CN111427792A - Test method, test device, electronic equipment and readable storage medium - Google Patents
Test method, test device, electronic equipment and readable storage medium Download PDFInfo
- Publication number
- CN111427792A CN111427792A CN202010234361.8A CN202010234361A CN111427792A CN 111427792 A CN111427792 A CN 111427792A CN 202010234361 A CN202010234361 A CN 202010234361A CN 111427792 A CN111427792 A CN 111427792A
- Authority
- CN
- China
- Prior art keywords
- data
- program
- taint
- tested
- determining
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F11/00—Error detection; Error correction; Monitoring
- G06F11/36—Preventing errors by testing or debugging software
- G06F11/3668—Software testing
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/57—Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
- G06F21/577—Assessing vulnerabilities and evaluating computer system security
Landscapes
- Engineering & Computer Science (AREA)
- Computer Hardware Design (AREA)
- General Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Software Systems (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Computing Systems (AREA)
- Quality & Reliability (AREA)
- Debugging And Monitoring (AREA)
Abstract
The disclosure relates to the field of safety testing, and provides a testing method, which comprises the following steps: in response to the test instruction, inserting an analysis program into the program to be tested based on an insertion rule so as to obtain operation data generated in the operation process of the program to be tested through the analysis program; determining stain data used in the running process of the program to be tested based on the running data and a preset stain identification rule; determining data transmission information of the taint data based on the operation data; and determining whether the program to be tested has a security vulnerability or not based on the data transmission information. The present disclosure also provides a test apparatus, an electronic device, and a computer-readable storage medium. The invention uses instrumentation technology to dynamically track taint data flow direction by integrating IDE plug-ins in a development environment to determine whether a potential security vulnerability exists in a program.
Description
Technical Field
The present disclosure relates to the field of computer security technologies, and more particularly, to a test method and a test apparatus, an electronic device, and a readable storage medium.
Background
The application of security testing is the process of verifying the software product to meet the definition of security requirements, and is an important link in the whole life cycle of the software product. Currently, in the development stage, the mainstream automated application security testing scheme commonly used in the industry is a white-box code scanning scheme based on source code.
In the course of implementing the disclosed concept, the inventors found that there are at least the following problems in the prior art: the white box code scanning scheme needs to find code bugs in a mode of performing grammar and control flow analysis on all source codes in a software product, and the mode not only needs the source codes of the software product to be tested, but also has high false alarm rate, high applicability, defects and high problem repairing cost.
Disclosure of Invention
In view of the above, the present disclosure provides a test method and a test apparatus, an electronic device, and a readable storage medium.
One aspect of the present disclosure provides a test method, including: inserting an analysis program into the program to be tested based on the instrumentation rule in response to the test instruction, so as to obtain operation data generated in the operation process of the program to be tested through the analysis program; determining stain data used in the running process of the program to be tested based on the running data and a preset stain identification rule; determining data transmission information of the taint data based on the operation data; and determining whether the program to be tested has a security vulnerability based on the data transmission information.
According to an embodiment of the present disclosure, the program to be tested and the analysis program are Java code programs.
According to an embodiment of the disclosure, the determining, based on the operation data and a preset taint identification rule, taint data used for operating a program to be tested includes: determining external input data used for running the program to be tested based on the running data; identifying taint data in external input data according to a preset taint identification rule; establishing a taint data structure, wherein the taint data structure is used for recording taint data information of taint data generated in the running process of a program to be tested; and recording the taint data information of the taint data generated in the running process of the program to be tested based on the taint data structure.
According to embodiments of the present disclosure, the taint identification rules include, but are not limited to, at least one of: determining the data input by the user as taint data; determining data obtained through a network as taint data; or determine the data obtained by reading the file as taint data.
According to an embodiment of the present disclosure, determining data transmission information of taint data based on operational data includes: establishing a taint propagation tree based on the taint data information, wherein the taint propagation tree is used for representing a propagation path of taint data; and determining data transmission information of the taint data based on the taint propagation tree.
According to the embodiment of the disclosure, determining whether the program to be tested has a security vulnerability based on the data transmission information includes: determining stain sensitive points corresponding to a plurality of key functions in a program to be tested respectively; determining whether the taint sensitive point is associated with taint data based on the data transmission information; and determining that the program to be tested has a security vulnerability under the condition that the taint sensitive point is associated with the taint data.
According to the embodiment of the disclosure, the method further includes displaying a test result in a graphical interface of the integrated development environment under the condition that it is determined that the program to be tested has a security vulnerability, wherein the test result at least includes a risk degree of the program to be tested and a program segment with a risk in the program to be tested.
Another aspect of the present disclosure provides a test apparatus, including: the instrumentation module is used for responding to the obtained test instruction, inserting an analysis program into the program to be tested based on instrumentation rules, and obtaining operation data generated in the operation process of the program to be tested through the analysis program; the first determining module is used for determining stain data used in the running process of the program to be tested based on the running data and a preset stain identification rule; the second determination module is used for determining data transmission information of the taint data based on the operation data; and the third determining module is used for determining whether the program to be tested has a security vulnerability or not based on the data transmission information.
Another aspect of the present disclosure provides an electronic device including: one or more processors; a storage device to store one or more programs, wherein the one or more programs, when executed by the one or more processors, cause the one or more processors to perform the method of any of the above.
Another aspect of the present disclosure provides a computer-readable storage medium storing computer-executable instructions for implementing the method as described above when executed.
Another aspect of the disclosure provides a computer program comprising computer executable instructions for implementing the method as described above when executed.
According to the embodiment of the disclosure, the problems that the application security test depends on the source code and the false alarm rate is high can be at least partially solved, and therefore, the technical effects that the source code does not need to be depended on and the test efficiency and the test accuracy are improved can be achieved.
Drawings
The above and other objects, features and advantages of the present disclosure will become more apparent from the following description of embodiments of the present disclosure with reference to the accompanying drawings, in which:
FIG. 1 schematically illustrates an exemplary system architecture to which a test method may be applied, according to an embodiment of the disclosure;
FIG. 2 schematically illustrates a flow diagram of a testing method according to an embodiment of the present disclosure;
FIG. 3 is a flow chart of a method for determining whether a security vulnerability exists in a program to be tested according to an embodiment of the present disclosure;
FIG. 4 schematically illustrates a flow diagram of a testing method according to another embodiment of the present disclosure;
FIG. 5A schematically illustrates a structural diagram of a security test plug-in for implementing a test method according to an embodiment of the present disclosure;
FIG. 5B schematically illustrates a structural schematic of the spot marking module 502 according to an embodiment of the present disclosure;
FIG. 6 schematically shows a flow diagram of a testing method according to another embodiment of the present disclosure;
FIG. 7 schematically illustrates a block diagram of a testing device according to an embodiment of the present disclosure; and
FIG. 8 schematically shows a block diagram of an electronic device according to an embodiment of the disclosure.
Detailed Description
Hereinafter, embodiments of the present disclosure will be described with reference to the accompanying drawings. It should be understood that the description is illustrative only and is not intended to limit the scope of the present disclosure. In the following detailed description, for purposes of explanation, numerous specific details are set forth in order to provide a thorough understanding of the embodiments of the disclosure. It may be evident, however, that one or more embodiments may be practiced without these specific details. Moreover, in the following description, descriptions of well-known structures and techniques are omitted so as to not unnecessarily obscure the concepts of the present disclosure.
The terminology used herein is for the purpose of describing particular embodiments only and is not intended to be limiting of the disclosure. The terms "comprises," "comprising," and the like, as used herein, specify the presence of stated features, steps, operations, and/or components, but do not preclude the presence or addition of one or more other features, steps, operations, or components.
All terms (including technical and scientific terms) used herein have the same meaning as commonly understood by one of ordinary skill in the art unless otherwise defined. It is noted that the terms used herein should be interpreted as having a meaning that is consistent with the context of this specification and should not be interpreted in an idealized or overly formal sense.
Where a convention analogous to "at least one of A, B and C, etc." is used, in general such a construction is intended in the sense one having skill in the art would understand the convention (e.g., "a system having at least one of A, B and C" would include but not be limited to systems that have a alone, B alone, C alone, a and B together, a and C together, B and C together, and/or A, B, C together, etc.). Where a convention analogous to "A, B or at least one of C, etc." is used, in general such a construction is intended in the sense one having skill in the art would understand the convention (e.g., "a system having at least one of A, B or C" would include but not be limited to systems that have a alone, B alone, C alone, a and B together, a and C together, B and C together, and/or A, B, C together, etc.).
Embodiments of the present disclosure provide a test method. The method comprises the steps of responding to the received test instruction, inserting an analysis program into a program to be tested based on an instrumentation rule, and acquiring running data generated in the running process of the program to be tested through the analysis program; determining stain data used in the running process of the program to be tested based on the running data and a preset stain identification rule; determining data transmission information of the taint data based on the operation data; and determining whether the program to be tested has a security vulnerability based on the data transmission information.
Fig. 1 schematically illustrates an exemplary system architecture 100 to which a test method may be applied, according to an embodiment of the disclosure. It should be noted that fig. 1 is only an example of a system architecture to which the embodiments of the present disclosure may be applied to help those skilled in the art understand the technical content of the present disclosure, and does not mean that the embodiments of the present disclosure may not be applied to other devices, systems, environments or scenarios.
As shown in fig. 1, a system architecture 100 according to this embodiment may include an Integrated Development Environment (IDE) 101, a security test plug-in 102, and a code execution Environment 103.
The code execution environment 103 may be, for example, a java virtual machine or the like.
The integrated development environment 101 may be an application program providing a program development environment, has good extensibility, and can deploy user-defined plug-ins in a plug-in integration manner. The security test plug-in 102 integration provided by the present disclosure may be integrated by one skilled in the art in the integrated development environment 101.
Before testing the program to be tested is started, the plug-in may be initially loaded by configuring the start-up parameters of the program of the integrated development environment 101. When performing functional self-testing on the written code, the security test plug-in 102 may execute the testing method of the embodiments of the present disclosure to test whether a security vulnerability exists in the program to be tested.
According to the testing method of the embodiment of the disclosure, in the case that the program to be tested is loaded into the code operating environment 103, the security testing plug-in 102 inserts an analysis program into the program to be tested, so as to capture a code stack and a data transfer condition corresponding to a key function in the program to be tested through the analysis program, and analyze whether the data is possibly subjected to stain misuse, thereby judging whether the application program has a security vulnerability.
An implementation of a testing method according to an embodiment of the present disclosure is described below with reference to fig. 2-4, 5A, 5B, and 6.
Fig. 2 schematically shows a flow chart of a testing method according to an embodiment of the present disclosure.
As shown in fig. 2, the method includes operations S201 to S204.
In operation S201, in response to acquiring the test instruction, an analysis program is inserted into the program to be tested based on the instrumentation rule, so as to acquire, via the analysis program, operation data generated during the operation of the program to be tested.
In the scenario shown in fig. 1, for example, in the case of deploying the security test plug-in 102 described above with reference to fig. 1 into the integrated development environment 101, a developer may be, for example, executing a unit test command in the integrated development environment 101 to generate a test instruction. For example, the integrated development environment 101 may load a program to be tested into the code execution environment 103 in response to acquiring the test instruction. In the process of loading the program to be tested into the code running environment 103, the security testing plug-in 102 inserts an analysis program into the program to be tested based on the instrumentation rule, so that the analysis program monitors the running of the program to be tested, and obtains running data generated in the running process of the program to be tested.
According to an embodiment of the present disclosure, the instrumentation rule may define, for example, the positions, i.e., hook points, of the inserted analysis programs in the program to be tested, and the code of the analysis program corresponding to each position. For example, key functions in the program to be tested may be marked as hook points to insert the code in the corresponding analysis program in the key functions.
According to an embodiment of the present disclosure, the analysis program may be a Java code program. Due to the fact that byte code instrumentation based on the java code program can output running data generated in the running process of the program to be tested under the condition that source code does not exist.
In operation S202, stain data used during the operation of the program to be tested is determined based on the operation data and a preset stain recognition rule.
According to an embodiment of the present disclosure, the taint data is often from external input data, and thus, for example, the external input data may be treated as untrusted data. In operation S202, external input data used for running the program to be tested may be determined according to the running data, and taint data in the external input data may be identified according to a preset taint identification rule; establishing a taint data structure, wherein the taint data structure is used for recording taint data information of taint data generated in the running process of a program to be tested; and recording the taint data information of the taint data generated in the running process of the program to be tested based on the taint data structure.
In accordance with embodiments of the present disclosure, the taint identification rules may be configured, for example, by one skilled in the art. The taint identification rules may be, for example, determining data entered by a user as taint data, determining data obtained over a network as taint data, and/or determining data obtained by reading a file as taint data.
According to embodiments of the present disclosure, the taint data structure may be, for example, a table, a queue, or the like.
In operation S203, data transmission information of the taint data is determined based on the operation data.
According to an embodiment of the present disclosure, the data transmission information of the taint data may include, for example, a location of the taint data, a propagation path of the taint data, and the like.
According to the embodiment of the disclosure, for example, a taint propagation tree can be established according to taint data information of taint data, and the taint propagation tree is used for representing propagation paths of taint data, so that the propagation paths of taint data can be tracked according to the taint propagation tree. The taint data information can be generated by recording the information of the position, the propagation path and the like of the taint data by the analysis program aiming at the taint data identified in the running process of the program to be tested.
In operation S204, it is determined whether a security vulnerability exists in the program to be tested based on the data transmission information.
Fig. 3 schematically shows a flowchart of a method for determining whether a security vulnerability exists in a program to be tested according to operation S204 in the embodiment of the present disclosure.
As shown in fig. 3, the method may include operations S214 to S234.
In operation S214, stain sensitive points corresponding to a plurality of key functions in the program to be tested are determined.
According to the embodiment of the disclosure, for example, the stain sensitive points corresponding to each key function in the program to be tested are determined by querying a security detection policy table, where the security detection policy table records the stain sensitive points corresponding to different key functions. The critical functions may be, for example, various system call functions.
For example, the stain sensitive points recorded in the security detection policy table may include, but are not limited to, file read-write instructions, database operation instructions, network operation instructions, command execution instructions, and the like.
In operation S224, it is determined whether the stain sensitive spot is associated with the stain data based on the data transmission information.
According to embodiments of the present disclosure, it may be determined whether a taint sensitive point is associated with taint data, for example, by querying a taint propagation tree.
For example, if a read instruction is marked as a taint sensitive point, it can be determined that the parameter called by the read instruction is taint data by querying the taint propagation tree, and the taint sensitive point can be associated with the taint data.
In operation S234, in the case that the taint sensitive point is associated with taint data, it is determined that a security breach exists in the program to be tested.
FIG. 4 schematically shows a flow diagram of a testing method according to another embodiment of the present disclosure.
As shown in fig. 4, the testing method may further include operation S401 on the basis of the foregoing embodiment.
In operation S401, under the condition that it is determined that the program to be tested has a security vulnerability, a test result is displayed in the graphical interface of the integrated development environment, where the test result at least includes a risk degree of the program to be tested and a program segment having a risk in the program to be tested.
According to embodiments of the present disclosure, it may be that the more sensitive spots of a smear associated with the smear data, for example, the higher the risk level. The test results may include, for example, critical functions that present risks and specific code information.
According to an embodiment of the present disclosure, the method may further include generating a test report according to the test result, so as to store the test result in the form of the test report.
According to the embodiment of the disclosure, the method can generate detailed test results for developers to refer to.
Fig. 5A schematically illustrates a structural diagram of the security test plug-in 102 for implementing the test method in the scenario described above with reference to fig. 1 according to an embodiment of the present disclosure.
As shown in FIG. 5A, the security test plug-in 102 can include a staking engine 501, a taint marking module 502, a taint dynamic tracking module 503, a taint detection module 504, and a display module 505.
According to embodiments of the present disclosure, the security test plug-in 102 may be installed independently in an integrated development environment.
The instrumentation engine 501 may, for example, utilize a bytecode instrumentation technology to add hook points to the shutdown function during program loading, and insert corresponding analysis codes into the program to be tested based on instrumentation rules, so as to monitor the running of the program to be tested.
According to an embodiment of the present disclosure, the user may define the external input data by means of a configuration file, so that the instrumentation engine 501 determines which of the data used by the program to be tested belongs to the external input data according to the configuration file.
According to embodiments of the present disclosure, in one aspect, the instrumentation engine 501 may send the captured external input data to the taint marking module 502 so that the taint marking module 502 performs taint identification on the external input data according to taint identification rules. On the other hand, the instrumentation engine 501 may capture real-time operation data corresponding to a key function of the program to be tested, and transmit the real-time operation data to the stain dynamic tracking module 503.
External data processing and access is typically performed through system API (Application Programming Interface) calls, and thus, according to embodiments of the present disclosure, the instrumentation engine 501 may hook the critical APIs to pass external input data to the taint identification module.
The taint marking module 502 performs taint identification and marking on external input data sent by the stake-inserting engine 501.
Fig. 5B schematically illustrates a structural schematic of the spot marking module 502 according to an embodiment of the disclosure.
As shown in FIG. 5B, the spot marking module 502 can include a spot identification module 512 and a data marking module 522.
The taint identification module 512 is used for carrying out taint identification on external input data sent by the pile driving engine 501. The taint identification module 512 may identify the external input data according to a preset taint identification rule, for example. In the case where the feature of the external input data conforms to the feature of the stain data specified in the stain identification rule, the external input data may be determined to be the stain data.
According to an embodiment of the disclosure, the taint identification rule may be to determine that data input by a user is taint data; determining data obtained through a network as taint data; and/or determining the data obtained by reading the file as taint data.
The data tagging module 522 can create a taint data structure to record taint data information for taint data generated during the operation of a program to be tested according to the taint data structure.
Referring back to fig. 5A, the taint dynamic tracking module 503 is configured to obtain a code execution stream and a data transmission stream of the program to be tested in real time, and track the taint data flow direction. The taint dynamic tracking module 503 receives code execution information from the instrumentation engine 501 and can analyze the propagation relationships between taint data according to taint propagation rules and taint cleanup rules. Wherein the taint propagation rule may be determined according to a call flow of the program to be tested. The spot decontamination rules can be data that defines that no longer are contaminated after a particular operation. The specific operation may be, for example, a clear operation or the like.
According to an embodiment of the present disclosure, the taint dynamic tracking module 503 may construct a taint propagation tree according to propagation relationships between taint data and taint data to represent propagation paths of taint data through the taint propagation tree. When an instruction causing taint propagation occurs in the program to be tested in the execution process, data transmission information of taint data of the instruction is obtained according to the execution condition and the taint propagation tree captured by the instrumentation engine 501.
According to an embodiment of the present disclosure, the taint dynamic tracking module 503 may send data transmission information of the taint data to the taint detection module 504, and the taint detection module 504 performs a vulnerability analysis.
The taint detection module 504 may perform a vulnerability analysis on the received data transmission information to determine whether a vulnerability exists in the program to be tested.
According to an embodiment of the disclosure, the taint detection module 504 may determine whether the execution parameters or variables of the critical function may be directly or indirectly controlled by the outside according to the security detection policy table. And if the execution parameters or variables of the key functions are determined to be directly or indirectly controlled by the outside, determining that the program to be tested has a security hole. The safety detection strategy table can record the corresponding stain sensitive points of different key functions so as to determine whether the execution parameters or variables of the stain sensitive points are directly or indirectly controlled by the outside. For example, the stain sensitive points recorded in the security detection policy table may include, but are not limited to, file read-write instructions, database operation instructions, network operation instructions, command execution instructions, and the like.
According to an embodiment of the disclosure, the taint detection module 504 may, for example, send security risk information obtained by performing a vulnerability analysis on the data transmission information to the display module 505.
The display module 505 can process and present the security risk information from the spot detection module 504. The display module 505 can display the detected risk degree and the code information of the risk in the IDE graphical interface in real time.
FIG. 6 schematically shows a flow diagram of a testing method according to another embodiment of the present disclosure. The testing method may be performed, for example, by the security test plug-in described above with reference to fig. 5A.
As shown in fig. 6, the method may include operations S601 to S605.
In operation S601, a detection instruction is received.
According to an embodiment of the disclosure, a developer may first deploy a security test plug-in into an integrated development environment. And a developer develops the code in the integrated development environment and performs self-test on the developed code. And receiving a detection instruction for executing the function self-test.
In operation S602, the taint marking module 502 of the security test plugin may perform taint identification and marking on external input data from the instrumentation engine 501.
In operation S603, the taint dynamic tracking module 503 acquires the code execution stream and the data transmission stream from the instrumentation engine 501 in real time and tracks the flow direction of the taint data to generate data transmission information.
In operation S604, the taint detection module 504 analyzes whether there is a security breach in the code execution flow according to the data transmission information from the taint dynamic tracking module 503. If a vulnerability is detected, pushing the code details corresponding to the vulnerability to the display module 505.
In operation S605, the display module 505 displays the detected security vulnerabilities and code details in real time and provides a report output function after the test is completed.
Fig. 7 schematically illustrates a block diagram of a test apparatus 700 according to an embodiment of the present disclosure.
As shown in fig. 7, the testing apparatus 700 may include a staking module 710, a first determination module 720, a second determination module 730, and a third determination module 740.
The instrumentation module 710, for example, may execute operation S201 described above with reference to fig. 2, and is configured to insert, in response to receiving the test instruction, an analysis program into the program to be tested based on the instrumentation rule, so as to obtain, via the analysis program, operation data generated during the operation of the program to be tested.
The first determining module 720, for example, may execute the operation S202 described above with reference to fig. 2, and is configured to determine stain data used for running the program to be tested based on the running data and preset stain identification rules.
The second determining module 730, for example, may perform the operation S203 described above with reference to fig. 2, for determining the data transmission information of the taint data based on the operation data.
The third determining module 740, for example, may execute the operation S204 described above with reference to fig. 2, and is configured to determine whether a security hole exists in the program to be tested based on the data transmission information.
Any one or more of the modules, sub-modules, units, sub-units, or sub-units according to embodiments of the present disclosure may be implemented at least in part as hardware circuitry, e.g., a Field Programmable Gate Array (FPGA), a programmable logic array (P L a), a system on a chip, a system on a substrate, a system on a package, an Application Specific Integrated Circuit (ASIC), or any other reasonable manner of integrating or packaging circuitry, or in any one of or a suitable combination of software, hardware, and firmware.
For example, any number of the instrumentation module 710, the first determination module 720, the second determination module 730, and the third determination module 740 may be combined into one module, or any one of the modules may be split into multiple modules, or at least part of the functionality of one or more of these modules may be combined with at least part of the functionality of the other modules and implemented in one module according to embodiments of the present disclosure, at least one of the instrumentation module 710, the first determination module 720, the second determination module 730, and the third determination module 740 may be implemented at least in part as a hardware circuit, such as a Field Programmable Gate Array (FPGA), a programmable logic array (P L A), a system on a chip, a system on a substrate, a system on a package, an Application Specific Integrated Circuit (ASIC), or may be implemented in hardware or firmware by any other reasonable manner of integrating or packaging the circuits, or any one of the three or any suitable combination thereof, or at least one of the instrumentation module 710, the first determination module 720, the second determination module 730, and the third determination module 740 may be implemented as a computer program that, when executed by at least one of the corresponding computer module, the computer module, or at least one of the computer module, may be implemented as a computer, or a computer, a.
FIG. 8 schematically shows a block diagram of an electronic device according to an embodiment of the disclosure. The electronic device shown in fig. 8 is only an example, and should not bring any limitation to the functions and the scope of use of the embodiments of the present disclosure.
As shown in fig. 8, an electronic device 800 according to an embodiment of the present disclosure includes a processor 801 that can perform various appropriate actions and processes according to a program stored in a Read Only Memory (ROM)802 or a program loaded from a storage section 808 into a Random Access Memory (RAM) 803. The processor 801 may include, for example, a general purpose microprocessor (e.g., a CPU), an instruction set processor and/or associated chipset, and/or a special purpose microprocessor (e.g., an Application Specific Integrated Circuit (ASIC)), among others. The processor 801 may also include onboard memory for caching purposes. The processor 801 may include a single processing unit or multiple processing units for performing different actions of the method flows according to embodiments of the present disclosure.
In the RAM803, various programs and data necessary for the operation of the electronic apparatus 800 are stored. The processor 801, the ROM802, and the RAM803 are connected to each other by a bus 804. The processor 801 performs various operations of the method flows according to the embodiments of the present disclosure by executing programs in the ROM802 and/or RAM 803. Note that the programs may also be stored in one or more memories other than the ROM802 and RAM 803. The processor 801 may also perform various operations of method flows according to embodiments of the present disclosure by executing programs stored in the one or more memories.
According to AN embodiment of the present disclosure, the electronic apparatus 800 may further include AN input/output (I/O) interface 805, the input/output (I/O) interface 805 also being connected to the bus 804, the electronic apparatus 800 may further include one or more of AN input section 806 including a keyboard, a mouse, and the like, AN output section 807 including a Cathode Ray Tube (CRT), a liquid crystal display (L CD), and the like, a speaker, and the like, a storage section 808 including a hard disk, and the like, and a communication section 809 including a network interface card such as a L AN card, a modem, and the like, the communication section 809 performs communication processing via a network such as the Internet, the driver 810 is also connected to the I/O interface 805 as necessary, a removable medium 811 such as a magnetic disk, AN optical disk, a magneto-optical disk, a semiconductor memory 810, and the like is mounted on the driver 810 as necessary, so that a computer program read out therefrom is mounted into the storage section 808 as necessary.
According to embodiments of the present disclosure, method flows according to embodiments of the present disclosure may be implemented as computer software programs. For example, embodiments of the present disclosure include a computer program product comprising a computer program embodied on a computer readable storage medium, the computer program containing program code for performing the method illustrated by the flow chart. In such an embodiment, the computer program can be downloaded and installed from a network through the communication section 809 and/or installed from the removable medium 811. The computer program, when executed by the processor 801, performs the above-described functions defined in the system of the embodiments of the present disclosure. The systems, devices, apparatuses, modules, units, etc. described above may be implemented by computer program modules according to embodiments of the present disclosure.
The present disclosure also provides a computer-readable storage medium, which may be contained in the apparatus/device/system described in the above embodiments; or may exist separately and not be assembled into the device/apparatus/system. The computer-readable storage medium carries one or more programs which, when executed, implement the method according to an embodiment of the disclosure.
According to embodiments of the present disclosure, the computer-readable storage medium may be a non-volatile computer-readable storage medium, which may include, for example but is not limited to: a portable computer diskette, a hard disk, a Random Access Memory (RAM), a read-only memory (ROM), an erasable programmable read-only memory (EPROM or flash memory), a portable compact disc read-only memory (CD-ROM), an optical storage device, a magnetic storage device, or any suitable combination of the foregoing. In the present disclosure, a computer readable storage medium may be any tangible medium that can contain, or store a program for use by or in connection with an instruction execution system, apparatus, or device. For example, according to embodiments of the present disclosure, a computer-readable storage medium may include the ROM802 and/or RAM803 described above and/or one or more memories other than the ROM802 and RAM 803.
The flowchart and block diagrams in the figures illustrate the architecture, functionality, and operation of possible implementations of systems, methods and computer program products according to various embodiments of the present disclosure. In this regard, each block in the flowchart or block diagrams may represent a module, segment, or portion of code, which comprises one or more executable instructions for implementing the specified logical function(s). It should also be noted that, in some alternative implementations, the functions noted in the block may occur out of the order noted in the figures. For example, two blocks shown in succession may, in fact, be executed substantially concurrently, or the blocks may sometimes be executed in the reverse order, depending upon the functionality involved. It will also be noted that each block of the block diagrams or flowchart illustration, and combinations of blocks in the block diagrams or flowchart illustration, can be implemented by special purpose hardware-based systems which perform the specified functions or acts, or combinations of special purpose hardware and computer instructions.
Those skilled in the art will appreciate that various combinations and/or combinations of features recited in the various embodiments and/or claims of the present disclosure can be made, even if such combinations or combinations are not expressly recited in the present disclosure. In particular, various combinations and/or combinations of the features recited in the various embodiments and/or claims of the present disclosure may be made without departing from the spirit or teaching of the present disclosure. All such combinations and/or associations are within the scope of the present disclosure.
The embodiments of the present disclosure have been described above. However, these examples are for illustrative purposes only and are not intended to limit the scope of the present disclosure. Although the embodiments are described separately above, this does not mean that the measures in the embodiments cannot be used in advantageous combination. The scope of the disclosure is defined by the appended claims and equivalents thereof. Various alternatives and modifications can be devised by those skilled in the art without departing from the scope of the present disclosure, and such alternatives and modifications are intended to be within the scope of the present disclosure.
Claims (10)
1. A method of testing, comprising:
in response to the test instruction, inserting an analysis program into the program to be tested based on an insertion rule so as to obtain operation data generated in the operation process of the program to be tested through the analysis program;
determining stain data used in the running process of the program to be tested based on the running data and a preset stain identification rule;
determining data transmission information of the taint data based on the operation data; and
and determining whether the program to be tested has a security vulnerability or not based on the data transmission information.
2. The method of claim 1, wherein the program to be tested and the analysis program are Java code programs.
3. The method of claim 1, wherein the determining, based on the operation data and preset taint identification rules, taint data used for operating the program to be tested comprises:
determining external input data used for running the program to be tested based on the running data;
identifying taint data in the external input data according to a preset taint identification rule;
establishing a taint data structure, wherein the taint data structure is used for recording taint data information of the taint data generated in the running process of the program to be tested; and
and recording the taint data information of the taint data generated in the running process of the program to be tested based on the taint data structure.
4. The method of claim 3, wherein the taint identification rules include, but are not limited to, at least one of:
determining the data input by the user as taint data;
determining data obtained through a network as taint data; or
The data obtained by reading the file is determined as smear data.
5. The method of claim 3, the determining data transmission information for the taint data based on the operational data comprising:
establishing a taint propagation tree based on the taint data information, wherein the taint propagation tree is used for representing a propagation path of the taint data; and
and determining data transmission information of the taint data based on the taint propagation tree.
6. The method of claim 1, wherein determining whether the program to be tested has a security breach based on the data transfer information comprises:
determining stain sensitive points corresponding to a plurality of key functions in the program to be tested respectively;
determining whether the taint sensitive point is associated with the taint data based on the data transmission information; and
and under the condition that the taint sensitive point is associated with the taint data, determining that the program to be tested has a security vulnerability.
7. The method of claim 1, further comprising:
displaying the test result in a graphical interface of the integrated development environment under the condition that the program to be tested has the security vulnerability,
the test result at least comprises the risk degree of the program to be tested and the program section with risk in the program to be tested.
8. A test apparatus, comprising:
the instrumentation module is used for responding to the obtained test instruction, inserting an analysis program into the program to be tested based on instrumentation rules, and obtaining operation data generated in the operation process of the program to be tested through the analysis program;
the first determining module is used for determining stain data used in the running process of the program to be tested based on the running data and a preset stain identification rule;
the second determination module is used for determining data transmission information of the taint data based on the operation data; and
and the third determining module is used for determining whether the program to be tested has a security vulnerability or not based on the data transmission information.
9. An electronic device, comprising:
one or more processors;
a storage device for storing one or more programs,
wherein the one or more programs, when executed by the one or more processors, cause the one or more processors to perform the method of any of claims 1-7.
10. A computer readable storage medium having stored thereon executable instructions which, when executed by a processor, cause the processor to perform the method of any one of claims 1 to 7.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202010234361.8A CN111427792A (en) | 2020-03-27 | 2020-03-27 | Test method, test device, electronic equipment and readable storage medium |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202010234361.8A CN111427792A (en) | 2020-03-27 | 2020-03-27 | Test method, test device, electronic equipment and readable storage medium |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN111427792A true CN111427792A (en) | 2020-07-17 |
Family
ID=71549116
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202010234361.8A Pending CN111427792A (en) | 2020-03-27 | 2020-03-27 | Test method, test device, electronic equipment and readable storage medium |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN111427792A (en) |
Cited By (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN111858375A (en) * | 2020-07-28 | 2020-10-30 | 中国工商银行股份有限公司 | Software testing method, device, electronic equipment and medium |
| CN112527691A (en) * | 2021-02-18 | 2021-03-19 | 深圳开源互联网安全技术有限公司 | Program safety detection protection method, middleware system and safety middleware system |
| CN112926058A (en) * | 2021-03-25 | 2021-06-08 | 支付宝(杭州)信息技术有限公司 | Code processing method, taint analysis method and device |
| CN115277062A (en) * | 2022-06-13 | 2022-11-01 | 深圳开源互联网安全技术有限公司 | Malicious attack intercepting method, device and equipment and readable storage medium |
| CN115834255A (en) * | 2023-02-17 | 2023-03-21 | 杭州孝道科技有限公司 | Processing method and device for carrying out security detection on Web request |
Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104598383A (en) * | 2015-02-06 | 2015-05-06 | 中国科学院软件研究所 | Mode-based dynamic vulnerability discovery integrated system and mode-based dynamic vulnerability discovery integrated method |
| CN104765687A (en) * | 2015-04-10 | 2015-07-08 | 江西师范大学 | J2EE (Java 2 Enterprise Edition) program bug detection method based on object tracking and taint analysis |
| CN109002721A (en) * | 2018-07-12 | 2018-12-14 | 南方电网科学研究院有限责任公司 | A kind of mining analysis method of information security loophole |
-
2020
- 2020-03-27 CN CN202010234361.8A patent/CN111427792A/en active Pending
Patent Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104598383A (en) * | 2015-02-06 | 2015-05-06 | 中国科学院软件研究所 | Mode-based dynamic vulnerability discovery integrated system and mode-based dynamic vulnerability discovery integrated method |
| CN104765687A (en) * | 2015-04-10 | 2015-07-08 | 江西师范大学 | J2EE (Java 2 Enterprise Edition) program bug detection method based on object tracking and taint analysis |
| CN109002721A (en) * | 2018-07-12 | 2018-12-14 | 南方电网科学研究院有限责任公司 | A kind of mining analysis method of information security loophole |
Cited By (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN111858375A (en) * | 2020-07-28 | 2020-10-30 | 中国工商银行股份有限公司 | Software testing method, device, electronic equipment and medium |
| CN111858375B (en) * | 2020-07-28 | 2023-09-05 | 中国工商银行股份有限公司 | Software testing method, device, electronic equipment and medium |
| CN112527691A (en) * | 2021-02-18 | 2021-03-19 | 深圳开源互联网安全技术有限公司 | Program safety detection protection method, middleware system and safety middleware system |
| CN112926058A (en) * | 2021-03-25 | 2021-06-08 | 支付宝(杭州)信息技术有限公司 | Code processing method, taint analysis method and device |
| CN115277062A (en) * | 2022-06-13 | 2022-11-01 | 深圳开源互联网安全技术有限公司 | Malicious attack intercepting method, device and equipment and readable storage medium |
| CN115834255A (en) * | 2023-02-17 | 2023-03-21 | 杭州孝道科技有限公司 | Processing method and device for carrying out security detection on Web request |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN111427792A (en) | Test method, test device, electronic equipment and readable storage medium | |
| US20200089893A1 (en) | Firmware Verification | |
| CN110929264B (en) | Vulnerability detection method and device, electronic equipment and readable storage medium | |
| KR102537875B1 (en) | Method and apparatus for dinamically injecting fault for vehicle ecu software test | |
| CN111831573B (en) | Method, device, computer system and medium for determining code branch coverage condition | |
| CN113761519B (en) | Method and device for detecting Web application program and storage medium | |
| CN110674506B (en) | Method and system for rapidly verifying vulnerability state of application program | |
| CN112527674B (en) | AI frame safety evaluation method, device, equipment and storage medium | |
| US20130212682A1 (en) | Automatic discovery of system integrity exposures in system code | |
| Mongiovì et al. | Combining static and dynamic data flow analysis: a hybrid approach for detecting data leaks in Java applications | |
| US11868465B2 (en) | Binary image stack cookie protection | |
| CN107368713B (en) | Protect the method and security component of software | |
| CN112632547A (en) | Data processing method and related device | |
| US11880470B2 (en) | System and method for vulnerability detection in computer code | |
| CN115391230A (en) | Test script generation method, test script penetration method, test script generation device, test penetration device, test equipment and test medium | |
| US11573887B2 (en) | Extracting code patches from binary code for fuzz testing | |
| CN111858307B (en) | Fuzzy test method and equipment | |
| CN114741700A (en) | Public component library vulnerability availability analysis method and device based on symbolic taint analysis | |
| CN114358934A (en) | Verification method of intelligent contract and related equipment | |
| US20210056182A1 (en) | Device and method for bypassing analysis evasion technique, and recording medium for a program for performing the same | |
| CN116204891B (en) | Vulnerability exploitation analysis method, device and storage medium | |
| CN116414722B (en) | Fuzzy test processing method and device, fuzzy test system and storage medium | |
| CN112527672B (en) | Detection method and equipment for shell adding tool | |
| CN114048131B (en) | Method, device and equipment for testing flow needing to be checked based on fuzzing | |
| CN113688358B (en) | System security detection method and device, electronic equipment, medium and product |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination |