CN114912110A - Js code security detection method and system - Google Patents
Js code security detection method and system Download PDFInfo
- Publication number
- CN114912110A CN114912110A CN202210279951.1A CN202210279951A CN114912110A CN 114912110 A CN114912110 A CN 114912110A CN 202210279951 A CN202210279951 A CN 202210279951A CN 114912110 A CN114912110 A CN 114912110A
- Authority
- CN
- China
- Prior art keywords
- function
- processing
- code
- closure
- intermediate representation
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
- G06F21/56—Computer malware detection or handling, e.g. anti-virus arrangements
- G06F21/562—Static detection
- G06F21/563—Static detection by source code analysis
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F40/00—Handling natural language data
- G06F40/20—Natural language analysis
- G06F40/279—Recognition of textual entities
- G06F40/284—Lexical analysis, e.g. tokenisation or collocates
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F40/00—Handling natural language data
- G06F40/30—Semantic analysis
Abstract
The invention provides a node.js code security detection method and a system, which relate to the field of computer network security, and are used for carrying out TypeScript processing on a program code to be detected and a third-party library code used by the program code, and packaging the processed program code into a program code in a single file form; compiling the packaged program code into an abstract syntax tree, and performing staticizing processing on dynamic characteristics in the program code; compiling the abstract syntax tree after the staticizing treatment into intermediate representation, and marking an entry function, a danger function and a harmless treatment function; and constructing a value flow graph for the marked intermediate representation, performing bidirectional taint analysis on the graph, and searching for a potential risk utilization path. The invention makes up the defect that the existing detection method can not detect the security risk of codes in complex control flow and data flow, and effectively improves the security of node.
Description
Technical Field
The invention relates to the field of computer network security, in particular to a node.js code security detection method and system based on static analysis.
Background
With the development of the internet, the JavaScript in the programming language plays an increasingly important role in the modern Web world, and due to the appearance of the node. However, compared with users of other Web backend languages such as Java, a considerable part of users of node.js do not receive the Web backend development training of the system, and the security awareness is poor, so that the security of many software projects based on node.js cannot be guaranteed. Js official package management platform npm also shows an increasing trend in the number of security holes in software libraries year by year.
Developers need to perform complete security filtering for user input to avoid the bugs, but with the increase of program complexity, the developers cannot guarantee the completeness of the test, and at this time, a bug scanner or a static code security analysis tool needs to be used. The existing security detection method and tool for node.js codes mainly comprise: carrying out specific grammar check on the code by using a safety rule built in a code style checking tool such as ESLint; using a node.js special safety inspection tool such as semgarep and nodejsscan to carry out pattern matching on the code text; the node. js code is statically analyzed at the level of an abstract syntax tree by using a JavaScript commercial program analysis product such as SonarJS.
The first two solutions have the defects that semantic information is not checked, the pattern matching rules are seriously relied on, and the security risk of codes with complex control flow and data flow cannot be detected. And the third kind of solution constructs control flow and data flow on an abstract syntax tree, so that the algorithm complexity is high, the detection time is long, and the detection efficiency is low.
Disclosure of Invention
In order to solve the problems that the prior art cannot detect the security risk and the detection efficiency of the node.js code with complex control flow and data flow, the invention provides a node.js code security detection method and system based on static analysis.
In order to achieve the purpose, the invention adopts the following specific technical scheme:
a node.js code security detection method, comprising the steps of:
1) carrying out TypeScript processing on a program code to be detected and a third-party library code used in the program code, and packaging the processed program code into a program code in a single file form by using a code packager;
2) compiling the packaged program codes into an abstract syntax tree, and performing staticizing processing on dynamic characteristics in the program codes on the abstract syntax tree;
3) compiling the abstract syntax tree after the staticizing treatment into intermediate representation, and marking an entry function, a danger function and a harmless treatment function on the intermediate representation according to a predefined rule;
4) and constructing a value flow graph for the marked intermediate representation, performing bidirectional taint analysis on the value flow graph, and searching for a potential risk utilization path.
Further, the step 1) of performing TypeScript processing on the program code to be detected comprises type derivation and derivation failure part function rewriting; the step of TypeScript processing of the third party library code includes type declaration searching, type derivation, and derivation of failed part function rewrites.
Further, the step 2) of compiling the program code into an abstract syntax tree includes lexical analysis, syntax analysis and semantic analysis, and the steps are mainly realized by a TypeScript compiler.
Further, the step 2) of performing staticizing processing on the dynamic characteristics in the program code on the abstract syntax tree includes: the method comprises the following steps of syntax desugaring, object literal processing, any type processing and closure processing, wherein the syntax desugaring is the process of converting high-level syntax sugar into equivalent common code syntax, and the object literal processing, any type processing and closure processing are all processes of converting dynamic code into static code; wherein the content of the first and second substances,
the method for processing the literal quantity of the object comprises the following steps: processing the word sizes of the objects by using a hidden class technology, constructing a reference relation among different word sizes of the objects by traversing an abstract syntax tree, then carrying out topological sorting according to the reference relation of the word sizes of the objects (the word sizes of the objects which do not refer to other word sizes of the objects are in front), sequentially analyzing the type (combination of each attribute name and the type) of each word size of the objects according to the sorting, constructing a hidden class for each word size of the objects, and finally rewriting the statement of the word sizes of the objects into instantiation of the hidden classes;
the method of any type of processing is: processing any type by using a type conversion technology, preparing a conversion function of any type and other known types in advance, and rewriting the place where any type appears into the calling of the type conversion function by using a minimization principle;
the closure processing method comprises the following steps: processing the closure by using an explicit scope technology, generating a scope class and a closure function class for each closure, and rewriting the inner-layer function based on the scope class; the scope class comprises variables of an outer scope used by the closure, and the closure function class comprises an example of the rewritten inner layer function and the scope class and a method for calling the rewritten inner layer function; then, the original closure is rewritten into instantiation of the scope class and instantiation of the closure function class, and the call of the closure is rewritten into the method call of the closure function class instance.
Further, the method for compiling the abstract syntax tree into the intermediate representation in the step 3) is to traverse the abstract syntax tree in a recursive descending manner, and convert the abstract syntax tree of the tree structure with a higher abstraction level into a linear intermediate representation instruction sequence with a lower abstraction level.
Further, step 3) marks an entry function, a danger function and a harmless treatment function on the intermediate representation according to a predefined rule in the prior knowledge base, and comprises the following steps: and on the intermediate representation, a function corresponding to the Source rule in the prior knowledge base is marked as an entry function, a function corresponding to the Sink rule in the prior knowledge base is marked as a danger function, and a function corresponding to the Sanitizer rule in the prior knowledge base is marked as a harmless treatment function.
Further, the step 4) of constructing the value flow graph includes: constructing an in-process control flow graph and a function call graph, and combining the in-process control flow graph and the function call graph into an inter-process control flow graph; traversing all the processing of values on the control flow graph in the process, establishing assignment relations among the values, and constructing a program assignment graph; performing pointer analysis on the program assigned value graph to determine the pointing relation of the pointer; and constructing a value flow graph by using the program assigned value graph and the result of pointer analysis.
Further, the bidirectional taint analysis in the step 4) comprises forward taint analysis and backward taint analysis, wherein the forward taint analysis is used for carrying out forward propagation on taints according to value streams by taking the Source point as a starting point and is suitable for the condition of data stream convergence; backward taint analysis carries out backward propagation on taints according to value flow by taking Sink points as starting points, and the method is suitable for the condition of data flow divergence.
Js code security detection system, comprising:
the preset processing module is used for carrying out TypeScript processing on the program code to be detected and the third-party library code and packaging the codes in a multi-file form into a single-file form;
the compiling front end and dynamic characteristic processing module is used for compiling the codes into an abstract syntax tree and processing the literal quantity, any type and closure dynamic characteristics of the objects on the abstract syntax tree;
the intermediate representation generator module is used for converting the abstract syntax tree of the tree structure with higher abstract level into a linear intermediate representation instruction sequence with lower abstract level;
the function marking module marks an entry function, a danger function and a harmless treatment function on the intermediate representation according to a predefined rule in the prior knowledge base;
the value flow graph building module is used for building graph structures related to control flow and data flow on the intermediate representation, performing pointer analysis and building a value flow graph;
and the taint analysis module is used for performing forward taint analysis and backward taint analysis on the intermediate representation and searching for a potential risk utilization path.
The invention has the following positive effects:
the invention adds the code semantic information, namely the control flow information and the data flow information, as the main characteristics of the node. Nowadays, with the rapid development of the internet, node.js codes are more and more huge and complex, and the security risk in the node.js codes cannot be effectively detected only by depending on grammar check or text pattern matching. In addition, in the technical field, currently, code detection is usually analyzed at an abstract syntax tree level, and most of the code detection is analyzed at a syntax level without utilizing semantic information contained in the code; for the analysis of part of semantic information contained in the abstract syntax tree, the complexity of the analysis algorithm is very high and the analysis effect and performance are not satisfactory due to the natural defects of the abstract syntax tree. The invention is innovative in that the abstract syntax tree of the tree structure is compiled into linear intermediate representation and then analyzed, thereby improving the analysis effect and reducing the analysis time; the dynamic static processing means used in the compiling process can enable the JavaScript language running on node. js to be analyzed on the intermediate representation level like static languages such as Java and C + +. The invention can build control flow and data flow by compiling node.js into intermediate representation with lower abstract degree, and perform taint analysis on the basis, thereby expanding the safety risk detection range in the node.js code and effectively improving the safety of the node.js code.
Drawings
Fig. 1 is a flowchart of a node.js code security detection method proposed by the present invention.
Fig. 2 is a process flow diagram of the preset processing module.
FIG. 3 is a flowchart of the process of the compile front end and dynamics processing module.
FIG. 4 is a process flow diagram of a value flow graph building module.
FIG. 5 is source code text of example code.
FIG. 6 is a screenshot of intermediate representation code compiled from example code.
Fig. 7 and 8 are interprocess control-flow diagrams corresponding to example code.
FIG. 9 is a diagram of a function call corresponding to an example code.
Detailed Description
In order to make the technical solutions in the embodiments of the present invention better understood and make the objects, features, and advantages of the present invention more comprehensible, the present invention is further described in detail with reference to the accompanying drawings and the embodiments.
A method for detecting node.js code security is provided in this embodiment, as shown in fig. 1, and specifically includes the following steps:
step 100: js program codes (see an example shown in fig. 5) to be detected and third-party library codes used in the program codes are obtained, TypeScript processing is performed on the two codes, and the processed program codes are packaged into program codes in a single file form.
Step 200: compiling the packaged program codes into an abstract syntax tree through three compiling front-end steps of lexical analysis, syntax analysis and semantic analysis, then performing primary abstract level degradation on the abstract syntax tree through a syntax desugaring step, and finally converting the dynamic characteristics in the abstract syntax tree into analytically equivalent static characteristics through three staticizing processing steps of object literal processing, arbitrary type processing and closure processing. The syntax desugaring is to convert high-level syntax sugar into equivalent common code syntax, and the object literal processing, the arbitrary type processing and the closure processing are all processes to convert dynamic codes into static codes; the method for processing in any type comprises the following steps: processing the word sizes of the objects by using a hidden class technology, constructing a reference relation among different word sizes of the objects by traversing an abstract syntax tree, then carrying out topological sorting according to the reference relation of the word sizes of the objects (the word sizes of the objects which do not refer to other word sizes of the objects are in front), sequentially analyzing the type (combination of each attribute name and the type) of each word size of the objects according to the sorting, constructing a hidden class for each word size of the objects, and finally rewriting the statement of the word sizes of the objects into instantiation of the hidden classes; the method of any type of processing is: processing any type by using a type conversion technology, preparing a conversion function of any type and other known types in advance, and rewriting the place where any type appears into the calling of the type conversion function by using a minimization principle; the closure processing method comprises the following steps: processing the closure by using an explicit scope technology, generating a scope class and a closure function class for each closure, and rewriting the inner-layer function based on the scope class; the scope class includes the variables of the outer scope used by the closure, the closure function class includes the instance of the inner function and scope class after rewriting, and the method of calling the inner function after rewriting. And then, the original closure is rewritten into instantiation of the scope class and instantiation of the closure function class, and the call of the closure is rewritten into method call of the closure function class instance.
Step 300: traversing the abstract syntax tree in a recursive descending mode, converting the abstract syntax tree of a tree structure with higher abstract level into a linear intermediate representation instruction sequence with lower abstract level, and further reducing the abstract level. The generated intermediate representation sequence is an example as shown in fig. 6.
Step 400: js code safety detection related prior knowledge base is introduced, a function corresponding to a Source rule in the prior knowledge base is marked as an entry function on the intermediate representation, a function corresponding to a Sink rule in the prior knowledge base is marked as a danger function, a function corresponding to a Sanitizer rule in the prior knowledge base is marked as a harmless treatment function, and a function which is subjected to any type of treatment step in the step 200 is marked as a function capable of carrying out taint propagation. The entry function comprises an external input and an upload function, the hazard function comprises a code execution function, a system command execution function and an original SQL execution function, and the innocent treatment function comprises a safety function for preventing injection in an ORM framework and a function in common Sanitizer middleware. After this step, the source function in the intermediate instruction sequence of fig. 6 is labeled as the entry function, and the sink function is labeled as the hazard function.
Step 500: building an intra-process control flow graph (see an example shown in figures 7-8) and a function call graph (see an example shown in figure 9) on the intermediate representation, and combining the intra-process control flow graph and the function call graph into an inter-process control flow graph; traversing all the processing of values on the control flow graph in the process, establishing assignment relations among the values, and constructing a program assignment graph; and performing pointer analysis on the program assigned value graph, determining the pointing relation of the pointer, and constructing a value flow graph by using the program assigned value graph and the result of the pointer analysis.
Step 600: and performing forward taint analysis and backward taint analysis simultaneously on the value flow graph in a multi-thread mode, wherein the forward taint analysis is to forward propagate taint data according to value flow by taking the entry function as a starting point, and the backward taint analysis is to start the danger function and to backward propagate taint according to value flow. The forward taint analysis algorithm is that firstly all Source nodes are put into a work queue, then the nodes are taken out from the work queue in sequence, if the nodes are Sink nodes, the nodes are put into a result set, if the nodes are not Sink nodes, all subsequent nodes of the nodes are put into the work queue, and the loop execution is continuously carried out like this until the work queue is empty, and finally, a path formed by each pair of Source nodes and Sink nodes in the result set is a code execution path with safety risk, and the backward taint analysis algorithm is similar. Because the value flow graph is a directed graph with no loops, the algorithm must stop.
Js code security detection system, including: the system comprises a preset processing module, a compiling front end and dynamic characteristic processing module, an intermediate representation generator module, a function marking module, a value flow graph building module and a taint analysis module. The preset processing module is used for carrying out TypeScript processing on the program code to be detected and the third-party library code, and packaging the code in the form of multiple files into a single file. The compiling front end and dynamic characteristic processing module is used for compiling the codes into an abstract syntax tree and processing the literal quantity, any type and closure dynamic characteristics of the objects on the abstract syntax tree. The intermediate representation generator module is used for converting the abstract syntax tree of the tree structure with higher abstraction level into a linear intermediate representation instruction sequence with lower abstraction level. The function marking module marks an entry function, a danger function and a harmless treatment function on the intermediate representation according to a predefined rule in the prior knowledge base. And the value flow graph construction module is used for constructing graph structures related to control flow and data flow on the intermediate representation, performing pointer analysis and constructing a value flow graph. The taint analysis module is configured to perform forward taint analysis and backward taint analysis on the intermediate representation to search for a potential risk utilization path.
Fig. 2 is a flowchart illustrating the processing of the preset processing module, which is specifically described as follows:
step 110: and initiating a type declaration search request to the open library type platform DefinitelyTyped to find out whether a third-party library provides a type declaration file.
Step 120: and performing type derivation on the code to be detected and the third-party library code by using a type derivation function of a type checker in the TypeScript compiler, wherein the derivation range comprises but is not limited to a variable type, an object literal internal field type, a function parameter type and a function return type.
Step 130: and (3) performing default processing on the entity with the type derivation failure in the step (120), marking the variable with the type derivation failure as any type, and rewriting the function with the type derivation failure into a null function which can be propagated.
Step 140: type annotations are explicitly completed into the code based on the results of the type derivation in step 120.
Step 150: and packaging the project codes and the third-party library codes organized in the form of multiple directories/multiple files by using a code packager, wherein the packaged output result is the codes in the form of a single file.
FIG. 3 is a flowchart illustrating the process of compiling the front end and the dynamic property processing module, which is described in detail as follows:
step 210: and performing lexical analysis, syntactic analysis and semantic analysis on the code by using a TypeScript compiler to obtain a syntax tree.
Step 220: and (4) carrying out syntax desugaring on part of high-level characteristics in the abstract syntax tree, and converting the high-level characteristics into equivalent common syntax characteristics.
Step 230: and processing the object literal volume by using a hidden class technology, and rewriting the statement of the object literal volume into an instantiation of a hidden class.
Step 240: and processing the arbitrary type by using a type conversion technology, and rewriting the arbitrary type into the calling of the type conversion function.
Step 250: and processing the closure by using an explicit scope technology, changing the declaration of the closure into instantiation of a scope class and instantiation of a closure function class, and rewriting the call of the closure into a method call of a closure function class instance.
Fig. 4 is a flowchart illustrating a processing procedure of a value flow graph building block, which is specifically described as follows:
step 510: and dividing the intermediate representation instruction sequence into basic blocks, and constructing an internal control flow graph in the process by using the basic blocks as nodes to construct a top-level scope and each function scope.
Step 520: and connecting the function calling point and the called function on the intermediate representation to construct a function calling graph.
Step 530: and combining the in-process control flow graph and the function call graph to obtain the in-process control flow graph.
Step 540: and traversing all processing instructions related to the values on the control flow graph in the process, establishing assignment relations among the values, and constructing a program assignment graph.
Step 550: and performing standard Andersen pointer analysis on the program assigned value graph to determine the pointing relationship of the pointer.
Step 560: and combining the program assigned value graph and the analysis result of the pointer analysis to construct a value flow graph.
Finally, it should be noted that the above embodiments are only for illustrating the technical solutions of the present invention and not for limiting, and although the present invention is described in detail by using examples, it should be understood by those skilled in the art that modifications or equivalent substitutions may be made on the technical solutions of the present invention without departing from the spirit and scope of the technical solutions of the present invention, which should be covered in the claims of the present invention.
Claims (10)
1. Js code security detection method, characterized by comprising the following steps:
carrying out TypeScript processing on the program code to be detected and a third-party library code used in the program code, and packaging the processed program code into a program code in a single file form by using a code packager;
compiling the packaged program codes into an abstract syntax tree, and performing staticizing processing on dynamic characteristics in the program codes on the abstract syntax tree;
compiling the abstract syntax tree after the staticizing treatment into intermediate representation, and marking an entry function, a danger function and a harmless treatment function on the intermediate representation according to a predefined rule;
and constructing a value flow graph for the marked intermediate representation, performing bidirectional taint analysis on the value flow graph, and searching for a potential risk utilization path.
2. The method of claim 1, wherein the step of TypeScript processing the program code to be detected includes type derivation and derivation failure part function rewriting; the step of TypeScript processing of the third party library code includes type declaration searching, type derivation, and derivation of failed part function rewrites.
3. The method of claim 1, wherein the step of compiling the program code into an abstract syntax tree includes lexical analysis, syntactic analysis, and semantic analysis, the steps being implemented by a TypeScript compiler.
4. The method of claim 1, wherein the step of staticizing the dynamic properties in the program code on the abstract syntax tree comprises: syntax desugaring, object literal processing, arbitrary type processing, and closure processing, wherein syntax desugaring is the process of converting high-level syntax sugars into equivalent common code syntax, and object literal processing, arbitrary type processing, and closure processing are the processes of converting dynamic code into static code.
5. The method of claim 4, wherein the object literal processing method is: processing the word sizes of the objects by using a hidden class technology, constructing a reference relation among different word sizes of the objects by traversing an abstract syntax tree, then carrying out topological sorting according to the reference relation of the word sizes of the objects, sequentially analyzing the type of each word size of the objects according to the sorting, constructing a hidden class for each word size of the objects, and finally rewriting the statement of the word sizes of the objects into instantiation of the hidden classes;
the method of any type of processing is: processing any type by using a type conversion technology, preparing a conversion function of any type and other known types in advance, and rewriting the place where any type appears into the calling of the type conversion function by using a minimization principle;
the closure processing method comprises the following steps: processing the closure by using an explicit scope technology, generating a scope class and a closure function class for each closure, and rewriting the inner-layer function based on the scope class; the scope class comprises variables of an outer scope used by the closure, and the closure function class comprises rewritten examples of an inner layer function and the scope class and a method for calling the rewritten inner layer function; then, the original closure is rewritten into instantiation of the scope class and instantiation of the closure function class, and the call of the closure is rewritten into the method call of the closure function class instance.
6. The method of claim 1, wherein compiling the abstract syntax trees into the intermediate representation is by traversing the abstract syntax trees in a recursive descending manner, converting tree-structured abstract syntax trees with a higher level of abstraction into a linear intermediate representation instruction sequence with a lower level of abstraction.
7. The method of claim 1, wherein marking the entry function, the hazard function, and the detoxification function on the intermediate representation according to rules predefined in a priori knowledge base comprises: and on the intermediate representation, marking a function corresponding to a Source rule in the prior knowledge base as an entry function, marking a function corresponding to a Sink rule in the prior knowledge base as a danger function, and marking a function corresponding to a Sanitizer rule in the prior knowledge base as a harmless treatment function.
8. The method of claim 1, wherein the step of constructing a value flow graph comprises: constructing an in-process control flow graph and a function call graph, and combining the in-process control flow graph and the function call graph into an inter-process control flow graph; traversing all the processing of values on the control flow graph in the process, establishing assignment relations among the values, and constructing a program assignment graph; performing pointer analysis on the program assigned value graph to determine the pointing relation of the pointer; and constructing a value flow graph by using the program assigned value graph and the result of pointer analysis.
9. The method of claim 1, wherein the bidirectional taint analysis comprises a forward taint analysis and a backward taint analysis, wherein the forward taint analysis forward propagates taints according to a value stream with a Source point as a starting point, and is suitable for a case of data stream convergence; backward taint analysis carries out backward propagation on taints according to value flow by taking Sink points as starting points, and the method is suitable for the condition of data flow divergence.
10. A node.js code security detection system implementing the method of any of claims 1-9, comprising:
the preset processing module is used for carrying out TypeScript processing on the program code to be detected and the third-party library code and packaging the code in a multi-file form into a single-file form;
the compiling front end and dynamic characteristic processing module is used for compiling the codes into an abstract syntax tree and processing the literal quantity, any type and closure dynamic characteristics of the objects on the abstract syntax tree;
the intermediate representation generator module is used for converting the abstract syntax tree of the tree structure with higher abstract level into a linear intermediate representation instruction sequence with lower abstract level;
the function marking module marks an entry function, a danger function and a harmless treatment function on the intermediate representation according to a predefined rule in the prior knowledge base;
the value flow graph building module is used for building graph structures related to control flow and data flow on the intermediate representation, performing pointer analysis and building a value flow graph;
and the taint analysis module is used for performing forward taint analysis and backward taint analysis on the intermediate representation and searching for a potential risk utilization path.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202210279951.1A CN114912110A (en) | 2022-03-21 | 2022-03-21 | Js code security detection method and system |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202210279951.1A CN114912110A (en) | 2022-03-21 | 2022-03-21 | Js code security detection method and system |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN114912110A true CN114912110A (en) | 2022-08-16 |
Family
ID=82762441
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202210279951.1A Pending CN114912110A (en) | 2022-03-21 | 2022-03-21 | Js code security detection method and system |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN114912110A (en) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN117556431A (en) * | 2024-01-12 | 2024-02-13 | 北京北大软件工程股份有限公司 | Mixed software vulnerability analysis method and system |
-
2022
- 2022-03-21 CN CN202210279951.1A patent/CN114912110A/en active Pending
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN117556431A (en) * | 2024-01-12 | 2024-02-13 | 北京北大软件工程股份有限公司 | Mixed software vulnerability analysis method and system |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US11036614B1 (en) | Data control-oriented smart contract static analysis method and system | |
| Zheng et al. | Z3-str: A z3-based string solver for web application analysis | |
| US9122540B2 (en) | Transformation of computer programs and eliminating errors | |
| Costantini et al. | A suite of abstract domains for static analysis of string values | |
| WO2017196381A1 (en) | Systems and methods for model-based analysis of software | |
| CN104573503B (en) | The detection method and device that a kind of internal storage access overflows | |
| CN102662825B (en) | Method for detecting memory leakage of heap operational program | |
| CN110059006B (en) | Code auditing method and device | |
| US8984495B2 (en) | Enhanced string analysis that improves accuracy of static analysis | |
| CN113901083B (en) | Heterogeneous data source operation resource analysis positioning method and equipment based on multiple resolvers | |
| CN114911711A (en) | Code defect analysis method and device, electronic equipment and storage medium | |
| CN114912110A (en) | Js code security detection method and system | |
| Lerner et al. | Combining form and function: Static types for JQuery programs | |
| CN111222141B (en) | Automobile electronic control unit code vulnerability analysis method and system | |
| Negrini et al. | Twinning automata and regular expressions for string static analysis | |
| US11023214B2 (en) | System and method for eliminating runtime out-of-bounds errors and exceptions | |
| Mota et al. | Model checking CML: tool development and industrial applications | |
| CN114691197A (en) | Code analysis method and device, electronic equipment and storage medium | |
| Grigorev et al. | GLR-based abstract parsing | |
| Grigorev et al. | String-embedded language support in integrated development environment | |
| Pereira | Towards certified program logics for the verification of imperative programs | |
| Keidel et al. | Toward abstract interpretation of program transformations | |
| Reiss | Continuous Flow Analysis to Detect Security Problems | |
| Borodin et al. | Static analyzer for Go | |
| CN114138425B (en) | Method and device for generating form based on formula |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination |