CN111506904B - Method and device for online bug repair - Google Patents
Method and device for online bug repair Download PDFInfo
- Publication number
- CN111506904B CN111506904B CN202010315449.2A CN202010315449A CN111506904B CN 111506904 B CN111506904 B CN 111506904B CN 202010315449 A CN202010315449 A CN 202010315449A CN 111506904 B CN111506904 B CN 111506904B
- Authority
- CN
- China
- Prior art keywords
- program
- repaired
- bug
- codes
- repair
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
- 230000008439 repair process Effects 0.000 title claims abstract description 86
- 238000000034 method Methods 0.000 title claims abstract description 53
- 230000004044 response Effects 0.000 claims description 16
- 238000004590 computer program Methods 0.000 claims description 10
- 238000001514 detection method Methods 0.000 claims description 6
- 238000005067 remediation Methods 0.000 claims description 3
- 238000010586 diagram Methods 0.000 description 10
- 238000004891 communication Methods 0.000 description 6
- 230000006870 function Effects 0.000 description 5
- 230000008569 process Effects 0.000 description 4
- 230000003287 optical effect Effects 0.000 description 3
- 238000004458 analytical method Methods 0.000 description 2
- 238000005516 engineering process Methods 0.000 description 2
- 239000000835 fiber Substances 0.000 description 2
- 230000000644 propagated effect Effects 0.000 description 2
- 230000006399 behavior Effects 0.000 description 1
- 230000000694 effects Effects 0.000 description 1
- 230000006872 improvement Effects 0.000 description 1
- 239000004973 liquid crystal related substance Substances 0.000 description 1
- 239000013307 optical fiber Substances 0.000 description 1
- 238000005457 optimization Methods 0.000 description 1
- 239000004065 semiconductor Substances 0.000 description 1
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/57—Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
- G06F21/577—Assessing vulnerabilities and evaluating computer system security
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F11/00—Error detection; Error correction; Monitoring
- G06F11/07—Responding to the occurrence of a fault, e.g. fault tolerance
- G06F11/0703—Error or fault processing not based on redundancy, i.e. by taking additional measures to deal with the error or fault not making use of redundancy in operation, in hardware, or in data representation
- G06F11/0793—Remedial or corrective actions
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/03—Indexing scheme relating to G06F21/50, monitoring users, programs or devices to maintain the integrity of platforms
- G06F2221/033—Test or assess software
Abstract
The embodiment of the disclosure discloses a method and a device for online bug fixes, wherein a specific implementation mode of the method comprises the following steps: detecting an online log of the product in an online state; when detecting that the program error reporting information exists in the online log, acquiring a program code to be repaired indicated by the program error reporting information, wherein the program error reporting information comprises a program error type; obtaining a bug repair code matched with a program code to be repaired based on a repair strategy, wherein the repair strategy is obtained by judging the type of a program error; compiling the bug fix codes into bug fix byte codes; updating byte codes corresponding to the program codes to be repaired in the virtual machine for executing the program codes to be repaired based on the bug repair byte codes; and performing bug repair on the program code to be repaired based on the updated byte code in the virtual machine. The implementation shortens the time consumed by modifying the code logic and upgrading the program, and improves the efficiency of product vulnerability processing.
Description
Technical Field
The embodiment of the disclosure relates to the technical field of computers, in particular to the technical field of data processing, and particularly relates to a method and a device for online bug repair.
Background
With more and more online applications, the use amount is larger and the probability of problem is larger and larger. In some specific cases, for example: when the application is high in concurrency, the period for modifying the code logic and releasing the new version application to solve the bug (bug) is long, and the service requirement is difficult to meet, and at the moment, some problematic methods and classes can be modified again by adopting an online bug repairing tool so as to operate according to the service logic of the user.
Disclosure of Invention
The embodiment of the disclosure provides a method and a device for online bug fixes.
In a first aspect, an embodiment of the present disclosure provides a method for online bug fixes, including: detecting an online log of the product in an online state; when detecting that the program error reporting information exists in the online log, acquiring a program code to be repaired indicated by the program error reporting information, wherein the program error reporting information comprises a program error type; obtaining a bug repair code matched with a program code to be repaired based on a repair strategy, wherein the repair strategy is obtained by judging the type of a program error; compiling the bug fix codes into bug fix byte codes; updating byte codes corresponding to the program codes to be repaired in the virtual machine for executing the program codes to be repaired based on the bug repair byte codes; and performing bug repair on the program code to be repaired based on the updated byte code in the virtual machine.
In some embodiments, obtaining vulnerability fix code that matches program code to be fixed based on a fix policy includes: judging the type of the program error; responding to the judgment that the error type of the program is indicative of the existence of a null pointer in the program to be repaired, and determining that the repair strategy is to assign a variable indicated by the null pointer in the program to be repaired; based on the repair strategy, obtaining the bug repair codes matched with the program codes to be repaired.
In some embodiments, after determining the type of program error, further comprising: and in response to determining that the program error type is indicative of the existence of a path error pointer in the program to be repaired, determining that the repair strategy is to modify the path of the program to be repaired.
In some embodiments, after determining the type of program error, further comprising: and determining the repair strategy as modifying the variable value in the program to be repaired in response to determining the program error type as representing the existence of the variable value error pointer in the program to be repaired.
In some embodiments, updating bytecode corresponding to program code to be repaired in a virtual machine for executing the program code to be repaired based on the bug repair bytecode comprises: based on the bug fix bytecode, the bytecode corresponding to the program code to be repaired in the Java virtual machine for executing the program code to be repaired is updated.
In some embodiments, the method further comprises: and positioning the problems in the product program according to the correlation between the program code to be repaired after the bug is repaired and the product program.
In some embodiments, the method further comprises: the program and/or product structure of the product is optimized based on problems in the product program.
In a second aspect, an embodiment of the present disclosure provides an apparatus for online bug fixes, including: a detection unit configured to detect an online log of a product in an online state; when detecting that the program error reporting information exists in the online log, acquiring a program code to be repaired indicated by the program error reporting information, wherein the program error reporting information comprises a program error type; the system comprises an acquisition unit, a restoration unit and a restoration unit, wherein the acquisition unit is configured to acquire a bug restoration code matched with a program code to be restored based on a restoration strategy, and the restoration strategy is obtained by judging the type of a program error; a compiling unit configured to compile the bug fix code into bug fix byte codes; an updating unit configured to update, based on the bug fix bytecode, a bytecode corresponding to the program code to be repaired in a virtual machine for executing the program code to be repaired; and the repair unit is configured to perform bug repair on the program code to be repaired based on the updated byte codes in the virtual machine.
In some embodiments, the acquisition unit comprises: the first determining module is configured to judge the type of the program error; responding to the judgment that the error type of the program is indicative of the existence of a null pointer in the program to be repaired, and determining that the repair strategy is to assign a variable indicated by the null pointer in the program to be repaired; and the acquisition module is configured to acquire the bug fix codes matched with the program codes to be repaired based on the fix policy.
In some embodiments, the acquisition unit further comprises: and a second determining module configured to determine that the repair policy is to modify the path of the program to be repaired in response to determining that the program error type is indicative of the existence of the path error pointer in the program to be repaired.
In some embodiments, the acquisition unit further comprises: and a third determining module configured to determine, in response to determining that the program error type is indicative of the existence of a variable value error pointer in the program to be repaired, that the repair policy is to modify the variable value in the program to be repaired.
In some embodiments, the apparatus further comprises: the locating unit is configured to locate problems in the product program according to the correlation between the program code to be repaired and the product program after the bug is repaired.
In a third aspect, embodiments of the present disclosure provide an electronic device, comprising: one or more processors; a storage device having one or more programs stored thereon, which when executed by one or more processors, cause the one or more processors to implement the method as described in any of the implementations of the first aspect.
In a fourth aspect, embodiments of the present disclosure provide a computer-readable medium having a computer program stored thereon, wherein the computer program, when executed by a processor, implements a method as described in any of the implementations of the first aspect.
According to the method and the device for online bug repair provided by the embodiment of the invention, online logs of products in an online state are detected, when program error information exists in the online logs, program codes to be repaired indicated by the program error information are obtained, bug repair codes matched with the program codes to be repaired are obtained based on a repair strategy, the bug repair codes are compiled into bug repair byte codes, byte codes corresponding to the program codes to be repaired in a virtual machine for executing the program codes to be repaired are updated based on the bug repair byte codes, the updated byte codes in the virtual machine are used for performing bug repair on the program codes to be repaired, the problem of bug in the program can be solved on line without releasing an online version of the program, the problem that the modified program cannot be pushed online when the server cannot be stopped due to high concurrency of application is avoided, the problem that the user experience of a user is poor if the modified program version is not released in time in the prior art is avoided by updating the byte codes, the method is realized, the problem of quick bug repair is solved, the program floor drain is consumed by the method, and the program logic is shortened, and the program processing efficiency is improved.
Drawings
Other features, objects and advantages of the present disclosure will become more apparent upon reading of the detailed description of non-limiting embodiments, made with reference to the following drawings:
FIG. 1 is an exemplary system architecture diagram in which some embodiments of the present disclosure may be applied;
FIG. 2 is a flow chart of one embodiment of a method of vulnerability online repair according to the present disclosure;
FIG. 3 is a schematic diagram of one application scenario of a method of vulnerability online repair according to an embodiment of the disclosure;
FIG. 4 is a flow chart of another embodiment of a method of vulnerability online repair according to the present disclosure;
FIG. 5 is a schematic structural diagram of one embodiment of an apparatus for vulnerability online repair according to the present disclosure;
fig. 6 is a schematic structural diagram of an electronic device suitable for use in implementing embodiments of the present disclosure.
Detailed Description
The present disclosure is described in further detail below with reference to the drawings and examples. It is to be understood that the specific embodiments described herein are merely illustrative of the invention and are not limiting of the invention. It should be noted that, for convenience of description, only the portions related to the present invention are shown in the drawings.
It should be noted that, without conflict, the embodiments of the present disclosure and features of the embodiments may be combined with each other. The present disclosure will be described in detail below with reference to the accompanying drawings in conjunction with embodiments.
FIG. 1 illustrates an exemplary system architecture 100 of a method and apparatus for vulnerability online repair to which embodiments of the present disclosure may be applied.
As shown in fig. 1, a system architecture 100 may include terminal devices 101, 102, 103, a network 104, and a server 105. The network 104 is used as a medium to provide communication links between the terminal devices 101, 102, 103 and the server 105. The network 104 may include various connection types, such as wired, wireless communication links, or fiber optic cables, among others.
The user may interact with the server 105 via the network 104 using the terminal devices 101, 102, 103 to receive or send messages or the like. Various communication client applications, such as a web browser application, a shopping class application, a search class application, an instant messaging tool, a mailbox client, social platform software, etc., may be installed on the terminal devices 101, 102, 103.
The terminal devices 101, 102, 103 may be hardware or software. When the terminal devices 101, 102, 103 are hardware, they may be various electronic devices having a display screen and supporting web browsing, including but not limited to smartphones, tablet computers, electronic book readers, laptop and desktop computers, and the like. When the terminal devices 101, 102, 103 are software, they can be installed in the above-listed electronic devices. It may be implemented as a plurality of software or software modules, for example, for providing distributed services, or as a single software or software module. The present invention is not particularly limited herein.
The server 105 may be a server providing various services, such as a bug fix server providing support for user behavior data of the terminal devices 101, 102, 103. The bug fix server can perform bug fix on program codes to be repaired and the like, and feed back a fix result (for example, a repaired program) to the background server so as to further locate product program problems.
It should be noted that, the method for online bug fixes provided by the embodiments of the present disclosure is generally performed by the server 105. Accordingly, the device for online repair of vulnerabilities is typically disposed in the server 105. The present invention is not particularly limited herein.
The server may be hardware or software. When the server is hardware, the server may be implemented as a distributed server cluster formed by a plurality of servers, or may be implemented as a single server. When the server is software, it may be implemented as a plurality of software or software modules, for example, for providing distributed services, or as a single software or software module. The present invention is not particularly limited herein.
It should be understood that the number of terminal devices, networks and servers in fig. 1 is merely illustrative. There may be any number of terminal devices, networks, and servers, as desired for implementation.
With continued reference to FIG. 2, a flow 200 of one embodiment of a method of vulnerability online repair according to the present disclosure is shown. The method for repairing the loopholes on line comprises the following steps:
step 201, detecting an online log of a product in an online state, and when detecting that program error information exists in the online log, acquiring program codes to be repaired indicated by the program error information.
In this embodiment, when a product is online, an execution body (e.g., a server shown in fig. 1) of the method may detect an online log, and when detecting that there is program error information in the online log, acquire program code to be repaired indicated by the program error information. The on-line log may record program error information of the problematic program in the product according to a preset marking rule, where the program error information includes a program error type.
Step 202, obtaining bug fix codes matched with program codes to be repaired based on the fix policy.
In this embodiment, the execution body may determine the type of the program error according to a determination rule; and obtaining a corresponding repair strategy, and inquiring to obtain the bug repair code matched with the program code to be repaired according to the repair strategy. The bug fix code may be preset by a developer.
Step 203, compiling the bug fix code into bug fix byte codes.
In this embodiment, the execution body may compile the bug fix code into bug fix bytecode.
Step 204, updating the byte code corresponding to the program code to be repaired in the virtual machine for executing the program code to be repaired based on the bug repair byte code.
In this embodiment, the execution body may update the bytecode corresponding to the program code to be repaired in the virtual machine for executing the program code to be repaired to the bug fix bytecode.
Step 205, performing bug repair on the program code to be repaired based on the updated byte code in the virtual machine.
In this embodiment, the execution body may repair the bug problem of the program to be repaired based on the updated bytecode (i.e., the bytecode of the product program) in the virtual machine, so as to solve the bug problem of the program.
It should be noted that the above updating method is a well-known technology widely studied and applied at present, and will not be described herein.
With continued reference to fig. 3, fig. 3 is a schematic diagram 300 of an application scenario of the method for online vulnerability restoration according to the present embodiment. In the online state of the product, the server 302 receives an access request 303 sent by the client 301, stores a program problem in an online log, the server 302 dynamically detects the online log, when detecting that program error information exists in the online log, obtains a program code to be repaired indicated by the program error information, obtains a bug repair code matched with the program code to be repaired based on a repair strategy obtained by judgment, compiles the bug repair code into a bug repair byte code, updates byte codes corresponding to the program code to be repaired in the virtual machine based on the bug repair byte code, and finally performs bug repair on the program code to be repaired based on the updated byte codes in the virtual machine.
According to the method for repairing the loopholes on line, which is provided by the embodiment of the invention, on-line logs of products in an on-line state are detected, when program error information exists in the on-line logs, the program codes to be repaired indicated by the program error information are obtained, the loophole repairing codes matched with the program codes to be repaired are obtained based on a repairing strategy, the loophole repairing codes are compiled into the loophole repairing byte codes, the byte codes corresponding to the program codes to be repaired in a virtual machine for executing the program codes to be repaired are updated based on the loophole repairing byte codes, the loophole repairing is carried out on the program codes to be repaired based on the updated byte codes in the virtual machine, the problem that bug is in the program without releasing the on-line version of the program is solved, the problem that the modified program cannot be pushed on line when the server cannot be stopped due to high concurrency is avoided, the problem that the program codes corresponding to bug are updated is skipped, the problem that if the modified program version is not released in time in the prior art, the user experience of a user feel bad is avoided, the problem that the loophole repairing is fast is realized, the method is shortened, the logic is consumed, the time of updating of the program code is improved, and the processing efficiency of the program floor drain is improved.
With further reference to FIG. 4, a flow of another embodiment of a method of vulnerability online remediation is shown. The flow 400 of the analysis method includes the steps of:
step 401, detecting an online log of a product in an online state, and when detecting that program error information exists in the online log, acquiring program codes to be repaired indicated by the program error information, wherein the program error information comprises a program error type.
Step 402, determining the type of the program error, and in response to determining that the type of the program error is indicative of the existence of the null pointer in the program to be repaired, determining that the repair policy is to assign a value to a variable indicated by the null pointer in the program to be repaired.
In this embodiment, the execution body may determine a type of a program error, and determine that the repair policy assigns a variable indicated by the null pointer in the program to be repaired when it is determined that the type of the program error is indicative of the existence of the null pointer in the program to be repaired. The null pointer refers to the address of a variable whose value should be given by a program exception, which results in the variable not being assigned.
In some optional implementations of the present embodiment, after determining the program error type, the method further includes: and in response to determining that the program error type is indicative of the existence of a path error pointer in the program to be repaired, determining that the repair strategy is to modify the path of the program to be repaired.
In some optional implementations of the present embodiment, after determining the program error type, the method further includes: and determining the repair strategy as modifying the variable value in the program to be repaired in response to determining the program error type as representing the existence of the variable value error pointer in the program to be repaired.
Step 403, obtaining the bug fix code matched with the program code to be repaired based on the fix policy.
In this embodiment, the execution body may obtain the bug fix code matching the program code to be repaired based on the determined fix policy.
Step 404, compiling the bug fix code into bug fix byte code.
Step 405, updating the byte code corresponding to the program code to be repaired in the virtual machine for executing the program code to be repaired based on the bug repair byte code.
In some optional implementations of the present embodiment, updating, based on the bug fix bytecode, bytecode corresponding to program code to be fixed in a virtual machine for executing the program code to be fixed includes: based on the bug fix bytecode, the bytecode corresponding to the program code to be repaired in the Java virtual machine for executing the program code to be repaired is updated. Bug fixes are performed through Java language, so that subsequent developers can modify byte codes and optimize programs more easily.
And step 406, performing bug repair on the program code to be repaired based on the updated byte codes in the virtual machine.
Step 407, locating the problem in the product program according to the correlation between the program code to be repaired after the bug is repaired and the product program.
In this embodiment, the execution body may locate a problem in the product program according to the correlation between the program code to be repaired and the product program after the bug is repaired. For example, adding code to export problematic program before the program code to be repaired, locating relevant problems in the product program according to the problematic program, as a basis for product program and product improvement optimization.
In some optional implementations of the present embodiment, the method further includes: the program and/or product structure of the product is optimized based on problems in the product program. The problems in the product program are determined, and analysis is performed by means of reproduction problems and the like, so that the program of the product is further improved, and the product structure is optimized.
In this embodiment, the specific operations of steps 401, 404 to 406 are substantially the same as those of steps 201, 203 to 205 in the embodiment shown in fig. 2, and will not be described here again.
As can be seen from fig. 4, compared with the embodiment corresponding to fig. 2, the process 400 of the method for online bug fixes in this embodiment adopts the determination of the bug types; in response to determining that the program error type is indicative of the existence of a null pointer in the program to be repaired, determining that the repair strategy is assignment of a variable indicated by the null pointer in the program to be repaired, and uniformly classifying and processing the error problem by adopting different repair strategies for different program error types, so that the problem that the error is modified due to unfamiliarity of a java byte code by a programmer is solved, and the accuracy of program bug repair is improved.
With further reference to fig. 5, as an implementation of the method shown in the foregoing figures, the present disclosure provides an embodiment of an apparatus for online bug fixes, where the embodiment of the apparatus corresponds to the embodiment of the method shown in fig. 2, and the apparatus may be specifically applied to various electronic devices.
As shown in fig. 5, the device 500 for online bug fixes in this embodiment includes: a detection unit 501 configured to detect an online log of a product in an online state, an acquisition unit 502, a compiling unit 503, an updating unit 504, and a repairing unit 505; when detecting that the program error reporting information exists in the online log, acquiring a program code to be repaired indicated by the program error reporting information, wherein the program error reporting information comprises a program error type; the system comprises an acquisition unit, a restoration unit and a restoration unit, wherein the acquisition unit is configured to acquire a bug restoration code matched with a program code to be restored based on a restoration strategy, and the restoration strategy is obtained by judging the type of a program error; a compiling unit configured to compile the bug fix code into bug fix byte codes; an updating unit configured to update, based on the bug fix bytecode, a bytecode corresponding to the program code to be repaired in a virtual machine for executing the program code to be repaired; and the repair unit is configured to perform bug repair on the program code to be repaired based on the updated byte codes in the virtual machine.
In this embodiment, the specific processes and the technical effects of the detection unit 501, the acquisition unit 502, the compiling unit 503, the updating unit 504 and the repairing unit 505 of the device 500 for online bug repairing may refer to the relevant descriptions of steps 201 to 205 in the corresponding embodiment of fig. 2, and are not described herein.
In some optional implementations of the present embodiment, the acquiring unit includes: the first determining module is configured to judge the type of the program error; responding to the judgment that the error type of the program is indicative of the existence of a null pointer in the program to be repaired, and determining that the repair strategy is to assign a variable indicated by the null pointer in the program to be repaired; and the acquisition module is configured to acquire the bug fix codes matched with the program codes to be repaired based on the fix policy.
In some optional implementations of the present embodiment, the acquiring unit further includes: and a second determining module configured to determine that the repair policy is to modify the path of the program to be repaired in response to determining that the program error type is indicative of the existence of the path error pointer in the program to be repaired.
In some optional implementations of the present embodiment, the acquiring unit further includes: and a third determining module configured to determine, in response to determining that the program error type is indicative of the existence of a variable value error pointer in the program to be repaired, that the repair policy is to modify the variable value in the program to be repaired.
In some optional implementations of this embodiment, the apparatus further includes: the locating unit is configured to locate problems in the product program according to the correlation between the program code to be repaired and the product program after the bug is repaired.
Referring now to fig. 6, a schematic diagram of an electronic device (e.g., server in fig. 1) 600 suitable for use in implementing embodiments of the present disclosure is shown. The terminal devices in the embodiments of the present disclosure may include, but are not limited to, mobile terminals such as mobile phones, notebook computers, digital broadcast receivers, PDAs (personal digital assistants), PADs (tablet computers), PMPs (portable multimedia players), car terminals (e.g., car navigation terminals), and the like, and stationary terminals such as digital TVs, desktop computers, and the like. The server illustrated in fig. 6 is merely an example, and should not be construed as limiting the functionality and scope of use of the embodiments of the present disclosure in any way.
As shown in fig. 6, the electronic device 600 may include a processing means (e.g., a central processing unit, a graphics processor, etc.) 601, which may perform various appropriate actions and processes according to a program stored in a Read Only Memory (ROM) 602 or a program loaded from a storage means 608 into a Random Access Memory (RAM) 603. In the RAM603, various programs and data required for the operation of the electronic apparatus 600 are also stored. The processing device 601, the ROM 602, and the RAM603 are connected to each other through a bus 604. An input/output (I/O) interface 605 is also connected to bus 604.
In general, the following devices may be connected to the I/O interface 605: input devices 606 including, for example, a touch screen, touchpad, keyboard, mouse, camera, microphone, accelerometer, gyroscope, and the like; an output device 607 including, for example, a Liquid Crystal Display (LCD), a speaker, a vibrator, and the like; storage 608 including, for example, magnetic tape, hard disk, etc.; and a communication device 609. The communication means 609 may allow the electronic device 600 to communicate with other devices wirelessly or by wire to exchange data. While fig. 6 shows an electronic device 600 having various means, it is to be understood that not all of the illustrated means are required to be implemented or provided. More or fewer devices may be implemented or provided instead. Each block shown in fig. 6 may represent one device or a plurality of devices as needed.
In particular, according to embodiments of the present disclosure, the processes described above with reference to flowcharts may be implemented as computer software programs. For example, embodiments of the present disclosure include a computer program product comprising a computer program embodied on a computer readable medium, the computer program comprising program code for performing the method shown in the flowcharts. In such an embodiment, the computer program may be downloaded and installed from a network via communication means 609, or from storage means 608, or from ROM 602. The above-described functions defined in the methods of the embodiments of the present disclosure are performed when the computer program is executed by the processing means 601.
It should be noted that, the computer readable medium according to the embodiments of the present disclosure may be a computer readable signal medium or a computer readable storage medium, or any combination of the two. The computer readable storage medium can be, for example, but not limited to, an electronic, magnetic, optical, electromagnetic, infrared, or semiconductor system, apparatus, or device, or a combination of any of the foregoing. More specific examples of the computer-readable storage medium may include, but are not limited to: an electrical connection having one or more wires, a portable computer diskette, a hard disk, a Random Access Memory (RAM), a read-only memory (ROM), an erasable programmable read-only memory (EPROM or flash memory), an optical fiber, a portable compact disc read-only memory (CD-ROM), an optical storage device, a magnetic storage device, or any suitable combination of the foregoing. In an embodiment of the present disclosure, a computer readable storage medium may be any tangible medium that can contain, or store a program for use by or in connection with an instruction execution system, apparatus, or device. Whereas in embodiments of the present disclosure, the computer-readable signal medium may comprise a data signal propagated in baseband or as part of a carrier wave, with computer-readable program code embodied therein. Such a propagated data signal may take any of a variety of forms, including, but not limited to, electro-magnetic, optical, or any suitable combination of the foregoing. A computer readable signal medium may also be any computer readable medium that is not a computer readable storage medium and that can communicate, propagate, or transport a program for use by or in connection with an instruction execution system, apparatus, or device. Program code embodied on a computer readable medium may be transmitted using any appropriate medium, including but not limited to: electrical wires, fiber optic cables, RF (radio frequency), and the like, or any suitable combination of the foregoing.
The computer readable medium may be contained in the electronic device; or may exist alone without being incorporated into the electronic device. The computer readable medium carries one or more programs which, when executed by the electronic device, cause the electronic device to: detecting an online log of the product in an online state; when detecting that the program error reporting information exists in the online log, acquiring a program code to be repaired indicated by the program error reporting information, wherein the program error reporting information comprises a program error type; obtaining a bug repair code matched with a program code to be repaired based on a repair strategy, wherein the repair strategy is obtained by judging the type of a program error; compiling the bug fix codes into bug fix byte codes; updating byte codes corresponding to the program codes to be repaired in the virtual machine for executing the program codes to be repaired based on the bug repair byte codes; and performing bug repair on the program code to be repaired based on the updated byte code in the virtual machine.
Computer program code for carrying out operations of embodiments of the present disclosure may be written in one or more programming languages, including an object oriented programming language such as Java, smalltalk, C ++ and conventional procedural programming languages, such as the "C" programming language or similar programming languages. The program code may execute entirely on the user's computer, partly on the user's computer, as a stand-alone software package, partly on the user's computer and partly on a remote computer or entirely on the remote computer or server. In the case of a remote computer, the remote computer may be connected to the user's computer through any kind of network, including a Local Area Network (LAN) or a Wide Area Network (WAN), or may be connected to an external computer (for example, through the Internet using an Internet service provider).
The flowcharts and block diagrams in the figures illustrate the architecture, functionality, and operation of possible implementations of systems, methods and computer program products according to various embodiments of the present disclosure. In this regard, each block in the flowchart or block diagrams may represent a module, segment, or portion of code, which comprises one or more executable instructions for implementing the specified logical function(s). It should also be noted that, in some alternative implementations, the functions noted in the block may occur out of the order noted in the figures. For example, two blocks shown in succession may, in fact, be executed substantially concurrently, or the blocks may sometimes be executed in the reverse order, depending upon the functionality involved. It will also be noted that each block of the block diagrams and/or flowchart illustration, and combinations of blocks in the block diagrams and/or flowchart illustration, can be implemented by special purpose hardware-based systems which perform the specified functions or acts, or combinations of special purpose hardware and computer instructions.
The units involved in the embodiments described in the present disclosure may be implemented by means of software, or may be implemented by means of hardware. The described units may also be provided in a processor, for example, described as: a processor includes a detection unit, an acquisition unit, a compilation unit, an update unit, and a repair unit. The names of these units do not constitute a limitation on the unit itself in some cases, for example, the detection unit may also be described as "a unit that detects an online log of a product in an online state, and when it is detected that there is program-report-error information in the online log, acquires program code to be repaired indicated by the program-report-error information".
The foregoing description is only of the preferred embodiments of the present disclosure and description of the principles of the technology being employed. It will be appreciated by those skilled in the art that the scope of the invention in the embodiments of the present disclosure is not limited to the specific combination of the above technical features, but encompasses other technical features formed by any combination of the above technical features or their equivalents without departing from the spirit of the invention. Such as the above-described features, are mutually substituted with (but not limited to) the features having similar functions disclosed in the embodiments of the present disclosure.
Claims (14)
1. A method of vulnerability online repair, the method comprising:
detecting an online log of the product in an online state;
when detecting that program error reporting information exists in an online log, acquiring program codes to be repaired indicated by the program error reporting information, wherein the program error reporting information comprises a program error type;
inquiring a preset bug repairing code matched with the program code to be repaired based on a repairing strategy, wherein the repairing strategy is obtained by judging the type of the program error;
compiling the bug fix codes into bug fix byte codes;
updating byte codes corresponding to the program codes to be repaired in the virtual machine for executing the program codes to be repaired based on the bug repair byte codes;
performing bug repair on the program code to be repaired based on the updated byte code in the virtual machine;
the updating, based on the bug fix bytecode, the bytecode corresponding to the program code to be repaired in the virtual machine for executing the program code to be repaired includes:
and updating the byte codes corresponding to the program codes to be repaired in the virtual machine into the bug repairing byte codes.
2. The method of online bug fix of claim 1, wherein the obtaining bug fix code matching the program code to be repaired based on a fix policy comprises:
judging the type of the program error;
determining a repair strategy to assign a variable indicated by the null pointer in the program to be repaired in response to determining that the program error type is indicative of the existence of the null pointer in the program to be repaired;
and acquiring the bug fix codes matched with the program codes to be repaired based on the fix strategy.
3. The method for online bug fixes of claim 2, wherein after the determining the type of program error, further comprising:
and in response to determining that the program error type is indicative of the existence of a path error pointer in the program to be repaired, determining a repair strategy to modify the path in the program to be repaired.
4. The method for online bug fixes of claim 2, wherein after the determining the type of program error, further comprising:
and in response to determining that the program error type is indicative of the existence of a variable value error pointer in the program to be repaired, determining a repair strategy to modify the variable value in the program to be repaired.
5. The method of online bug fix of claim 1, wherein updating, based on the bug fix bytecode, bytecode corresponding to the program code to be repaired in a virtual machine executing the program code to be repaired, comprises:
and updating byte codes corresponding to the program codes to be repaired in the Java virtual machine for executing the program codes to be repaired based on the bug repair byte codes.
6. The method of vulnerability online remediation of claim 1, the method further comprising:
and positioning the problems in the product program according to the correlation between the program code to be repaired and the product program after the bug is repaired.
7. The method of vulnerability online remediation of claim 6, the method further comprising:
optimizing the program and/or product structure of the product based on the problems in the product program.
8. An apparatus for online repair of vulnerabilities, comprising:
the detection unit is configured to detect an online log of the product in an online state; when detecting that program error reporting information exists in an online log, acquiring program codes to be repaired indicated by the program error reporting information, wherein the program error reporting information comprises a program error type;
the acquisition unit is configured to acquire a preset bug repair code matched with the program code to be repaired based on a repair strategy query, wherein the repair strategy is obtained by judging the type of the program error;
a compiling unit configured to compile the bug fix code into bug fix byte codes;
an updating unit configured to update, based on the bug fix bytecode, a bytecode corresponding to the program code to be repaired in a virtual machine for executing the program code to be repaired;
the repairing unit is configured to perform bug repairing on the program code to be repaired based on the updated byte codes in the virtual machine;
wherein the updating unit is further configured to: and updating the byte codes corresponding to the program codes to be repaired in the virtual machine into the bug repairing byte codes.
9. The apparatus of claim 8, wherein the obtaining unit comprises:
a determination module configured to determine the type of program error;
the first determining module is configured to determine a repair strategy to assign a variable indicated by the null pointer in the program to be repaired in response to determining that the program error type is indicative of the existence of the null pointer in the program to be repaired;
and the acquisition module is configured to acquire the bug fix codes matched with the program codes to be repaired based on the fix policy.
10. The apparatus of claim 9, wherein the obtaining unit further comprises:
and a second determining module configured to determine a repair policy to modify the path in the program to be repaired in response to determining that the program error type is indicative of a path error pointer in the program to be repaired.
11. The apparatus of claim 9, wherein the obtaining unit further comprises:
and a third determining module configured to determine a repair policy to modify the variable value in the program to be repaired in response to determining that the program error type is indicative of a variable value error pointer in the program to be repaired.
12. The apparatus for online repair of vulnerabilities of claim 8, the apparatus further comprising:
and the positioning unit is configured to position the problem in the product program according to the correlation between the program code to be repaired and the product program after the bug is repaired.
13. An electronic device, comprising:
one or more processors;
a storage device having one or more programs stored thereon;
when executed by the one or more processors, causes the one or more processors to implement the method of any of claims 1-7.
14. A computer readable medium having stored thereon a computer program, wherein the program when executed by a processor implements the method of any of claims 1-7.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202010315449.2A CN111506904B (en) | 2020-04-21 | 2020-04-21 | Method and device for online bug repair |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202010315449.2A CN111506904B (en) | 2020-04-21 | 2020-04-21 | Method and device for online bug repair |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN111506904A CN111506904A (en) | 2020-08-07 |
| CN111506904B true CN111506904B (en) | 2024-01-12 |
Family
ID=71878870
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202010315449.2A Active CN111506904B (en) | 2020-04-21 | 2020-04-21 | Method and device for online bug repair |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN111506904B (en) |
Families Citing this family (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN112199110B (en) * | 2020-10-16 | 2022-05-31 | 上海睿成软件有限公司 | Restart-free operation and maintenance upgrading method, system, device and medium |
| CN113467815A (en) * | 2021-06-30 | 2021-10-01 | 平安壹钱包电子商务有限公司 | Application repair method and device for hot update, terminal equipment and storage medium |
Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104965777A (en) * | 2015-02-04 | 2015-10-07 | 腾讯科技(深圳)有限公司 | Safety test method, apparatus and system |
| CN106446690A (en) * | 2016-09-05 | 2017-02-22 | 北京蓝海讯通科技股份有限公司 | Application vulnerability restoration apparatus, method and system |
| CN107329781A (en) * | 2017-06-21 | 2017-11-07 | 努比亚技术有限公司 | The hot restorative procedure of software, terminal, system and computer-readable recording medium |
| CN107908402A (en) * | 2017-08-15 | 2018-04-13 | 口碑(上海)信息技术有限公司 | The hot restorative procedure of Java server-sides and system |
| CN108089870A (en) * | 2016-11-21 | 2018-05-29 | 百度在线网络技术(北京)有限公司 | For repairing the method and apparatus of application |
Family Cites Families (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US8819637B2 (en) * | 2010-06-03 | 2014-08-26 | International Business Machines Corporation | Fixing security vulnerability in a source code |
| US9135405B2 (en) * | 2011-05-26 | 2015-09-15 | Carnegie Mellon University | Automated exploit generation |
| US10282550B1 (en) * | 2015-03-12 | 2019-05-07 | Whitehat Security, Inc. | Auto-remediation workflow for computer security testing |
-
2020
- 2020-04-21 CN CN202010315449.2A patent/CN111506904B/en active Active
Patent Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104965777A (en) * | 2015-02-04 | 2015-10-07 | 腾讯科技(深圳)有限公司 | Safety test method, apparatus and system |
| CN106446690A (en) * | 2016-09-05 | 2017-02-22 | 北京蓝海讯通科技股份有限公司 | Application vulnerability restoration apparatus, method and system |
| CN108089870A (en) * | 2016-11-21 | 2018-05-29 | 百度在线网络技术(北京)有限公司 | For repairing the method and apparatus of application |
| CN107329781A (en) * | 2017-06-21 | 2017-11-07 | 努比亚技术有限公司 | The hot restorative procedure of software, terminal, system and computer-readable recording medium |
| CN107908402A (en) * | 2017-08-15 | 2018-04-13 | 口碑(上海)信息技术有限公司 | The hot restorative procedure of Java server-sides and system |
Also Published As
| Publication number | Publication date |
|---|---|
| CN111506904A (en) | 2020-08-07 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| JP6294886B2 (en) | Generate native code from intermediate language code for applications | |
| US10185626B2 (en) | Automatic application error detection and rollback | |
| CN107797820B (en) | Method and device for generating patch | |
| CN110960855B (en) | Communication protocol code updating method and device, electronic equipment and storage medium | |
| GB2589658A (en) | Method and apparatus for running an applet | |
| CN110851139A (en) | Method and device for checking codes and electronic equipment | |
| CN111506904B (en) | Method and device for online bug repair | |
| CN112214408A (en) | Dependency conflict detection method and device, electronic equipment and computer readable medium | |
| CN108089870B (en) | Method and apparatus for repairing applications | |
| CN113407165B (en) | SDK generation and self-upgrade method, device, readable medium and equipment | |
| US9075679B1 (en) | Creating a prerequisite checklist corresponding to a software application | |
| CN111338666A (en) | Method, device, medium and electronic equipment for realizing application program upgrading | |
| CN113656050B (en) | Method and apparatus for generating version number | |
| CN111796865B (en) | Byte code file modification method, device, terminal equipment and medium | |
| CN112882921B (en) | Fault simulation method and device | |
| CN112506781B (en) | Test monitoring method, device, electronic equipment, storage medium and program product | |
| CN109977005B (en) | End-to-end test method, medium, device and computing equipment | |
| CN111797009A (en) | Method and device for detecting code compatibility and electronic equipment | |
| CN108287792B (en) | Method and apparatus for outputting information | |
| CN111859403A (en) | Method and device for determining dependency vulnerability, electronic equipment and storage medium | |
| CN111767486A (en) | Method, device, electronic equipment and computer readable medium for displaying page | |
| CN111562913B (en) | Method, device and equipment for pre-creating view component and computer readable medium | |
| CN107911248B (en) | Upgrading method and device | |
| CN116594630A (en) | File generation method, device, medium and electronic equipment | |
| CN116610295A (en) | Interface service providing method, device, electronic equipment, system and storage medium |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |