CN113656043A - Code checking method and device, electronic equipment and storage medium - Google Patents
Code checking method and device, electronic equipment and storage medium Download PDFInfo
- Publication number
- CN113656043A CN113656043A CN202110973894.2A CN202110973894A CN113656043A CN 113656043 A CN113656043 A CN 113656043A CN 202110973894 A CN202110973894 A CN 202110973894A CN 113656043 A CN113656043 A CN 113656043A
- Authority
- CN
- China
- Prior art keywords
- code
- check
- check value
- checked
- original
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F8/00—Arrangements for software engineering
- G06F8/40—Transformation of program code
- G06F8/41—Compilation
- G06F8/43—Checking; Contextual analysis
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F11/00—Error detection; Error correction; Monitoring
- G06F11/36—Preventing errors by testing or debugging software
- G06F11/362—Software debugging
- G06F11/3624—Software debugging by performing operations on the source code, e.g. via a compiler
-
- Y—GENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
- Y02—TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
- Y02D—CLIMATE CHANGE MITIGATION TECHNOLOGIES IN INFORMATION AND COMMUNICATION TECHNOLOGIES [ICT], I.E. INFORMATION AND COMMUNICATION TECHNOLOGIES AIMING AT THE REDUCTION OF THEIR OWN ENERGY USE
- Y02D10/00—Energy efficient computing, e.g. low power processors, power management or thermal management
Landscapes
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- General Engineering & Computer Science (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Software Systems (AREA)
- Computer Hardware Design (AREA)
- Quality & Reliability (AREA)
- Debugging And Monitoring (AREA)
Abstract
The embodiment of the invention provides a code checking method, device electronic equipment and a storage medium, and relates to the technical field of information security, wherein the method comprises the following steps: acquiring a code segment part and a data segment part corresponding to an application program to be verified; for each first check code in the code segment part, when the first check code is run, determining a code corresponding to the first check code in the code segment part as a code to be checked through the first check code; acquiring a check value of a code to be checked, which is generated in advance before the code segment operation, from the data segment part as a first check value; calculating a check value of the current code to be checked as a second check value; and if the first check value is different from the second check value, determining that the current code to be checked is abnormal. The method provided by the embodiment of the invention can be used for checking the codes in the application program in the running process of the application program and determining whether the codes are maliciously tampered.
Description
Technical Field
The present invention relates to the field of information security technologies, and in particular, to a code checking method and apparatus, an electronic device, and a storage medium.
Background
During the running process of the application program, the code in the application program, for example, the code for verifying the user information, the code for verifying the certificate information, and the like, needs to be checked to determine whether the code is maliciously tampered.
Disclosure of Invention
The embodiment of the invention aims to provide a code checking method, a code checking device, electronic equipment and a storage medium, which can check codes in an application program in the running process of the application program and determine whether the codes are maliciously tampered. The specific technical scheme is as follows:
in a first aspect of the present invention, there is provided a code checking method, including:
acquiring a code segment part and a data segment part corresponding to an application program to be verified; wherein the code segment part is: inserting each sub original code contained in the original code into the original code of the application program to be verified, wherein the sub original code is obtained by respectively corresponding to a first verification code;
for each first check code in the code segment part, when the first check code is run to, determining a code corresponding to the first check code in the code segment part as a code to be checked through the first check code;
acquiring a check value of the code to be checked, which is generated in advance before the code segment part is operated, from the data segment part as a first check value;
calculating a check value of the current code to be checked as a second check value;
and if the first check value is different from the second check value, determining that the current code to be checked is abnormal.
Optionally, the code segment part further includes: the second check code is used for checking the first check value corresponding to each sub-original code; storing a first check value corresponding to each code to be checked in a plurality of storage positions of the data segment part, wherein each storage position stores the first check value corresponding to each code to be checked;
the method further comprises the following steps:
when the second check code is run, determining whether a plurality of first check values stored in the plurality of storage positions and corresponding to the code to be checked are the same or not by the second check code for each code to be checked;
and if the two codes are different, determining that the first check value corresponding to the current code to be checked is abnormal.
Optionally, the second check code is inserted into an objective function in the original code; the target function is determined from various functions contained in the original code based on the called times in the running process of the original code.
Optionally, the code segment part is: and for each sub original code in the original codes, inserting a corresponding first check code into the sub original code.
Optionally, at least two sub original codes with overlapping portions exist in each sub original code.
In a second aspect of the present invention, there is also provided a code verification apparatus, including:
the acquisition module is used for acquiring a code segment part and a data segment part corresponding to the application program to be verified; wherein the code segment part is: inserting each sub original code contained in the original code into the original code of the application program to be verified, wherein the sub original code is obtained by respectively corresponding to a first verification code;
a code to be checked determining module, configured to determine, for each first check code in the code segment portion, a code corresponding to the first check code in the code segment portion as the code to be checked through the first check code when the first check code is run to the first check code;
a first check value obtaining module, configured to obtain, from the data segment portion, a check value of the code to be checked, which is generated in advance before the code segment portion is run, as a first check value;
the second check value calculation module is used for calculating the check value of the current code to be checked as a second check value;
and the code exception determining module is used for determining that the current code to be checked is abnormal if the first check value is different from the second check value.
Optionally, the code segment part further includes: the second check code is used for checking the first check value corresponding to each sub-original code; storing a first check value corresponding to each code to be checked in a plurality of storage positions of the data segment part, wherein each storage position stores the first check value corresponding to each code to be checked;
the device further comprises:
the first check value judging module is used for determining whether a plurality of first check values stored in the storage positions and corresponding to the codes to be checked are the same or not by the second check code when the second check code is run;
and the first check value abnormity determining module is used for determining that the first check value corresponding to the current code to be checked is abnormal if the first check value is different from the second check value.
Optionally, the second check code is inserted into an objective function in the original code; the target function is determined from various functions contained in the original code based on the called times in the running process of the original code.
Optionally, the code segment part is: and for each sub original code in the original codes, inserting a corresponding first check code into the sub original code.
Optionally, at least two sub original codes with overlapping portions exist in each sub original code.
In another aspect of the present invention, there is also provided an electronic device, which includes a processor, a communication interface, a memory and a communication bus, wherein the processor, the communication interface and the memory complete communication with each other through the communication bus;
a memory for storing a computer program;
and the processor is used for realizing any one of the code verification methods when executing the program stored in the memory.
In yet another aspect of the present invention, there is also provided a computer-readable storage medium having a computer program stored therein, the computer program implementing any one of the above code verification methods when executed by a processor.
In yet another aspect of the present invention, there is also provided a computer program product containing instructions which, when run on a computer, cause the computer to perform any of the code verification methods described above.
By adopting the method provided by the embodiment of the invention, the code segment part corresponding to the application program to be verified is obtained; wherein, the code segment part is: inserting each sub original code contained in the original code into the original code of the application program to be verified, wherein each sub original code corresponds to the first verification code; for each first check code in the code segment part, when the first check code is run, determining a code corresponding to the first check code in the code segment part as a code to be checked through the first check code; acquiring a check value of the code to be checked, which is generated in advance before the code segment operation, from the data segment part as a first check value; calculating a check value of the current code to be checked as a second check value; and if the first check value is different from the second check value, determining that the current code to be checked is abnormal.
The method provided by the embodiment of the invention can be used for checking the codes in the application program in the running process of the application program and determining whether the codes are maliciously tampered.
Drawings
In order to more clearly illustrate the embodiments of the present invention or the technical solutions in the prior art, the drawings used in the description of the embodiments or the prior art will be briefly described below.
Fig. 1 is a flowchart of a code verification method provided in an embodiment of the present invention;
fig. 2 is a flowchart of a check value checking method provided in an embodiment of the present invention;
FIG. 3 is a flow chart of a principle of a verification method provided in an embodiment of the present invention;
FIG. 4 is a partial diagram of a code segment provided in an embodiment of the invention;
FIG. 5 is a partial schematic diagram of another code segment provided in an embodiment of the invention;
fig. 6 is a schematic diagram illustrating a verification performed on a verification value according to an embodiment of the present invention;
fig. 7 is a structural diagram of a code verification apparatus provided in an embodiment of the present invention;
fig. 8 is a schematic structural diagram of an electronic device according to an embodiment of the present invention.
Detailed Description
The technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are only a part of the embodiments of the present invention, and not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
During the running process of the application program, the code in the application program, for example, the code for verifying the user information, the code for verifying the certificate information, and the like, needs to be checked to determine whether the code is maliciously tampered.
The embodiment of the invention provides a code checking method. Referring to fig. 1, fig. 1 is a flowchart of a code verification method provided in an embodiment of the present application, where the method may include the following steps:
s101: and acquiring a code segment part and a data segment part corresponding to the application program to be verified.
Wherein, the code segment part is: and inserting each sub original code contained in the original code into the original code of the application program to be verified, wherein each sub original code corresponds to the first verification code.
S102: and for each first check code in the code segment part, when the first check code is run, determining a code corresponding to the first check code in the code segment part as a code to be checked through the first check code.
S103: and acquiring a check value of the code to be checked, which is generated in advance before the code segment part is run, from the data segment part as a first check value.
S104: and calculating the check value of the current code to be checked as a second check value.
S105: and if the first check value is different from the second check value, determining that the current code to be checked is abnormal.
The method provided by the embodiment of the invention can be used for checking the codes in the application program in the running process of the application program and determining whether the codes are maliciously tampered.
With respect to step S101, in one implementation, the child raw code represents a piece of code in the raw code, for example, the child raw code may be one or more lines of code in the raw code, or may be the entire raw code. That is, the original code may include a plurality of child original codes.
And the first check code corresponding to one sub original code represents the code for checking the sub original code.
The original code of the application to be verified may include a code segment and a data segment. Before the application program to be verified is run, a first verification code may be inserted in the original code of the application program to be verified in advance. For example, a code segment in the original code of the application to be verified may be searched, and then at least one respective sub-original code is inserted into the code segment, where the respective sub-original code corresponds to the first verification code.
When the first check codes are inserted, each first check code may be randomly inserted into the original code to obtain a code segment portion. Based on the above process, for any one sub-original code, one first check code may be inserted, or a plurality of first check codes may be inserted. In this case, the code corresponding to the first check code in the code segment part (i.e. the code to be checked) may be the code after the first check code is inserted into the sub-original code. Alternatively, for any one of the child original codes, the first check code may not be inserted therein, in which case the code to be checked may be the child original code.
In one embodiment, the code segment portion is: and for each sub original code in the original code, inserting a corresponding first check code into the sub original code.
In one embodiment, there are at least two child original codes having overlapping portions in each child original code.
In one implementation, for any one child original code, there is an overlap with at least one other child original code. For example, assume that original code contains 50 lines of code, child original code 1 contains lines 1-15 of code, child original code 2 contains lines 10-35 of code, child original code 3 contains lines 36-50 of code, child original code 4 contains lines 36-40 of code, and child original code 5 contains lines 10-12 and lines 38-45 of code. The child original code 1 and the child original code 2 have overlapping portions, the child original code 3 and the child original code 4 have overlapping portions, and the child original code 5 and the child original codes 1, 2, 3, 4 have overlapping portions, respectively. Specifically, the code lines included in each child original code may be determined based on important code lines in the application, for example, a code for verifying user information, a code for verifying certificate information, and the like. For example, the determined overlapping parts among the plurality of sub original codes are important code lines in the application program. Therefore, the checking times of the important code lines in the application program can be increased, and whether the important code lines are maliciously tampered or not can be found in time.
In another implementation, the union of the overlapping parts between the sub-original codes is the original code, that is, each line of codes in the original code is checked at least twice. For example, assume that the original code contains 5 lines of code, the child original code 1 contains lines 1-2 of code, the child original code 2 contains lines 2 and 4 of code, the child original code 3 contains lines 3 and 5 of code, the child original code 4 contains lines 1 of code, and the child original code 5 contains lines 2-5 of code. The overlapping part of the sub original code 1 and the sub original code 2 is the code of the 2 nd line, the overlapping part of the sub original code 4 and the sub original code 1 is the code of the 1 st line, the overlapping part of the sub original code 5 and the sub original code 2 is the code of the 2 nd line and the 4 th line, and the overlapping part of the sub original code 5 and the sub original code 3 is the code of the 3 rd line and the 5 th line. The overlapped parts of the sub original codes are merged into a first line of codes, a second line of codes, a third line of codes, a fourth line of codes and a fifth line of codes, and the overlapped parts contain all code lines of the original codes, namely, the overlapped parts of the sub original codes are merged into the original codes. It is ensured that the first check code can check all code lines in the code section part at least twice.
The two sub original codes have the overlapping part, so that the overlapping part can be checked for many times by using the first check codes corresponding to the two sub original codes, and the check area of the first check codes is of a mesh structure, so that malicious tampering can be checked more easily.
In an implementation manner, the first check code may be inserted into the corresponding sub-original code, so as to ensure that when the sub-original code segment is run, the first check code corresponding to the sub-original code segment may be run to check the sub-original code, that is, the sub-original code may be checked in time, thereby improving the real-time performance of the check.
In step S102, in an implementation manner, in the process of running part of the code segment, the inserted first check code may be run, and the code to be checked corresponding to the first check code may be checked by running the first check code. That is, the code in the application may be checked during the running of the application.
In step S103, in one implementation manner, before the application program to be verified runs, a hash function is used to calculate a verification value of the code to be verified in advance. The Hash function may be MD5(MD5Message-Digest Algorithm), or may also be SHA (Secure Hash Algorithm), but is not limited thereto.
In step S104, in one implementation, the second check value is calculated using the same hash function as in step S103. The second check value, that is, the check value of the code to be checked when the first check code is running.
In step S105, in an implementation manner, the first check value is different from the second check value, and the code to be checked is a code obtained by inserting the first check code into the child original code, which indicates that the child original code is tampered, or the inserted first check code is tampered, or both the child original code and the inserted first check code are tampered.
In another implementation manner, the first check value is different from the second check value, and the code to be checked is the child original code, which indicates that the child original code is tampered.
In one embodiment, the code segment section further comprises: the second check code is used for checking the first check value corresponding to each sub-original code; the first check value corresponding to each code to be checked is stored in a plurality of storage positions, and the first check value corresponding to each code to be checked is stored in each storage position.
Referring to fig. 2, fig. 2 is a flowchart of a check value verification method provided in an embodiment of the present application, where the method may include the following steps:
s201: when the second check code is run, whether the first check values stored in the storage positions and corresponding to the code to be checked are the same or not is determined for each code to be checked through the second check code.
S202: and if the two codes are different, determining that the first check value corresponding to the current code to be checked is abnormal.
In one implementation, in the process of partial operation of the code segment, the inserted second check code may be executed, and the first check value generated in advance may be checked by executing the second check code. That is, the first check value generated in advance may be checked during the running of the application program.
In one implementation, each first check value may be saved in a global variable, so that all the first check codes and the second check codes in the program may obtain the first check value in the global variable when running. Each first check value is illustratively held in at least two global variables, i.e., for each first check value, multiple copies of the first check value may be held by the global variables. For a certain code to be checked, one global variable can be selected from a plurality of global variables used for recording a first check value corresponding to the code to be checked through the first check code. Further, the value recorded in the global variable is obtained, and then the value may be compared with the second check code to perform checking of the code to be checked.
In another implementation, the first check values may be stored in a plurality of files, and each file stores the first check value. One of the files may be used as a check file and the other files as backup files. When the first check code is run, the check file can be called, and a first check value corresponding to the first check code is obtained from the check file. When the second check code is run, the backup file can be called to check each first check value in the check file. That is, for a first check value of a certain code to be checked stored in a check file, a first check value (which may be referred to as a backup first check value) of the code to be checked stored in a backup file may be obtained through a second check code, and the first check value stored in the check file is compared with the backup first check value, so as to check the first check value corresponding to the first check code.
Through the second check code, a plurality of first check values corresponding to a certain code to be checked in the plurality of storage locations can be acquired. That is, a first check value corresponding to the code to be checked is stored in any one of the plurality of storage locations. Through the second check code, whether a plurality of first check values corresponding to the stored code to be checked in the plurality of storage positions are the same or not can be judged. If the two codes are different, it can be determined that the first check value corresponding to the current code to be checked is abnormal.
In one embodiment, the second check-up code is inserted in an objective function in the original code; the target function is determined from the functions contained in the original code based on the number of times of being called in the running process of the original code.
In one implementation, during the partial operation of the code segment, when the target function is called, the second check code may be executed to check the first check value.
The target function inserted by the second check code can be determined according to the check times of the second check code during the operation of the application program.
If the number of times of verification that needs to be performed through the second verification code is large, that is, the first verification value needs to be frequently verified, the function with the large number of times of call can be used as the target function. For example, a function with a preset number of times that the number of times of calls is relatively large may be used as the target function, or a function with a number of times that the number of times of calls is greater than a preset threshold may be used as the target function.
If the number of times of verification which needs to be performed through the second verification code is small, that is, the first verification value does not need to be frequently verified, in order to not increase the program running time too much, a function with a small number of times of calling can be used as the target function. For example, a preset number of functions with a relatively small number of times of calls may be used as the target function, or a function with a number of times of calls smaller than a preset threshold may be used as the target function.
Referring to fig. 3, fig. 3 is a flowchart illustrating a principle of a verification method according to an embodiment of the present application.
When the first check code in the program is run, a target check value (the above-described second check value) of the code to be checked is calculated. A HashCal (hash value calculator) may be used to calculate a hash value of the code to be checked as the second check value.
And calling a comparison check value, wherein the comparison check value can be the first check value, and the comparison check value can be stored in a preset memory. For example, the hash value may be stored in a HashStore (hash value storage), the hash value storage may store the hash value by using a (key, value) Method, that is, store the first check value, and the value corresponding to the key may be called in the HashStore by using the key in the first check code, that is, the first check value is called.
And comparing the target check value with the comparison check value, namely comparing the calculated second check value with the called first check value. If the comparison is consistent, the program is indicated to have no exception. If the comparison is inconsistent, the program operation is abnormal, and an abnormal response is entered, wherein the abnormal response can be stopping the program operation and performing an abnormal alarm.
Referring to fig. 4, fig. 4 is a partial schematic view of a code segment of a verification method according to an embodiment of the present disclosure.
Stage1 (first paragraph) indicates a first Stage check, i.e. checking the code section parts. The left and right sides in fig. 4 each represent a code segment portion of an application, and the Checker1-6 represents each first check code. The code portions to be verified, which are protected (verified) by two adjacent first verification codes, have overlapping portions, the protection intervals of all the Checkers form a mesh-shaped protection interval, and some program codes can be verified by the two Checkers, so that malicious tampering is easier to verify.
Referring to fig. 5, fig. 5 is a partial schematic view of another verification method code segment provided in the embodiment of the present application.
Stage1 denotes a first Stage check, i.e. checking a section of code. The code section part of the application is shown in fig. 5, and the Checker1-3 indicates respective first check codes. The code portions to be checked protected by two adjacent first check codes have an overlapping portion, and the code portions to be checked protected by three adjacent first check codes also have an overlapping portion. The protection ranges of the Checkers can be overlapped, the protection intervals of all Checkers form a mesh protection interval, and some program codes can be verified by a plurality of Checkers, so that malicious tampering is easier to verify.
Referring to fig. 6, fig. 6 is a schematic diagram illustrating a verification performed on a verification value according to an embodiment of the present application.
Stage2 (second paragraph) represents the second Stage of verification, i.e., the verification of the first verification value. The right side of fig. 6 shows a code segment part of the application program, and Stage1Checker1-Stage 1Checker3 may be the first check code for checking the code to be checked. Stage2Checker1-Stage2Checker3 may be a second check code that checks the first check value.
The left side of fig. 6 shows a memory for storing check values, and HashStore for Stage1Checker1-HashStore for Stage1Checker3 may be the first check value of the code to be checked corresponding to the first check code in the code segment part. HashStore for Stack 1Checkers can store HashStore for Stack 1Checker1-HashStore for Stack 1Checker3, which can be used for verifying the first verification value. The protection intervals of the Stage2Checker1-Stage2Checker3 comprise all first check values, namely, any one of the codes of the Stage2Checker1-Stage2Checker3 can be operated to check all the first check values.
Based on the same inventive concept, an embodiment of the present invention further provides a code verification apparatus, referring to fig. 7, where fig. 7 is a structural diagram of the code verification apparatus provided in the embodiment of the present application, and the apparatus includes:
an obtaining module 701, configured to obtain a code segment portion and a data segment portion corresponding to an application program to be verified; wherein, the code segment part is: inserting each sub original code contained in the original code into the original code of the application program to be verified, wherein each sub original code corresponds to the first verification code;
a to-be-verified code determining module 702, configured to determine, for each first verification code in the code segment portion, a child original code corresponding to the first verification code in the code segment portion as the to-be-verified code through the first verification code when the first verification code is run to the first verification code;
a first check value obtaining module 703, configured to obtain, from the data segment portion, a check value of a code to be checked, which is generated in advance before the code segment portion is run, as a first check value;
a second check value calculating module 704, configured to calculate a check value of the current code to be checked as a second check value;
the to-be-verified code exception determining module 705 is configured to determine that the current to-be-verified code is abnormal if the first verification value is different from the second verification value.
In one embodiment, the code segment part further comprises: the second check code is used for checking the first check value corresponding to each sub-original code; storing a first check value corresponding to each code to be checked in a plurality of storage positions of the data segment part, wherein each storage position stores the first check value corresponding to each code to be checked;
the device also includes:
the first check value judging module is used for determining whether the first check values corresponding to the codes to be checked stored in the storage positions are the same or not through the second check codes when the second check codes are run to the second check codes;
and the first check value abnormity determining module is used for determining that the first check value corresponding to the current code to be checked is abnormal if the first check value is different from the second check value.
In one embodiment, the second check code is inserted in an objective function in the original code; the target function is determined from the functions contained in the original code based on the number of times of being called in the running process of the original code.
In one embodiment, the code segment portion is: and for each sub original code in the original code, inserting a corresponding first check code into the sub original code.
In one embodiment, there are at least two child original codes having overlapping portions in each of the child original codes.
An embodiment of the present invention further provides an electronic device, as shown in fig. 8, which includes a processor 801, a communication interface 802, a memory 803, and a communication bus 804, where the processor 801, the communication interface 802, and the memory 803 complete mutual communication through the communication bus 804,
a memory 803 for storing a computer program;
the processor 801 is configured to implement the following steps when executing the program stored in the memory 803:
acquiring a code segment part and a data segment part corresponding to an application program to be verified; wherein the code segment part is: inserting each sub original code contained in the original code into the original code of the application program to be verified, wherein the sub original code is obtained by respectively corresponding to a first verification code;
for each first check code in the code segment part, when the first check code is run to, determining a code corresponding to the first check code in the code segment part as a code to be checked through the first check code;
acquiring a check value of the code to be checked, which is generated in advance before the code segment part is operated, from the data segment part as a first check value;
calculating a check value of the current code to be checked as a second check value;
and if the first check value is different from the second check value, determining that the current code to be checked is abnormal.
The communication bus mentioned in the electronic device may be a Peripheral Component Interconnect (PCI) bus, an Extended Industry Standard Architecture (EISA) bus, or the like. The communication bus may be divided into an address bus, a data bus, a control bus, etc. For ease of illustration, only one thick line is shown, but this does not mean that there is only one bus or one type of bus.
The communication interface is used for communication between the terminal and other equipment.
The Memory may include a Random Access Memory (RAM) or a non-volatile Memory (non-volatile Memory), such as at least one disk Memory. Optionally, the memory may also be at least one memory device located remotely from the processor.
The Processor may be a general-purpose Processor, and includes a Central Processing Unit (CPU), a Network Processor (NP), and the like; the device can also be a Digital Signal Processor (DSP), an Application Specific Integrated Circuit (ASIC), a Field Programmable Gate Array (FPGA) or other Programmable logic device, a discrete Gate or transistor logic device, or a discrete hardware component.
In yet another embodiment of the present invention, a computer-readable storage medium is further provided, in which a computer program is stored, and the computer program, when executed by a processor, implements the code verification method in any of the above embodiments.
In yet another embodiment, there is also provided a computer program product containing instructions which, when run on a computer, cause the computer to perform the code verification method of any of the above embodiments.
In the above embodiments, the implementation may be wholly or partially realized by software, hardware, firmware, or any combination thereof. When implemented in software, may be implemented in whole or in part in the form of a computer program product. The computer program product includes one or more computer instructions. When loaded and executed on a computer, cause the processes or functions described in accordance with the embodiments of the invention to occur, in whole or in part. The computer may be a general purpose computer, a special purpose computer, a network of computers, or other programmable device. The computer instructions may be stored in a computer readable storage medium or transmitted from one computer readable storage medium to another, for example, from one website site, computer, server, or data center to another website site, computer, server, or data center via wired (e.g., coaxial cable, fiber optic, Digital Subscriber Line (DSL)) or wireless (e.g., infrared, wireless, microwave, etc.). The computer-readable storage medium can be any available medium that can be accessed by a computer or a data storage device, such as a server, a data center, etc., that incorporates one or more of the available media. The usable medium may be a magnetic medium (e.g., floppy Disk, hard Disk, magnetic tape), an optical medium (e.g., DVD), or a semiconductor medium (e.g., Solid State Disk (SSD)), among others.
It is noted that, herein, relational terms such as first and second, and the like may be used solely to distinguish one entity or action from another entity or action without necessarily requiring or implying any actual such relationship or order between such entities or actions. Also, the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus. Without further limitation, an element defined by the phrase "comprising an … …" does not exclude the presence of other identical elements in a process, method, article, or apparatus that comprises the element.
All the embodiments in the present specification are described in a related manner, and the same and similar parts among the embodiments may be referred to each other, and each embodiment focuses on the differences from the other embodiments. In particular, for the apparatus, the electronic device, the computer-readable storage medium, and the computer program product embodiments, since they are substantially similar to the method embodiments, the description is relatively simple, and for the relevant points, reference may be made to the partial description of the method embodiments.
The above description is only for the preferred embodiment of the present invention, and is not intended to limit the scope of the present invention. Any modification, equivalent replacement, or improvement made within the spirit and principle of the present invention shall fall within the protection scope of the present invention.
Claims (10)
1. A method for code verification, the method comprising:
acquiring a code segment part and a data segment part corresponding to an application program to be verified; wherein the code segment part is: inserting each sub original code contained in the original code into the original code of the application program to be verified, wherein the sub original code is obtained by respectively corresponding to a first verification code;
for each first check code in the code segment part, when the first check code is run to, determining a code corresponding to the first check code in the code segment part as a code to be checked through the first check code;
acquiring a check value of the code to be checked, which is generated in advance before the code segment part is operated, from the data segment part as a first check value;
calculating a check value of the current code to be checked as a second check value;
and if the first check value is different from the second check value, determining that the current code to be checked is abnormal.
2. The method of claim 1, wherein the code segment section further comprises: the second check code is used for checking the first check value corresponding to each sub-original code; storing a first check value corresponding to each code to be checked in a plurality of storage positions of the data segment part, wherein each storage position stores the first check value corresponding to each code to be checked;
the method further comprises the following steps:
when the second check code is run, determining whether a plurality of first check values stored in the plurality of storage positions and corresponding to the code to be checked are the same or not by the second check code for each code to be checked;
and if the two codes are different, determining that the first check value corresponding to the current code to be checked is abnormal.
3. The method of claim 2, wherein the second check-up code is inserted in an objective function in the original code; the target function is determined from various functions contained in the original code based on the called times in the running process of the original code.
4. The method of claim 1, wherein the code segment portion is: and for each sub original code in the original codes, inserting a corresponding first check code into the sub original code.
5. The method according to any of claims 1-4, wherein there are at least two of the respective sub-raw codes having overlapping portions.
6. A code verification apparatus, comprising:
the acquisition module is used for acquiring a code segment part and a data segment part corresponding to the application program to be verified; wherein the code segment part is: inserting each sub original code contained in the original code into the original code of the application program to be verified, wherein the sub original code is obtained by respectively corresponding to a first verification code;
a code to be checked determining module, configured to determine, for each first check code in the code segment portion, a code corresponding to the first check code in the code segment portion as the code to be checked through the first check code when the first check code is run to the first check code;
a first check value obtaining module, configured to obtain, from the data segment portion, a check value of the code to be checked, which is generated in advance before the code segment portion is run, as a first check value;
the second check value calculation module is used for calculating the check value of the current code to be checked as a second check value;
and the code exception determining module is used for determining that the current code to be checked is abnormal if the first check value is different from the second check value.
7. The apparatus of claim 6, wherein the code segment section further comprises: the second check code is used for checking the first check value corresponding to each sub-original code; storing a first check value corresponding to each code to be checked in a plurality of storage positions of the data segment part, wherein each storage position stores the first check value corresponding to each code to be checked;
the device further comprises:
the first check value judging module is used for determining whether a plurality of first check values stored in the storage positions and corresponding to the codes to be checked are the same or not by the second check code when the second check code is run;
and the first check value abnormity determining module is used for determining that the first check value corresponding to the current code to be checked is abnormal if the first check value is different from the second check value.
8. The apparatus of claim 7, wherein the second check-up code is inserted in an objective function in the original code; the target function is determined from various functions contained in the original code based on the called times in the running process of the original code.
9. An electronic device is characterized by comprising a processor, a communication interface, a memory and a communication bus, wherein the processor and the communication interface are used for realizing mutual communication by the memory through the communication bus;
a memory for storing a computer program;
a processor for implementing the method steps of any one of claims 1 to 5 when executing a program stored in the memory.
10. A computer-readable storage medium, characterized in that a computer program is stored in the computer-readable storage medium, which computer program, when being executed by a processor, carries out the method steps of any one of the claims 1-5.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202110973894.2A CN113656043B (en) | 2021-08-24 | 2021-08-24 | Code verification method and device, electronic equipment and storage medium |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202110973894.2A CN113656043B (en) | 2021-08-24 | 2021-08-24 | Code verification method and device, electronic equipment and storage medium |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN113656043A true CN113656043A (en) | 2021-11-16 |
| CN113656043B CN113656043B (en) | 2023-09-05 |
Family
ID=78492662
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202110973894.2A Active CN113656043B (en) | 2021-08-24 | 2021-08-24 | Code verification method and device, electronic equipment and storage medium |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN113656043B (en) |
Citations (11)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20030023856A1 (en) * | 2001-06-13 | 2003-01-30 | Intertrust Technologies Corporation | Software self-checking systems and methods |
| US20070005992A1 (en) * | 2005-06-30 | 2007-01-04 | Travis Schluessler | Signed manifest for run-time verification of software program identity and integrity |
| CN101295278A (en) * | 2007-04-23 | 2008-10-29 | 大唐移动通信设备有限公司 | Method and device for locating course of overwritten code segment |
| US20130347109A1 (en) * | 2012-06-21 | 2013-12-26 | Cisco Technology, Inc. | Techniques for Detecting Program Modifications |
| DE102014203963A1 (en) * | 2014-03-05 | 2015-09-10 | Robert Bosch Gmbh | Method and device for controlling a memory |
| CN104932902A (en) * | 2015-07-09 | 2015-09-23 | 魅族科技(中国)有限公司 | Method for generating APK file and terminal |
| US20160357958A1 (en) * | 2015-06-08 | 2016-12-08 | Michael Guidry | Computer System Security |
| CN107870793A (en) * | 2017-12-22 | 2018-04-03 | 上海众人网络安全技术有限公司 | The method and device of SO files is loaded in a kind of application program |
| CN110245523A (en) * | 2019-05-22 | 2019-09-17 | 北京奇艺世纪科技有限公司 | A kind of data verification method, system and device and computer readable storage medium |
| US10467390B1 (en) * | 2016-08-18 | 2019-11-05 | Snap Inc. | Cyclically dependent checks for software tamper-proofing |
| CN112613037A (en) * | 2020-12-29 | 2021-04-06 | 北京永新视博数字电视技术有限公司 | Code checking method and device |
-
2021
- 2021-08-24 CN CN202110973894.2A patent/CN113656043B/en active Active
Patent Citations (11)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20030023856A1 (en) * | 2001-06-13 | 2003-01-30 | Intertrust Technologies Corporation | Software self-checking systems and methods |
| US20070005992A1 (en) * | 2005-06-30 | 2007-01-04 | Travis Schluessler | Signed manifest for run-time verification of software program identity and integrity |
| CN101295278A (en) * | 2007-04-23 | 2008-10-29 | 大唐移动通信设备有限公司 | Method and device for locating course of overwritten code segment |
| US20130347109A1 (en) * | 2012-06-21 | 2013-12-26 | Cisco Technology, Inc. | Techniques for Detecting Program Modifications |
| DE102014203963A1 (en) * | 2014-03-05 | 2015-09-10 | Robert Bosch Gmbh | Method and device for controlling a memory |
| US20160357958A1 (en) * | 2015-06-08 | 2016-12-08 | Michael Guidry | Computer System Security |
| CN104932902A (en) * | 2015-07-09 | 2015-09-23 | 魅族科技(中国)有限公司 | Method for generating APK file and terminal |
| US10467390B1 (en) * | 2016-08-18 | 2019-11-05 | Snap Inc. | Cyclically dependent checks for software tamper-proofing |
| CN107870793A (en) * | 2017-12-22 | 2018-04-03 | 上海众人网络安全技术有限公司 | The method and device of SO files is loaded in a kind of application program |
| CN110245523A (en) * | 2019-05-22 | 2019-09-17 | 北京奇艺世纪科技有限公司 | A kind of data verification method, system and device and computer readable storage medium |
| CN112613037A (en) * | 2020-12-29 | 2021-04-06 | 北京永新视博数字电视技术有限公司 | Code checking method and device |
Also Published As
| Publication number | Publication date |
|---|---|
| CN113656043B (en) | 2023-09-05 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN112187773B (en) | Network security vulnerability mining method and device | |
| CN111064745B (en) | Self-adaptive back-climbing method and system based on abnormal behavior detection | |
| US20200235947A1 (en) | Changing smart contracts recorded in block chains | |
| CN107992738B (en) | Account login abnormity detection method and device and electronic equipment | |
| CN111679968A (en) | Interface calling abnormity detection method and device, computer equipment and storage medium | |
| CN111931172A (en) | Financial system business process abnormity early warning method and device | |
| CN109145651B (en) | Data processing method and device | |
| CN113656042A (en) | Code generation method and device, electronic equipment and storage medium | |
| CN110597453A (en) | Video data storage method and device in cloud storage system | |
| CN110598996A (en) | Risk processing method and device, electronic equipment and storage medium | |
| KR102213460B1 (en) | System and method for generating software whistlist using machine run | |
| CN114329469A (en) | API abnormal calling behavior detection method, device, equipment and storage medium | |
| CN108196975B (en) | Data verification method and device based on multiple checksums and storage medium | |
| CN117495544A (en) | Sandbox-based wind control evaluation method, sandbox-based wind control evaluation system, sandbox-based wind control evaluation terminal and storage medium | |
| CN113656043B (en) | Code verification method and device, electronic equipment and storage medium | |
| CN108647516B (en) | Method and device for defending against illegal privilege escalation | |
| CN114186278A (en) | Database abnormal operation identification method and device and electronic equipment | |
| CN113704255A (en) | Data insertion method and device, and data verification method and device | |
| CN108133149B (en) | Data protection method and device and electronic equipment | |
| CN111475400A (en) | Verification method of service platform and related equipment | |
| CN112231232A (en) | Method, device and equipment for determining test data model and generating test data | |
| CN111258899A (en) | Use case generation method and device, electronic equipment and computer readable storage medium | |
| CN112579858A (en) | Data crawling method and device | |
| CN111967043B (en) | Method, device, electronic equipment and storage medium for determining data similarity | |
| CN116015785B (en) | Information security protection method, electronic equipment and storage medium |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |