CN113656043B - Code verification method and device, electronic equipment and storage medium - Google Patents
Code verification method and device, electronic equipment and storage medium Download PDFInfo
- Publication number
- CN113656043B CN113656043B CN202110973894.2A CN202110973894A CN113656043B CN 113656043 B CN113656043 B CN 113656043B CN 202110973894 A CN202110973894 A CN 202110973894A CN 113656043 B CN113656043 B CN 113656043B
- Authority
- CN
- China
- Prior art keywords
- code
- check
- checked
- original
- codes
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F8/00—Arrangements for software engineering
- G06F8/40—Transformation of program code
- G06F8/41—Compilation
- G06F8/43—Checking; Contextual analysis
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F11/00—Error detection; Error correction; Monitoring
- G06F11/36—Preventing errors by testing or debugging software
- G06F11/362—Software debugging
- G06F11/3624—Software debugging by performing operations on the source code, e.g. via a compiler
-
- Y—GENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
- Y02—TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
- Y02D—CLIMATE CHANGE MITIGATION TECHNOLOGIES IN INFORMATION AND COMMUNICATION TECHNOLOGIES [ICT], I.E. INFORMATION AND COMMUNICATION TECHNOLOGIES AIMING AT THE REDUCTION OF THEIR OWN ENERGY USE
- Y02D10/00—Energy efficient computing, e.g. low power processors, power management or thermal management
Abstract
The embodiment of the application provides a code verification method, device electronic equipment and storage medium, relating to the technical field of information security, wherein the method comprises the following steps: acquiring a code segment part and a data segment part corresponding to an application program to be checked; for each first check code in the code segment part, when the code segment part runs to the first check code, determining a code corresponding to the first check code in the code segment part as a code to be checked through the first check code; acquiring a check value of a code to be checked, which is generated in advance before the code segment part is operated, from the data segment part as a first check value; calculating a check value of the current code to be checked as a second check value; if the first check value is different from the second check value, determining that the current code to be checked is abnormal. The method provided by the embodiment of the application can verify the codes in the application program in the running process of the application program to determine whether the codes are tampered maliciously.
Description
Technical Field
The present application relates to the field of information security technologies, and in particular, to a code verification method, a code verification device, an electronic device, and a storage medium.
Background
During the running of an application program, it is necessary to check codes in the application program, such as codes for verifying user information, codes for verifying certificate information, and the like, to determine whether the codes are tampered with maliciously.
Disclosure of Invention
The embodiment of the application aims to provide a code verification method, a device, electronic equipment and a storage medium, which can verify codes in an application program in the running process of the application program to determine whether the codes are tampered maliciously. The specific technical scheme is as follows:
in a first aspect of the present application, there is provided a code verification method, the method including:
acquiring a code segment part and a data segment part corresponding to an application program to be checked; wherein the code segment portion is: inserting each sub-original code contained in the original code into the original code of the application program to be verified, wherein the sub-original codes are respectively obtained by corresponding to the first verification codes;
for each first check code in the code segment part, when the code segment part runs to the first check code, determining a code corresponding to the first check code in the code segment part as a code to be checked through the first check code;
acquiring a check value of the code to be checked, which is generated in advance before the code segment part is operated, from the data segment part as a first check value;
calculating a check value of the current code to be checked as a second check value;
and if the first check value is different from the second check value, determining that the code to be checked is abnormal currently.
Optionally, the code segment portion further includes: the second check codes are used for checking the first check values corresponding to the sub-original codes respectively; the first check values corresponding to the codes to be checked are stored in a plurality of storage positions of the data segment part, and each storage position stores the first check values corresponding to the codes to be checked;
the method further comprises the steps of:
when the operation is performed to the second check code, determining whether a plurality of first check values corresponding to each code to be checked stored in the plurality of storage positions are the same or not according to the second check code;
and if the first check values are different, determining that the first check values corresponding to the current codes to be checked are abnormal.
Optionally, the second check code is inserted in an objective function in the original code; the objective function is determined from functions contained in the original code based on the number of times of being called in the running process of the original code.
Optionally, the code segment portion is: and for each sub-original code in the original codes, inserting a corresponding first check code into the sub-original code.
Optionally, at least two sub-original codes with overlapping portions exist in each sub-original code.
In a second aspect of the present application, there is also provided a code verification apparatus, the apparatus comprising:
the acquisition module is used for acquiring a code segment part and a data segment part corresponding to the application program to be checked; wherein the code segment portion is: inserting each sub-original code contained in the original code into the original code of the application program to be verified, wherein the sub-original codes are respectively obtained by corresponding to the first verification codes;
the code to be verified determining module is used for determining a code corresponding to each first verification code in the code segment part through the first verification code when the code runs to the first verification code, and the code corresponding to the first verification code in the code segment part is used as the code to be verified;
a first check value obtaining module, configured to obtain, from the data segment portion, a check value of the code to be checked, which is generated in advance before the code segment portion is run, as a first check value;
the second check value calculation module is used for calculating the check value of the current code to be checked and taking the current check value as a second check value;
and the code to be checked exception determining module is used for determining that the current code to be checked is abnormal if the first check value is different from the second check value.
Optionally, the code segment portion further includes: the second check codes are used for checking the first check values corresponding to the sub-original codes respectively; the first check values corresponding to the codes to be checked are stored in a plurality of storage positions of the data segment part, and each storage position stores the first check values corresponding to the codes to be checked;
the apparatus further comprises:
the first check value judging module is used for determining whether a plurality of first check values corresponding to each code to be checked stored in the plurality of storage positions are the same or not according to the second check code when the code to be checked runs to the second check code;
and the first check value abnormality determining module is used for determining that the first check value corresponding to the current code to be checked is abnormal if the first check value abnormality determining module is different.
Optionally, the second check code is inserted in an objective function in the original code; the objective function is determined from functions contained in the original code based on the number of times of being called in the running process of the original code.
Optionally, the code segment portion is: and for each sub-original code in the original codes, inserting a corresponding first check code into the sub-original code.
Optionally, at least two sub-original codes with overlapping portions exist in each sub-original code.
In yet another aspect of the present application, there is also provided an electronic device, including a processor, a communication interface, a memory, and a communication bus, where the processor, the communication interface, and the memory complete communication with each other through the communication bus;
a memory for storing a computer program;
and the processor is used for realizing any code verification method when executing the program stored in the memory.
In yet another aspect of the present application, there is also provided a computer readable storage medium having a computer program stored therein, which when executed by a processor implements any of the above-described code verification methods.
In yet another aspect of the application, there is also provided a computer program product containing instructions which, when run on a computer, cause the computer to perform any of the code verification methods described above.
By adopting the method provided by the embodiment of the application, the code segment part corresponding to the application program to be verified is obtained; wherein the code segment portion is: inserting each sub-original code contained in the original code into the original code of the application program to be verified, wherein the sub-original codes are respectively obtained by corresponding to the first verification codes; for each first check code in the code segment part, when the code segment part runs to the first check code, determining a code corresponding to the first check code in the code segment part as a code to be checked through the first check code; acquiring a check value of the code to be checked, which is generated in advance before the code segment part is operated, from the data segment part as a first check value; calculating a check value of the current code to be checked as a second check value; if the first check value is different from the second check value, determining that the current code to be checked is abnormal.
The method provided by the embodiment of the application can verify the code in the application program in the running process of the application program to determine whether the code is tampered maliciously.
Drawings
In order to more clearly illustrate the embodiments of the present application or the technical solutions in the prior art, the drawings used in the description of the embodiments or the prior art will be briefly described below.
FIG. 1 is a flowchart of a code verification method provided in an embodiment of the present application;
FIG. 2 is a flowchart of a check value checking method according to an embodiment of the present application;
FIG. 3 is a flow chart illustrating the principle of a verification method according to an embodiment of the present application;
FIG. 4 is a schematic diagram of a portion of a code segment provided in an embodiment of the present application;
FIG. 5 is a schematic diagram of a portion of another code segment provided in an embodiment of the present application;
FIG. 6 is a schematic diagram of checking a check value according to an embodiment of the present application;
FIG. 7 is a block diagram of a code verification device according to an embodiment of the present application;
fig. 8 is a schematic structural diagram of an electronic device according to an embodiment of the present application.
Detailed Description
The following description of the embodiments of the present application will be made clearly and completely with reference to the accompanying drawings, in which it is apparent that the embodiments described are only some embodiments of the present application, but not all embodiments. All other embodiments, which can be made by those skilled in the art based on the embodiments of the application without making any inventive effort, are intended to be within the scope of the application.
During the running of an application program, it is necessary to check codes in the application program, such as codes for verifying user information, codes for verifying certificate information, and the like, to determine whether the codes are tampered with maliciously.
The embodiment of the application provides a code verification method. Referring to fig. 1, fig. 1 is a flowchart of a code verification method according to an embodiment of the present application, where the method may include the following steps:
s101: and acquiring a code segment part and a data segment part corresponding to the application program to be verified.
Wherein the code segment portion is: and inserting each sub-original code contained in the original code into the original code of the application program to be verified, wherein the sub-original codes are respectively corresponding to the first verification code.
S102: for each first check code in the code segment part, when the operation is carried out to the first check code, determining the code corresponding to the first check code in the code segment part as the code to be checked through the first check code.
S103: and acquiring a check value of the code to be checked, which is generated in advance before the code segment part is operated, from the data segment part as a first check value.
S104: and calculating a check value of the current code to be checked as a second check value.
S105: if the first check value is different from the second check value, determining that the current code to be checked is abnormal.
The method provided by the embodiment of the application can verify the code in the application program in the running process of the application program to determine whether the code is tampered maliciously.
For step S101, in one implementation, the sub-original code represents a piece of code in the original code, for example, the sub-original code may be one or more lines of code in the original code, or may be the entire original code. That is, the original code may include a plurality of sub-original codes.
The first check code corresponding to one sub-original code represents a code for checking the sub-original code.
The original code of the application to be verified may include a code segment and a data segment. The first check code may be inserted in advance in the original code of the application to be checked before the application to be checked is run. For example, a code segment in the original code of the application to be verified may be searched, and then at least one respective sub-original code is inserted into the code segment to each correspond to the first verification code.
When the first check codes are inserted, each first check code can be randomly inserted into the original code to obtain the code segment part. Based on the above processing, one first check code may be inserted for any one sub-original code, or a plurality of first check codes may be inserted. In this case, the code corresponding to the first check code in the code segment portion (i.e., the code to be checked) may be the code after the first check code is inserted in the sub-original code. Alternatively, for any one sub-original code, the first check code may not be inserted therein, in which case the code to be checked may be the sub-original code.
In one embodiment, the code segment portions are: for each sub-original code in the original codes, inserting a corresponding first check code into the sub-original code.
In one embodiment, there are at least two sub-original codes with overlapping portions in each sub-original code.
In one implementation, for any one sub-original code, there is at least an overlap with the other sub-original code. For example, assume that the original code contains 50 lines of codes, sub-original code 1 contains lines 1-15, sub-original code 2 contains lines 10-35, sub-original code 3 contains lines 36-50, sub-original code 4 contains lines 36-40, and sub-original code 5 contains lines 10-12 and 38-45. The sub-original code 1 and the sub-original code 2 have overlapping portions, the sub-original code 3 and the sub-original code 4 have overlapping portions, and the sub-original code 5 and the sub-original codes 1, 2, 3 and 4 have overlapping portions respectively. Specifically, the code line included in each sub-original code may be determined based on an important code line in the application program, for example, a code for verifying user information, a code for verifying certificate information, and the like. For example, the overlapping portions between the determined plurality of sub-original codes are important code lines in the application program. Therefore, the verification times of important code lines in the application program can be improved, and whether the important code lines are tampered with maliciously or not can be timely found.
In another implementation, the union of overlapping portions between the sub-original codes is the original code, i.e., each line of code in the original code is verified at least twice. For example, assume that the original code contains 5 lines of codes, sub-original code 1 contains 1-2 lines of codes, sub-original code 2 contains 2 nd and 4 th lines of codes, sub-original code 3 contains 3 rd and 5 th lines of codes, sub-original code 4 contains 1 st line of codes, and sub-original code 5 contains 2-5 lines of codes. The overlapping part of the sub original code 1 and the sub original code 2 is the 2 nd row code, the overlapping part of the sub original code 4 and the sub original code 1 is the 1 st row code, the overlapping part of the sub original code 5 and the sub original code 2 is the 2 nd row and the 4 th row code, and the overlapping part of the sub original code 5 and the sub original code 3 is the 3 rd row and the 5 th row code. The overlapping part of each sub original code is summed into a first line code, a second line code, a third line code, a fourth line code and a fifth line code, and the overlapping part comprises all code lines of the original code, namely, the overlapping part of each sub original code is summed into the original code. It is ensured that the first check code can check all code lines in the code segment part at least twice.
The overlapping part is arranged between the two sub-original codes, so that the overlapping part can be checked for multiple times by using the first check codes corresponding to the two sub-original codes, the check area of the first check codes is in a net structure, and malicious tampering can be checked more easily.
In one implementation manner, the first check code can be inserted into the corresponding sub-original code, so that when the sub-original code segment is operated, the first check code corresponding to the sub-original code segment can be operated, and the sub-original code can be checked, namely, the sub-original code can be checked in time, and the real-time performance of the check is improved.
In step S102, in one implementation manner, in a process of running a code segment, the inserted first check code may be run, and by running the first check code, the code to be checked corresponding to the first check code may be checked. That is, the code in the application may be verified during the running of the application.
In step S103, in one implementation, the hash function is used to pre-calculate the verification value of the code to be verified before the application to be verified runs. The hash function may be MD5 (MD 5Message-Digest Algorithm) or SHA (Secure Hash Algorithm ), but is not limited thereto.
In step S104, in one implementation, the second check value is calculated using the same hash function as in step S103. The second check value, i.e. the check value of the code to be checked when the first check code is running.
In step S105, in one implementation manner, the first check value is different from the second check value, and the code to be checked is the code after the sub-original code is inserted into the first check code, which indicates that the sub-original code is tampered, or the inserted first check code is tampered, or both the sub-original code and the inserted first check code are tampered.
In another implementation manner, the first check value is different from the second check value, and the code to be checked is the sub-original code, which indicates that the sub-original code is tampered.
In one embodiment, the code segment portion further comprises: the second check codes are used for checking the first check values corresponding to the sub-original codes respectively; the first check values corresponding to the codes to be checked are stored in a plurality of storage positions, and each storage position stores the first check values corresponding to the codes to be checked.
Referring to fig. 2, fig. 2 is a flowchart of a check value checking method according to an embodiment of the present application, where the method may include the following steps:
s201: when the code is run to the second check code, determining whether a plurality of first check values corresponding to the code to be checked are the same or not according to the second check code and aiming at each code to be checked, wherein the first check values are stored in a plurality of storage positions.
S202: and if the first check values are different, determining that the first check values corresponding to the current codes to be checked are abnormal.
In one implementation, during the running of the code segment portion, an inserted second check code may be run, by which the pre-generated first check value may be checked. That is, the first check value generated in advance may be checked during the running of the application program.
In one implementation, each first check value may be stored in a global variable, so that all the first check codes and the second check codes in the program may acquire the first check value in the global variable during running. Illustratively, each first check value is stored in at least two global variables, i.e., for each first check value, a plurality of copies of the first check value may be stored by the global variable. For a certain code to be checked, one global variable can be selected from a plurality of global variables for recording a first check value corresponding to the code to be checked through the first check code. Further, a value recorded in the global variable is acquired, and then the value may be compared with a second check code to perform a check of the code to be checked.
In another implementation, the respective first check values may be stored in a plurality of files, each file storing a respective first check value. One of the files may be used as a verification file and the other files may be used as backup files. When the first check code is operated, the check file can be called, and a first check value corresponding to the first check code is obtained from the check file. When the second check code is run, the backup file may be invoked to check each of the first check values in the check file. That is, for a first check value of a certain code to be checked stored in the check file, the first check value of the code to be checked stored in the backup file (may be referred to as a backup first check value) may be obtained through the second check code, and the first check value stored in the check file is compared with the backup first check value to check the first check value corresponding to the first check code.
And acquiring a plurality of first check values corresponding to a certain code to be checked in the plurality of storage positions through the second check code. That is, in any one of the plurality of storage locations, a first verification value corresponding to the code to be verified is stored. And judging whether the stored first check values corresponding to the code to be checked are the same in the storage positions through the second check code. If the first check values are different, the first check value corresponding to the current code to be checked is determined to be abnormal.
In one embodiment, the second check code is inserted in an objective function in the original code; the objective function is determined from the functions contained in the original code based on the number of times called during the running of the original code.
In one implementation, during the operation of the code segment portion, when the objective function is invoked, a second check code may be operated to check the first check value.
The objective function into which the second check code is inserted can be determined according to the number of checks that need to be performed by the second check code in the running process of the application program.
If the number of times of verification by the second verification code is required to be greater, that is, the first verification value is required to be frequently verified, a function with a relatively greater number of times of being called may be used as the objective function. For example, a predetermined number of functions having a relatively large number of times of being called may be used as the target function, or a function having a number of times of being called larger than a predetermined threshold may be used as the target function.
If the number of checks that need to be performed by the second check code is small, that is, the first check value does not need to be checked frequently, in order to increase the running time of the program too much, a function that is called for a relatively small number of times may be used as the objective function. For example, a predetermined number of functions having a relatively small number of times of being called may be used as the target function, or a function having a number of times of being called smaller than a predetermined threshold may be used as the target function.
Referring to fig. 3, fig. 3 is a flowchart illustrating a verification method according to an embodiment of the present application.
When running to the first check code in the program, a target check value (the above-described second check value) of the code to be checked is calculated. A hash value of the code to be verified may be calculated as the second verification value using HashCal (hash value calculator).
And calling a comparison check value, wherein the comparison check value can be the first check value, and the comparison check value can be stored in a preset memory. For example, the hash value may be stored in a hash value memory, and the hash value memory may store a hash value, that is, store a first check value, by using a key (value) Method, and through a key in the first check code, a value corresponding to the key may be called in the hash value, that is, call the first check value.
And comparing the target check value with the comparison check value, namely comparing the calculated second check value with the called first check value. If the comparison is consistent, the program is indicated to have no abnormality. If the comparison is inconsistent, the abnormal program operation is indicated to enter an abnormal response, wherein the abnormal response can be stopping the program operation and carrying out abnormal alarm.
Referring to fig. 4, fig. 4 is a schematic diagram of a code segment of a verification method according to an embodiment of the present application.
Stage1 (first segment) represents a first Stage check, i.e., a check of the code segment portion. Both the left and right sides in fig. 4 represent code segment portions of an application program, and Checker1-6 represent respective first check codes. The code to be checked part protected (checked) by two adjacent first check codes has an overlapped part, the protection intervals of all checkers form a net-shaped protection interval, and some program codes can be checked by two checkers, so that malicious tampering is checked more easily.
Referring to fig. 5, fig. 5 is a schematic diagram of a code segment of another verification method according to an embodiment of the present application.
Stage1 represents a first Stage of verification, i.e., a verification of a code segment portion. In fig. 5, a code segment portion of an application program is shown, and Checker1-3 represents respective first check codes. The code portions to be verified, which are protected by two adjacent first verification codes, have overlapping portions, and the code portions to be verified, which are protected by three adjacent first verification codes, also have overlapping portions. The protection ranges of the checkers can be overlapped, and the protection intervals of all the checkers form a net-shaped protection interval, so that some program codes can be checked by a plurality of checkers, and malicious tampering can be checked more easily.
Referring to fig. 6, fig. 6 is a schematic diagram of checking a check value according to an embodiment of the present application.
Stage2 (second segment) represents a second Stage check, i.e. checking the first check value. The right side in fig. 6 shows a code segment part of an application program, and Stage1 chemer 1-Stage1 chemer 3 may be the first check code for checking the corresponding code to be checked. Stage2Checker1-Stage2Checker3 may be a second check code that checks the first check value.
The left side in fig. 6 shows a memory storing check values, and HashStore for Stage 1-HashStore for Stage 1-3 may be the first check value of the code to be checked corresponding to the first check code in the code segment portion. HashStore for Stage1 chemisters may have HashStore for Stage1 chess 1-HashStore for Stage1 chess 3 stored therein and may be used to verify the first verification value. The protection intervals of Stage2Checker1-Stage2Checker3 all comprise all first check values, namely all first check values can be checked by running any code in Stage2Checker1-Stage2Checker 3.
Based on the same inventive concept, the embodiment of the present application further provides a code verification device, referring to fig. 7, and fig. 7 is a structural diagram of the code verification device provided by the embodiment of the present application, where the device includes:
an acquiring module 701, configured to acquire a code segment portion and a data segment portion corresponding to an application program to be verified; wherein the code segment portion is: inserting each sub-original code contained in the original code into the original code of the application program to be verified, wherein the sub-original codes are respectively obtained by corresponding to the first verification codes;
the code to be verified determining module 702 is configured to determine, for each first verification code in the code segment portion, a sub-original code corresponding to the first verification code in the code segment portion as a code to be verified, by the first verification code when running to the first verification code;
a first check value obtaining module 703, configured to obtain, from the data segment portion, a check value of a code to be checked, which is generated in advance before the code segment portion is run, as a first check value;
a second check value calculating module 704, configured to calculate a check value of the current code to be checked, as a second check value;
the code to be checked exception determining module 705 is configured to determine that the current code to be checked is abnormal if the first check value is different from the second check value.
In one embodiment, the code segment portion further comprises: the second check codes are used for checking the first check values corresponding to the sub-original codes respectively; the first check values corresponding to the codes to be checked are stored in a plurality of storage positions of the data segment part, and each storage position stores the first check values corresponding to the codes to be checked;
the apparatus further comprises:
the first check value judging module is used for determining whether the first check values corresponding to the codes to be checked stored in the storage positions are the same or not according to each code to be checked through the second check codes when the codes to be checked are run to the second check codes;
and the first check value abnormality determining module is used for determining that the first check value corresponding to the current code to be checked is abnormal if the first check value abnormality determining module is different.
In one embodiment, the second check code is inserted in an objective function in the original code; the objective function is determined from the functions contained in the original code based on the number of times called during the running of the original code.
In one embodiment, the code segment portions are: for each sub-original code in the original codes, inserting a corresponding first check code into the sub-original code.
In one embodiment, at least two sub-original codes having overlapping portions exist in the respective sub-original codes.
The embodiment of the present application further provides an electronic device, as shown in fig. 8, including a processor 801, a communication interface 802, a memory 803, and a communication bus 804, where the processor 801, the communication interface 802, and the memory 803 complete communication with each other through the communication bus 804,
a memory 803 for storing a computer program;
the processor 801, when executing the program stored in the memory 803, implements the following steps:
acquiring a code segment part and a data segment part corresponding to an application program to be verified; wherein the code segment portion is: inserting each sub-original code contained in the original code into the original code of the application program to be verified, wherein the sub-original codes are respectively obtained by corresponding to the first verification codes;
for each first check code in the code segment part, when the code segment part runs to the first check code, determining a code corresponding to the first check code in the code segment part as a code to be checked through the first check code;
acquiring a check value of the code to be checked, which is generated in advance before the code segment part is operated, from the data segment part as a first check value;
calculating a check value of the current code to be checked as a second check value;
and if the first check value is different from the second check value, determining that the code to be checked is abnormal currently.
The communication bus mentioned by the above electronic device may be a peripheral component interconnect standard (Peripheral Component Interconnect, abbreviated as PCI) bus or an extended industry standard architecture (Extended Industry Standard Architecture, abbreviated as EISA) bus, or the like. The communication bus may be classified as an address bus, a data bus, a control bus, or the like. For ease of illustration, the figures are shown with only one bold line, but not with only one bus or one type of bus.
The communication interface is used for communication between the terminal and other devices.
The memory may include random access memory (Random Access Memory, RAM) or non-volatile memory (non-volatile memory), such as at least one disk memory. Optionally, the memory may also be at least one memory device located remotely from the aforementioned processor.
The processor may be a general-purpose processor, including a central processing unit (Central Processing Unit, CPU for short), a network processor (Network Processor, NP for short), etc.; but also digital signal processors (Digital Signal Processor, DSP for short), application specific integrated circuits (Application Specific Integrated Circuit, ASIC for short), field-programmable gate arrays (Field-Programmable Gate Array, FPGA for short) or other programmable logic devices, discrete gate or transistor logic devices, discrete hardware components.
In yet another embodiment of the present application, a computer readable storage medium is provided, in which a computer program is stored, which when executed by a processor, implements the code verification method according to any of the above embodiments.
In yet another embodiment of the present application, a computer program product comprising instructions which, when run on a computer, cause the computer to perform the code verification method of any of the above embodiments is also provided.
In the above embodiments, it may be implemented in whole or in part by software, hardware, firmware, or any combination thereof. When implemented in software, may be implemented in whole or in part in the form of a computer program product. The computer program product includes one or more computer instructions. When loaded and executed on a computer, produces a flow or function in accordance with embodiments of the present application, in whole or in part. The computer may be a general purpose computer, a special purpose computer, a computer network, or other programmable apparatus. The computer instructions may be stored in or transmitted from one computer-readable storage medium to another, for example, by wired (e.g., coaxial cable, optical fiber, digital Subscriber Line (DSL)), or wireless (e.g., infrared, wireless, microwave, etc.). The computer readable storage medium may be any available medium that can be accessed by a computer or a data storage device such as a server, data center, etc. that contains an integration of one or more available media. The usable medium may be a magnetic medium (e.g., floppy Disk, hard Disk, magnetic tape), an optical medium (e.g., DVD), or a semiconductor medium (e.g., solid State Disk (SSD)), etc.
It is noted that relational terms such as first and second, and the like are used solely to distinguish one entity or action from another entity or action without necessarily requiring or implying any actual such relationship or order between such entities or actions. Moreover, the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus. Without further limitation, an element defined by the phrase "comprising one … …" does not exclude the presence of other like elements in a process, method, article, or apparatus that comprises the element.
In this specification, each embodiment is described in a related manner, and identical and similar parts of each embodiment are all referred to each other, and each embodiment mainly describes differences from other embodiments. In particular, for the apparatus, electronic device, computer readable storage medium, and computer program product embodiments, the description is relatively simple, as relevant to the method embodiments being referred to in the section of the description of the method embodiments.
The foregoing description is only of the preferred embodiments of the present application and is not intended to limit the scope of the present application. Any modification, equivalent replacement, improvement, etc. made within the spirit and principle of the present application are included in the protection scope of the present application.
Claims (8)
1. A code verification method, the method comprising:
acquiring a code segment part and a data segment part corresponding to an application program to be checked; wherein the code segment portion is: inserting each sub-original code contained in the original code into the original code of the application program to be verified, wherein the sub-original codes are respectively obtained by corresponding to the first verification codes;
for each first check code in the code segment part, when the code segment part runs to the first check code, determining a code corresponding to the first check code in the code segment part as a code to be checked through the first check code;
acquiring a check value of the code to be checked, which is generated in advance before the code segment part is operated, from the data segment part as a first check value;
calculating a check value of the current code to be checked as a second check value;
if the first check value is different from the second check value, determining that the current code to be checked is abnormal;
the code segment portion further includes: the second check codes are used for checking the first check values corresponding to the sub-original codes respectively; the first check values corresponding to the codes to be checked are stored in a plurality of storage positions of the data segment part, and each storage position stores the first check values corresponding to the codes to be checked;
the method further comprises the steps of:
when the operation is performed to the second check code, determining whether a plurality of first check values corresponding to each code to be checked stored in the plurality of storage positions are the same or not according to the second check code;
and if the first check values are different, determining that the first check values corresponding to the current codes to be checked are abnormal.
2. The method according to claim 1, characterized in that the second check code is inserted in an objective function in the original code; the objective function is determined from functions contained in the original code based on the number of times of being called in the running process of the original code.
3. The method of claim 1, wherein the code segment portions are: and for each sub-original code in the original codes, inserting a corresponding first check code into the sub-original code.
4. A method according to any one of claims 1-3, characterized in that at least two sub-original codes with overlapping parts are present in each sub-original code.
5. A code verification apparatus, the apparatus comprising:
the acquisition module is used for acquiring a code segment part and a data segment part corresponding to the application program to be checked; wherein the code segment portion is: inserting each sub-original code contained in the original code into the original code of the application program to be verified, wherein the sub-original codes are respectively obtained by corresponding to the first verification codes;
the code to be verified determining module is used for determining a code corresponding to each first verification code in the code segment part through the first verification code when the code runs to the first verification code, and the code corresponding to the first verification code in the code segment part is used as the code to be verified;
a first check value obtaining module, configured to obtain, from the data segment portion, a check value of the code to be checked, which is generated in advance before the code segment portion is run, as a first check value;
the second check value calculation module is used for calculating the check value of the current code to be checked and taking the current check value as a second check value;
the code to be checked is abnormal, if the first check value is different from the second check value, determining that the current code to be checked is abnormal;
the code segment portion further includes: the second check codes are used for checking the first check values corresponding to the sub-original codes respectively; the first check values corresponding to the codes to be checked are stored in a plurality of storage positions of the data segment part, and each storage position stores the first check values corresponding to the codes to be checked;
the apparatus further comprises:
the first check value judging module is used for determining whether a plurality of first check values corresponding to each code to be checked stored in the plurality of storage positions are the same or not according to the second check code when the code to be checked runs to the second check code;
and the first check value abnormality determining module is used for determining that the first check value corresponding to the current code to be checked is abnormal if the first check value abnormality determining module is different.
6. The apparatus of claim 5, wherein the second check code is inserted in an objective function in the original code; the objective function is determined from functions contained in the original code based on the number of times of being called in the running process of the original code.
7. The electronic equipment is characterized by comprising a processor, a communication interface, a memory and a communication bus, wherein the processor, the communication interface and the memory are communicated with each other through the communication bus;
a memory for storing a computer program;
a processor for carrying out the method steps of any one of claims 1-4 when executing a program stored on a memory.
8. A computer-readable storage medium, characterized in that the computer-readable storage medium has stored therein a computer program which, when executed by a processor, implements the method steps of any of claims 1-4.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202110973894.2A CN113656043B (en) | 2021-08-24 | 2021-08-24 | Code verification method and device, electronic equipment and storage medium |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202110973894.2A CN113656043B (en) | 2021-08-24 | 2021-08-24 | Code verification method and device, electronic equipment and storage medium |
Publications (2)
Publication Number | Publication Date |
---|---|
CN113656043A CN113656043A (en) | 2021-11-16 |
CN113656043B true CN113656043B (en) | 2023-09-05 |
Family
ID=78492662
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN202110973894.2A Active CN113656043B (en) | 2021-08-24 | 2021-08-24 | Code verification method and device, electronic equipment and storage medium |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN113656043B (en) |
Citations (7)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101295278A (en) * | 2007-04-23 | 2008-10-29 | 大唐移动通信设备有限公司 | Method and device for locating course of overwritten code segment |
DE102014203963A1 (en) * | 2014-03-05 | 2015-09-10 | Robert Bosch Gmbh | Method and device for controlling a memory |
CN104932902A (en) * | 2015-07-09 | 2015-09-23 | 魅族科技(中国)有限公司 | Method for generating APK file and terminal |
CN107870793A (en) * | 2017-12-22 | 2018-04-03 | 上海众人网络安全技术有限公司 | The method and device of SO files is loaded in a kind of application program |
CN110245523A (en) * | 2019-05-22 | 2019-09-17 | 北京奇艺世纪科技有限公司 | A kind of data verification method, system and device and computer readable storage medium |
US10467390B1 (en) * | 2016-08-18 | 2019-11-05 | Snap Inc. | Cyclically dependent checks for software tamper-proofing |
CN112613037A (en) * | 2020-12-29 | 2021-04-06 | 北京永新视博数字电视技术有限公司 | Code checking method and device |
Family Cites Families (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US7581103B2 (en) * | 2001-06-13 | 2009-08-25 | Intertrust Technologies Corporation | Software self-checking systems and methods |
US7953980B2 (en) * | 2005-06-30 | 2011-05-31 | Intel Corporation | Signed manifest for run-time verification of software program identity and integrity |
US20130347109A1 (en) * | 2012-06-21 | 2013-12-26 | Cisco Technology, Inc. | Techniques for Detecting Program Modifications |
US20160357958A1 (en) * | 2015-06-08 | 2016-12-08 | Michael Guidry | Computer System Security |
-
2021
- 2021-08-24 CN CN202110973894.2A patent/CN113656043B/en active Active
Patent Citations (7)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101295278A (en) * | 2007-04-23 | 2008-10-29 | 大唐移动通信设备有限公司 | Method and device for locating course of overwritten code segment |
DE102014203963A1 (en) * | 2014-03-05 | 2015-09-10 | Robert Bosch Gmbh | Method and device for controlling a memory |
CN104932902A (en) * | 2015-07-09 | 2015-09-23 | 魅族科技(中国)有限公司 | Method for generating APK file and terminal |
US10467390B1 (en) * | 2016-08-18 | 2019-11-05 | Snap Inc. | Cyclically dependent checks for software tamper-proofing |
CN107870793A (en) * | 2017-12-22 | 2018-04-03 | 上海众人网络安全技术有限公司 | The method and device of SO files is loaded in a kind of application program |
CN110245523A (en) * | 2019-05-22 | 2019-09-17 | 北京奇艺世纪科技有限公司 | A kind of data verification method, system and device and computer readable storage medium |
CN112613037A (en) * | 2020-12-29 | 2021-04-06 | 北京永新视博数字电视技术有限公司 | Code checking method and device |
Also Published As
Publication number | Publication date |
---|---|
CN113656043A (en) | 2021-11-16 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN111064745B (en) | Self-adaptive back-climbing method and system based on abnormal behavior detection | |
CN108446407B (en) | Database auditing method and device based on block chain | |
US20200235947A1 (en) | Changing smart contracts recorded in block chains | |
CN112187773B (en) | Network security vulnerability mining method and device | |
CN108334753B (en) | Pirate application verification method and distributed server node | |
CN108769070A (en) | One kind is gone beyond one's commission leak detection method and device | |
CN111683084B (en) | Intelligent contract intrusion detection method and device, terminal equipment and storage medium | |
CN113656042B (en) | Code generation method and device, electronic equipment and storage medium | |
CN111679968A (en) | Interface calling abnormity detection method and device, computer equipment and storage medium | |
CN111431908B (en) | Access processing method and device, management server and readable storage medium | |
JP7019533B2 (en) | Attack detection device, attack detection system, attack detection method and attack detection program | |
KR20200115730A (en) | System and method for generating software whistlist using machine run | |
CN113656043B (en) | Code verification method and device, electronic equipment and storage medium | |
CN108647516B (en) | Method and device for defending against illegal privilege escalation | |
CN111885088A (en) | Log monitoring method and device based on block chain | |
CN116248381A (en) | Alarm aggregation method and device, electronic equipment and storage medium | |
CN109582454A (en) | Permission releasing control method, device and equipment in a kind of distributed storage cluster | |
CN113704255A (en) | Data insertion method and device, and data verification method and device | |
CN113239407A (en) | Block chain decision point selection method and device, electronic equipment and storage medium | |
CN108133149B (en) | Data protection method and device and electronic equipment | |
CN111475400A (en) | Verification method of service platform and related equipment | |
CN111967043B (en) | Method, device, electronic equipment and storage medium for determining data similarity | |
CN115484105B (en) | Modeling method and device for attack tree, electronic equipment and readable storage medium | |
CN114386751B (en) | Optimal system security strategy intelligent generation method based on iterative defense deduction | |
CN111324505B (en) | Log collection method and device, electronic equipment and storage medium |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant |