that regime type perceptual strategy generates test case.
Specific embodiment
The method of the present invention passes through the git clone order in Version Control software git first and obtains from github
The source program code of Python software project;Then morphological analysis and syntactic analysis are carried out to the source program code of project, generated
Corresponding abstract syntax tree;The abstract syntax tree that preorder traversal later generates, identifies and extracts function definition node therein, benefit
With the relevant information of tuple F={ module, name, args } record function definition node;Next it is perceived using regime type
Strategy is that each function defines F generation test case set;Finally, executing these test cases obtains the execution knot of test case
Fruit report, obtains single test case and its corresponding implementing result from report, is finally carried out according to test result based on change
The test case of different fuzz testing and offer triggering latent defect, thus in Python software project in exploitation evolutionary process
Auxiliary development personnel debugging and progress software quality assurance.
Technology contents in order to better illustrate the present invention, spy combine institute's accompanying drawings to be explained as follows.
General frame figure of the invention is as shown in Figure 1, flow chart is as shown in Figure 2.It is proposed by the present invention a kind of based on dynamic
The Python software obfuscation test method of type perception, including following 5 steps:
Step 1: the source program code of open source Python software project is obtained from github.Increasing income Python software project will
The source code trustship of project is on github platform, by using the source code of git clone order acquisition project.
Step 2: generating the corresponding abstract syntax tree of source program code.To the software project source gathered in step 1
Code carries out morphological analysis and syntactic analysis, generates corresponding abstract syntax tree using the ast module in Python java standard library.
Step 3: being identified from abstract syntax tree and extract function definition node.What is generated in preorder traversal step 2 is abstract
Syntax tree successively matches the type of each node, identifies that function definition node therein, i.e. abstract syntax tree interior joint type are
The node of FunctionDef;For each function definition node, function is recorded with tuple F=(module, name, args)
The information of definition, tuple-set C={ F1, F2..., FnHave recorded function all in Python software project and define information;
Module name where wherein module representative function defines, the function name of name representative function node institute defined function, args table
Show the parameter list of the function, the quantity that function defines in n expression project.
Step 4: test case set is generated using regime type perceptual strategy to the definition of each function.Set delta=int,
Float, str, bool, list, dict } it indicates to generate the type set of parameter, set interior element successively indicates integer type, floats
Vertex type, character string type, Boolean type, list type and dictionary type;Obtained function definition section is extracted according to step 3)
The information of point generates test case using regime type perceptual strategy for parameter, then generates the test case of respective function
Set;The main flow that regime type perceptual strategy generates test case set is as follows:
1. defining parameter list information args, len the expression parameter list that available function in F defines from function
The length of args;
2. initializing i=1, param0={ }, i indicate to generate the position of parameter, paramjIt indicates generating j-th of parameter
When generated parameter list;
3. for the parameter args in parameter listi, each type t in the type set delta of parameter is enumerated, is used
Python third party library faker generates the parameter p, param that type is ti=parami-1∪ { p }, i.e. generation integer type, it floats
Vertex type, character string type, Boolean type, the parameter of list type and dictionary type, are separately added into parameter current list
parami-1Generate new parameter copy parami。
4. as i≤len, i=i+1 goes to step 3;As i > len, a test case input is generated;
In above-mentioned steps, operator " ∪ " indicates the concatenation of list, TF={ input0, input1..., inputm}
Representative function defines each of information aggregate C function and defines F generation test case set, each function is defined
Test case set TF, wherein m is the test case number that F generation is defined for function;Fig. 3 is the generation of regime type perceptual strategy
The pseudo-code of the algorithm of test case set.
Relate to rapid 5: implementation of test cases generates test result report, carries out the mould based on variation according to the result of test report
The test case of paste test and offer triggering latent defect.It is executed using Python unit test tool pytest raw in step 4
At test case, the test case set T of F is defined for functionF, for test case inputi∈TF, according to executing test
The result of use-case carries out corresponding subsequent operation:
● as result (inputiWhen)=pass, by inputiKind as the fuzz testing tool AFL based on variation
Sub- test case carries out the fuzz testing that the duration is t hours, and should make a variation the test for leading to program exception generated in the process
Use-case is the test case for triggering latent defect;
● as result (inputiWhen)=fail, inputiFor the test case for triggering latent defect;
Wherein result (inputi) indicate test case inputiImplementing result, result be pass indicate test case
Execution passes through, and result is that fail indicates that test case executes failure, and i indicates the serial number of test case, and t indicates that AFL is obscured
The duration of test, the default setting is 6, user can also configure t according to actual needs;
Fuzz testing based on variation is that seed test case existing for software under testing carries out the new survey of variation generation
Example on probation, the test method of follow-up test process is carried out using newly-generated test case as the test case of software under testing.Mesh
The preceding most widely used fuzz testing tool based on variation is AFL;AFL, full name American fuzzy lop are a faces
To the fuzz testing tool of safety;It can be touched using pitching pile when one kind novel compiling and genetic algorithm automatically to explore
The brief test case for sending out internal state new in target program, the test case that test is passed through are defeated as the seed of AFL
Enter, carries out the fuzz testing based on variation to inputting corresponding function with seed and defining F.What is detected in mutation process can
Trigger throw exception generates collapse or the test case after wrong variation occurs, and is reported as the survey of triggering latent defect
Example on probation, is supplied to developer, assists developers debug to software and repair defect.
In conclusion the present invention provides a kind of Python towards Python, based on regime type perception is soft
Part fuzz testing method is solved the problems, such as to lack the fuzz testing method for being directed to Python software at present, and is capable of providing
The input of latent defect is triggered, and then developer is helped to debug and repair defect, improves the maintainability and robust of software
Property, so as to preferably control the quality of software product.
Claims (1)
1. a kind of Python software obfuscation test method based on regime type perception, which is characterized in that opened from github acquisition
The source program code of source Python software project generates the corresponding abstract syntax tree of source program code, knows from abstract syntax kind
Not and extract function definition node, according to the information of function definition node using regime type perceptual strategy generate integer type,
Floating point type, character string type, Boolean type, the parameter of list type and dictionary type, and generate the survey that respective function defines
Example set on probation, implementation of test cases generate test result report, and the result of root root test report carries out fuzzy based on variation
The test case of test and offer triggering latent defect;This method includes the following steps:
1) source program code of open source Python software project is obtained from github;Python software project increase income for the source of project
Code trustship is on github platform, by using the source code of git clone order acquisition project;
Defining 1:github is the hosted platform towards open source and privately owned software project, supports git as unique version
Library format carries out trustship;
Defining 2:git is a distributed version control system;
It defines 3:git clone order and local to is copied remote software project source program code by git, under local directory
Generate the copy of a remote items source code;
2) the corresponding abstract syntax tree of source program code is generated;The software project source code gathered in step 1) is carried out
Morphological analysis and syntactic analysis generate corresponding abstract syntax tree using the ast module in Python java standard library;
Define 1: abstract syntax tree is the tree-shaped form of expression of source program code abstract syntax structure, each node on behalf source code
One of structure;
It defines 2:Python java standard library to issue with Python, contains all multipotencys and the interior of system level function access is provided
Model block;
Defining 3:ast module is a built-in module in Python java standard library, helps the abstract syntax for parsing Python;
3) it is identified from abstract syntax tree and extracts function definition node;The abstract syntax tree generated in preorder traversal step 2),
The type for successively matching each node identifies function definition node therein, for each function definition node, with tuple F
The information that=(module, name, args) record function defines;
Define 1: function definition node is after Python software project source code is converted into abstract syntax tree, in abstract syntax tree
Node type is the node of FunctionDef;
Defining 2:module is a Python file, can effectively organize Python code, improve the readability of code,
It can be used as the information of unique identification function;
The Text Flag that 3:name is function name corresponding to function definition node is defined, function name information is abstract from Python
Grammer;
Defining 4:args is the received parameter list of file names of function corresponding to function definition node, and parameter name list information comes from
Python abstract syntax;
Define 5: tuple-set C={ F1, F2..., FnHave recorded function all in Python software project and define information, n
The quantity that function defines in expression project;
4) test case set is generated using regime type perceptual strategy to the definition of each function;Set delta=int, float,
Str, bool, list, dict } it indicates to generate the type set of parameter, set interior element successively indicates integer type, floating-point class
Type, character string type, Boolean type, list type and dictionary type;Obtained function definition node is extracted according to step 3)
Structural information generates test case using regime type perceptual strategy for parameter, then generates the test case of respective function
Set;
Define 1: the method that regime type perceptual strategy generates test case will be by the following method to Python software project letter
Number defines each of information aggregate C function and defines F generation test case:
1. defining parameter list information args, the len expression parameter list args's that available function in F defines from function
Length;
2. initializing i=1, param0={ }, i indicate to generate the position of parameter, paramjIt indicates when generating j-th of parameter
The parameter list of generation;
3. for the parameter args in parameter listi, each type t in the type set delta of parameter is enumerated, Python is used
Third party library faker generates the parameter p, param that type is ti=parami-1∪{p};
4. as i≤len, i=i+1 goes to step 3;As i > len, a test case input is generated;
In above-mentioned steps, operator " ∪ " indicates the concatenation of list;
Define the Python third party library that 2:faker is a generation Python false data;
It defines 3: each of information aggregate C function being defined for function and defines F generation test case set TF={ input0,
input1..., inputm, the test case set T defined for each functionF, wherein m is to define F for function to generate
Test case number;
5) implementation of test cases generates test result report, according to the result of test report carry out fuzz testing based on variation and
The test case of triggering latent defect is provided;The test case generated in step 4) is executed using pytest, according to executing test
The implementing result of each test case obtained after use-case, carries out corresponding subsequent processing, and the test of report triggering latent defect is used
Example;
Define 1: the fuzz testing based on variation is that seed test case existing for software under testing carries out variation generation newly
Test case carries out the test method of follow-up test process using newly-generated test case as the test case of software under testing;
Define 2: latent defect is at specific input input, and software runs throw exception, generates collapse or mistake occurs, then
Claiming software, there are latent defects;
Defining 3:pytest is the complete Python testing tool of maturation, a characteristic, can support complicated functional test;
It defines 4: defining the test case set T of F for functionF, for test case inputi∈TF, used according to test is executed
The result of example carries out corresponding subsequent operation:
● as result (inputiWhen)=pass, by inputiSeed as the fuzz testing tool AFL based on variation is tested
Use-case carries out the fuzz testing that the duration is t hours, and the test case for leading to program exception generated that should make a variation in the process is
Trigger the test case of latent defect;
● as result (inputiWhen)=fail, inputiFor the test case for triggering latent defect;
Wherein result (inputi) indicate test case inputiImplementing result, result be pass indicate test case execute
Pass through, result is that fail indicates that test case executes failure, and i indicates the serial number of test case, and t indicates that AFL carries out fuzz testing
Duration, the default setting is 6, user can also configure t according to actual needs;
4:AFL, full name American fuzzy lop are defined, is the fuzz testing tool towards safety;It is using a kind of
Pitching pile and genetic algorithm can trigger the brief of internal state new in target program automatically to explore when novel compiling
Test case.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201910663726.6A CN110399300B (en) | 2019-07-22 | 2019-07-22 | Python software fuzzy test method based on dynamic type perception |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201910663726.6A CN110399300B (en) | 2019-07-22 | 2019-07-22 | Python software fuzzy test method based on dynamic type perception |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN110399300A true CN110399300A (en) | 2019-11-01 |
| CN110399300B CN110399300B (en) | 2021-06-22 |
Family
ID=68325266
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201910663726.6A Active CN110399300B (en) | 2019-07-22 | 2019-07-22 | Python software fuzzy test method based on dynamic type perception |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN110399300B (en) |
Cited By (11)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN111459808A (en) * | 2020-03-20 | 2020-07-28 | 西北大学 | Type inference-based guided test case variation method |
| CN112035370A (en) * | 2020-09-04 | 2020-12-04 | 常州新途软件有限公司 | Automatic generation system and generation method for unit test code |
| CN112463581A (en) * | 2020-08-18 | 2021-03-09 | 清华大学 | Method and system for carrying out fuzzy test on distributed system |
| CN113076260A (en) * | 2021-04-27 | 2021-07-06 | 国网江苏省电力有限公司信息通信分公司 | Method and device for detecting safety of structured input program of integrated fragment information |
| CN113157551A (en) * | 2021-01-14 | 2021-07-23 | 首都师范大学 | ROS-oriented differential fuzzy test method |
| CN113157565A (en) * | 2021-03-23 | 2021-07-23 | 西北大学 | Feedback type JS engine fuzzy test method and device based on seed case mutation |
| CN113535136A (en) * | 2020-04-14 | 2021-10-22 | 北京沃东天骏信息技术有限公司 | Python function type declaration model establishing method and device, medium and equipment |
| CN114064499A (en) * | 2021-11-23 | 2022-02-18 | 电子科技大学 | Black box fuzzy test method and system, electronic equipment and storage medium |
| US11256602B2 (en) | 2020-01-30 | 2022-02-22 | Red Hat, Inc. | Source code file retrieval |
| CN116383092A (en) * | 2023-05-31 | 2023-07-04 | 北京中科卓信软件测评技术中心 | Effective test case multiplexing method and device for software fuzzy test |
| WO2023206873A1 (en) * | 2022-04-28 | 2023-11-02 | 三六零科技集团有限公司 | Abstract syntax tree-based code test method, apparatus, device, and storage medium |
Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20020073366A1 (en) * | 2000-12-09 | 2002-06-13 | Samsung-Electronics Co., Ltd. | Semiconductor device test method for optimizing test time |
| CN103034580A (en) * | 2011-09-29 | 2013-04-10 | 西门子公司 | Method and device and system for fuzzy test |
| CN105721230A (en) * | 2014-11-30 | 2016-06-29 | 中国科学院沈阳自动化研究所 | Modbus protocol-oriented fuzz testing method |
| CN105721255A (en) * | 2016-04-14 | 2016-06-29 | 北京工业大学 | Industrial control protocol vulnerability mining system based on fuzzy test |
| CN107305529A (en) * | 2016-04-25 | 2017-10-31 | 阿里巴巴集团控股有限公司 | The method and apparatus for detecting target software |
| CN108932192A (en) * | 2017-05-22 | 2018-12-04 | 南京大学 | A kind of Python Program Type defect inspection method based on abstract syntax tree |
-
2019
- 2019-07-22 CN CN201910663726.6A patent/CN110399300B/en active Active
Patent Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20020073366A1 (en) * | 2000-12-09 | 2002-06-13 | Samsung-Electronics Co., Ltd. | Semiconductor device test method for optimizing test time |
| CN103034580A (en) * | 2011-09-29 | 2013-04-10 | 西门子公司 | Method and device and system for fuzzy test |
| CN105721230A (en) * | 2014-11-30 | 2016-06-29 | 中国科学院沈阳自动化研究所 | Modbus protocol-oriented fuzz testing method |
| CN105721255A (en) * | 2016-04-14 | 2016-06-29 | 北京工业大学 | Industrial control protocol vulnerability mining system based on fuzzy test |
| CN107305529A (en) * | 2016-04-25 | 2017-10-31 | 阿里巴巴集团控股有限公司 | The method and apparatus for detecting target software |
| CN108932192A (en) * | 2017-05-22 | 2018-12-04 | 南京大学 | A kind of Python Program Type defect inspection method based on abstract syntax tree |
Non-Patent Citations (1)
| Title |
|---|
| 张思聪: "基于遗传算法和Fuzzing技术的Web应用漏洞挖掘研究", 《中国优秀硕士学位论文全文数据库 信息科技辑》 * |
Cited By (17)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US11256602B2 (en) | 2020-01-30 | 2022-02-22 | Red Hat, Inc. | Source code file retrieval |
| CN111459808A (en) * | 2020-03-20 | 2020-07-28 | 西北大学 | Type inference-based guided test case variation method |
| CN113535136A (en) * | 2020-04-14 | 2021-10-22 | 北京沃东天骏信息技术有限公司 | Python function type declaration model establishing method and device, medium and equipment |
| CN112463581A (en) * | 2020-08-18 | 2021-03-09 | 清华大学 | Method and system for carrying out fuzzy test on distributed system |
| CN112463581B (en) * | 2020-08-18 | 2021-09-21 | 清华大学 | Method and system for carrying out fuzzy test on distributed system |
| CN112035370A (en) * | 2020-09-04 | 2020-12-04 | 常州新途软件有限公司 | Automatic generation system and generation method for unit test code |
| CN113157551A (en) * | 2021-01-14 | 2021-07-23 | 首都师范大学 | ROS-oriented differential fuzzy test method |
| CN113157551B (en) * | 2021-01-14 | 2022-09-09 | 首都师范大学 | ROS-oriented differential fuzzy test method |
| CN113157565B (en) * | 2021-03-23 | 2023-02-07 | 西北大学 | Feedback JS engine fuzzy test method and device based on seed case mutation |
| CN113157565A (en) * | 2021-03-23 | 2021-07-23 | 西北大学 | Feedback type JS engine fuzzy test method and device based on seed case mutation |
| CN113076260B (en) * | 2021-04-27 | 2022-08-05 | 国网江苏省电力有限公司信息通信分公司 | Method and device for detecting safety of structured input program of integrated fragment information |
| CN113076260A (en) * | 2021-04-27 | 2021-07-06 | 国网江苏省电力有限公司信息通信分公司 | Method and device for detecting safety of structured input program of integrated fragment information |
| CN114064499A (en) * | 2021-11-23 | 2022-02-18 | 电子科技大学 | Black box fuzzy test method and system, electronic equipment and storage medium |
| CN114064499B (en) * | 2021-11-23 | 2023-04-07 | 电子科技大学 | Black box fuzzy test method and system, electronic equipment and storage medium |
| WO2023206873A1 (en) * | 2022-04-28 | 2023-11-02 | 三六零科技集团有限公司 | Abstract syntax tree-based code test method, apparatus, device, and storage medium |
| CN116383092A (en) * | 2023-05-31 | 2023-07-04 | 北京中科卓信软件测评技术中心 | Effective test case multiplexing method and device for software fuzzy test |
| CN116383092B (en) * | 2023-05-31 | 2023-08-01 | 北京中科卓信软件测评技术中心 | Effective test case multiplexing method and device for software fuzzy test |
Also Published As
| Publication number | Publication date |
|---|---|
| CN110399300B (en) | 2021-06-22 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN110399300A (en) | A kind of Python software obfuscation test method based on regime type perception | |
| Buratti et al. | Exploring software naturalness through neural language models | |
| Watson et al. | On learning meaningful assert statements for unit test cases | |
| Rolim et al. | Learning syntactic program transformations from examples | |
| CN111459799B (en) | Software defect detection model establishing and detecting method and system based on Github | |
| CN106537332A (en) | Systems and methods for software analytics | |
| Moha et al. | Automatic generation of detection algorithms for design defects | |
| CN109426615A (en) | Null pointer dereference detection method, system, equipment and the medium of interprocedual | |
| WO2017181286A1 (en) | Method for determining defects and vulnerabilities in software code | |
| Devlin et al. | Semantic code repair using neuro-symbolic transformation networks | |
| US20070061641A1 (en) | Apparatus and method for generating test driver | |
| Meng et al. | Improving fault localization and program repair with deep semantic features and transferred knowledge | |
| Jiang et al. | RULF: Rust library fuzzing via API dependency graph traversal | |
| Zheng et al. | An Abstract Syntax Tree based static fuzzing mutation for vulnerability evolution analysis | |
| CN112733156A (en) | Intelligent software vulnerability detection method, system and medium based on code attribute graph | |
| Rabin et al. | Syntax-guided program reduction for understanding neural code intelligence models | |
| CN108563561A (en) | A kind of program recessiveness constraint extracting method and system | |
| Cheon | Automated random testing to detect specification-code inconsistencies | |
| Steel et al. | Model-based test driven development of the tefkat model-transformation engine | |
| Garavel et al. | State space reduction for process algebra specifications | |
| Wang et al. | Automatic generation of test models for model transformations | |
| Zeng et al. | An efficient vulnerability extrapolation using similarity of graph kernel of pdgs | |
| Komendantskaya et al. | Proof mining with dependent types | |
| Chatley et al. | Software clone detection: A review | |
| Krauss | Amaru: a framework for combining genetic improvement with pattern mining |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |