CN115455437A - Code unauthorized detection method and device, electronic equipment and storage medium - Google Patents

Code unauthorized detection method and device, electronic equipment and storage medium Download PDF

Info

Publication number
CN115455437A
CN115455437A CN202211301105.1A CN202211301105A CN115455437A CN 115455437 A CN115455437 A CN 115455437A CN 202211301105 A CN202211301105 A CN 202211301105A CN 115455437 A CN115455437 A CN 115455437A
Authority
CN
China
Prior art keywords
request
code
request parameter
detected
parameter
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202211301105.1A
Other languages
Chinese (zh)
Inventor
王杰
何文麟
王宾
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Agricultural Bank of China
Original Assignee
Agricultural Bank of China
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Agricultural Bank of China filed Critical Agricultural Bank of China
Priority to CN202211301105.1A priority Critical patent/CN115455437A/en
Publication of CN115455437A publication Critical patent/CN115455437A/en
Pending legal-status Critical Current

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/57Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
    • G06F21/577Assessing vulnerabilities and evaluating computer system security
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/03Indexing scheme relating to G06F21/50, monitoring users, programs or devices to maintain the integrity of platforms
    • G06F2221/033Test or assess software

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • Computer Security & Cryptography (AREA)
  • General Engineering & Computer Science (AREA)
  • Software Systems (AREA)
  • Theoretical Computer Science (AREA)
  • Computing Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Storage Device Security (AREA)

Abstract

The invention discloses a code unauthorized detection method and device, electronic equipment and a storage medium. The method comprises the following steps: acquiring a code to be detected; determining at least one request parameter based on the code to be detected; traversing each request parameter, and determining the marking information corresponding to the request parameter based on the request parameter for any request parameter; and performing horizontal override detection based on the labeling information corresponding to the request parameters to obtain an override detection result. By the technical scheme, code level override automatic detection is realized, and code level override detection efficiency is improved.

Description

Code unauthorized detection method and device, electronic equipment and storage medium
Technical Field
The present invention relates to the field of data processing technologies, and in particular, to a code unauthorized detection method and apparatus, an electronic device, and a storage medium.
Background
With the development of the internet, particularly the mobile internet, the number of netizens increases, the network application is more and more popular among people, and meanwhile, the network security becomes a key problem.
The attack of lawless persons on the network application can cause serious consequences such as privacy disclosure, personal property loss and the like. The horizontal override problem is a common application program bug, and the horizontal override problem is usually checked manually or tested online by constructing test data.
In the process of implementing the invention, the inventor finds that at least the following technical problems exist in the prior art: the prior art scheme has the problem of low horizontal override detection efficiency.
Disclosure of Invention
The invention provides a code unauthorized detection method and device, electronic equipment and a storage medium, which are used for improving the horizontal unauthorized detection efficiency.
According to an aspect of the present invention, there is provided a code unauthorized detection method, including:
acquiring a code to be detected;
determining at least one request parameter based on the code to be detected;
traversing each request parameter, and determining the marking information corresponding to the request parameter based on the request parameter for any request parameter;
and performing horizontal override detection based on the labeling information corresponding to the request parameters to obtain an override detection result.
According to another aspect of the present invention, there is provided a code unauthorized detection apparatus including:
the code acquisition module to be detected is used for acquiring the code to be detected;
a request parameter determining module, configured to determine at least one request parameter based on the to-be-detected code;
the annotation information determining module is used for traversing each request parameter and determining annotation information corresponding to the request parameter for any request parameter based on the request parameter;
and the horizontal override detection module is used for carrying out horizontal override detection on the basis of the labeling information corresponding to the request parameters to obtain an override detection result.
According to another aspect of the present invention, there is provided an electronic apparatus including:
at least one processor; and
a memory communicatively coupled to the at least one processor; wherein, the first and the second end of the pipe are connected with each other,
the memory stores a computer program executable by the at least one processor, the computer program being executable by the at least one processor to enable the at least one processor to perform the code unauthorized detection method according to any of the embodiments of the present invention.
According to another aspect of the present invention, there is provided a computer-readable storage medium storing computer instructions for causing a processor to implement a code unauthorized detection method according to any embodiment of the present invention when the computer instructions are executed.
According to the technical scheme of the embodiment of the invention, the code to be detected is obtained; determining at least one request parameter based on the code to be detected; traversing each request parameter, and determining the marking information corresponding to the request parameter based on the request parameter for any request parameter; and performing horizontal override detection based on the labeling information corresponding to the request parameters to obtain an override detection result. According to the technical scheme, the code level override automatic detection is realized and the code level override detection efficiency is improved by determining the request parameters corresponding to the code to be detected and the label information corresponding to the request parameters and performing the level override detection based on the label information corresponding to the request parameters.
It should be understood that the statements in this section are not intended to identify key or critical features of the embodiments of the present invention, nor are they intended to limit the scope of the invention. Other features of the present invention will become apparent from the following description.
Drawings
In order to more clearly illustrate the technical solutions in the embodiments of the present invention, the drawings needed to be used in the description of the embodiments will be briefly introduced below, and it is obvious that the drawings in the following description are only some embodiments of the present invention, and it is obvious for those skilled in the art to obtain other drawings based on these drawings without creative efforts.
FIG. 1 is a flowchart of a code unauthorized detection method according to an embodiment of the present invention;
FIG. 2 is a flowchart of a code unauthorized detection method according to a second embodiment of the present invention;
FIG. 3 is a flowchart of a code unauthorized detection method according to a third embodiment of the present invention;
fig. 4 is a schematic structural diagram of a code unauthorized detection apparatus according to a fourth embodiment of the present invention;
fig. 5 is a schematic structural diagram of an electronic device implementing the code unauthorized detection method according to the embodiment of the present invention.
Detailed Description
In order to make the technical solutions of the present invention better understood, the technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are only a part of the embodiments of the present invention, and not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
It should be noted that the terms "first," "second," and the like in the description and claims of the present invention and in the drawings described above are used for distinguishing between similar elements and not necessarily for describing a particular sequential or chronological order. It is to be understood that the data so used is interchangeable under appropriate circumstances such that the embodiments of the invention described herein are capable of operation in sequences other than those illustrated or described herein. Furthermore, the terms "comprises," "comprising," and "having," and any variations thereof, are intended to cover a non-exclusive inclusion, such that a process, method, system, article, or apparatus that comprises a list of steps or elements is not necessarily limited to those steps or elements expressly listed, but may include other steps or elements not expressly listed or inherent to such process, method, article, or apparatus.
Example one
Fig. 1 is a flowchart of a code unauthorized detection method according to an embodiment of the present invention, which is applicable to a situation of code level unauthorized automatic detection, and the method can be executed by a code unauthorized detection device, which can be implemented in hardware and/or software, and can be configured in a computer terminal. As shown in fig. 1, the method includes:
and S110, acquiring the code to be detected.
In this embodiment, the code to be detected refers to an application source code to be subjected to horizontal override detection.
Specifically, the code to be detected can be acquired from the backend code library offline. It is emphasized that the codes to be detected can be static codes, in other words, the code unauthorized detection of the application does not need the running of a system to be detected, and is simple and convenient.
S120, determining at least one request parameter based on the code to be detected.
In this embodiment, the request parameter refers to a parameter of a request function in the code to be detected. The request function may include, but is not limited to, a login request function, a transaction request function, an information query request function, and the like.
For example, the request function may be a user login request function, and accordingly, the request parameter is a parameter of the user login request function, and the parameter of the user login request function may include, but is not limited to, an account number, a password, a common device number, and other authentication information.
S130, traversing each request parameter, and determining the annotation information corresponding to the request parameter based on the request parameter for any request parameter.
In this embodiment, the annotation information refers to annotation information of the request parameter, and may include, but is not limited to, a type of the request parameter, a parameter verification method, and the like. The request parameter types include, but are not limited to, user-related parameters, transaction-related parameters, security-related parameters, and the like. User-related parameters include, but are not limited to, the user's identification information, etc., and transaction-related parameters include, but are not limited to, the amount of the transfer, the payee card number, etc. Security related parameters include, but are not limited to, a user password, various signature information, and the like. The parameter checking method may include, but is not limited to, a background interface check, a cache check, an annotation check, and the like, which is not limited herein. Specifically, the annotation information corresponding to the request parameter may be obtained in an information matching manner.
In some optional embodiments, determining, based on the request parameter, annotation information corresponding to the request parameter includes: matching the request parameters in a database to obtain marking information corresponding to the request parameters; the database stores at least one request parameter and the marking information corresponding to each request parameter.
And S140, performing horizontal override detection based on the labeling information corresponding to the request parameters to obtain an override detection result.
In this embodiment, the horizontal override means that the user bypasses the checking mechanism and performs operations such as illegal query and modification on other user data. It can be understood that, by performing horizontal unauthorized detection on the code to be detected, the vulnerability of the code to be detected can be effectively detected, thereby preventing the occurrence of operations such as illegal inquiry, modification and the like.
Specifically, whether the request parameter is verified according to the request parameter type and the parameter verification mode in the labeling information is verified. If so, then there is no horizontal override; if not, there is a level override.
According to the technical scheme of the embodiment of the invention, the code to be detected is obtained; determining at least one request parameter based on the code to be detected; traversing each request parameter, and determining the marking information corresponding to the request parameter based on the request parameter for any request parameter; and performing horizontal override detection based on the marking information corresponding to the request parameters to obtain an override detection result. According to the technical scheme, the code level override automatic detection is realized and the code level override detection efficiency is improved by determining the request parameters corresponding to the codes to be detected and the label information corresponding to the request parameters and carrying out the level override detection based on the label information corresponding to the request parameters.
Example two
Fig. 2 is a flowchart of a code override detection method according to a second embodiment of the present invention, and the method according to this embodiment may be combined with various alternatives of the code override detection method according to the foregoing embodiments. The code override detection method provided by the embodiment is further optimized. Optionally, the determining at least one request parameter based on the to-be-detected code includes: and determining at least one request function and request parameters corresponding to the request function based on the code to be detected.
As shown in fig. 2, the method includes:
s210, acquiring the code to be detected.
S220, determining at least one request function and request parameters corresponding to the request function based on the code to be detected.
S230, traversing each request parameter, and determining the annotation information corresponding to the request parameter based on the request parameter for any request parameter.
And S240, performing horizontal override detection based on the marking information corresponding to the request parameters to obtain an override detection result.
In this embodiment, all request functions in the code to be detected and the request parameters corresponding to the request functions may be obtained.
For example, the code to be detected may be stored in a code library, and by scanning the code library, all request functions in the code to be detected and request parameters corresponding to the request functions may be obtained, where the request parameters may be in a list form.
In some optional embodiments, determining at least one request function and a request parameter corresponding to the request function based on the code to be detected includes: carrying out syntax tree transformation on the code to be detected to obtain the code to be detected in a syntax tree form; and determining at least one request function and request parameters corresponding to the request function based on the codes to be detected in the form of the syntax tree.
Wherein, the syntax tree can be an abstract syntax tree or other syntax trees. Specifically, the codes to be detected are converted into a syntax tree form, so that the tracking of the flow direction of the request parameters is realized, and convenience is provided for information detection.
For example, under the Spring Boot framework, a request function is usually modified by an "@ RequestMapping" annotation, and a request parameter corresponding to the request function is usually modified by an "@ RequestBody", "@ RequestParam", and the like. The specific situation can be changed and modified through the system specification. Examples of codes to be detected are as follows:
@RequestMapping(value=“path”)
Public ResponseVO handleRequest(@RequestBody RequestVO request)
when the abstract syntax tree is used for acquiring the request function and the request parameter corresponding to the request function, the code to be detected can be converted into an abstract syntax tree form, and the request function modified by "@ RequestMapping", @ RequestBody "and the like and the request parameter corresponding to the request function are screened out by traversing the 'Annotation' field of the abstract syntax tree. An example of the code to be detected in the form of a syntax tree is as follows:
Figure BDA0003904178340000071
in some optional embodiments, determining at least one request function and a request parameter corresponding to the request function based on the code to be detected includes: and performing key information matching on the code to be detected based on a preset matching rule to obtain at least one request function and a request parameter corresponding to the request function.
The matching rule may be an expression set according to the detection requirement. Typically, the matching rule may be a regular expression.
Specifically, the key information of the code to be detected may be matched through a pre-configured regular expression, so as to obtain a request function corresponding to the regular expression and a request parameter corresponding to the request function.
In this embodiment, the horizontal override check may be performed based on a syntax tree. Specifically, in some embodiments, the horizontal override checking step comprises:
(1) Acquiring a called position corresponding to any request parameter, wherein the called position refers to a program statement called by the request parameter, and the number of the calling positions can be one or more;
(2) For a call position corresponding to any request parameter, judging whether the request parameter is in a range specified by a range judgment statement, if the request parameter is equal to, larger than or smaller than, contained in, etc., which is often expressed in a syntax tree that the request parameter is a leaf node, a father node of the request parameter is a comparison operation (if equal to, smaller than, etc.), and the father node of the father node is a branch statement (if statement), an assertion statement (assert), etc.;
(3) If the calling is range judgment, stopping, and determining that the request parameter is verified;
(4) If the non-range judgment is called, the next calling judgment is carried out, and the step (2) is repeated;
(5) If the result is the assignment statement, all calls of the assignment object are obtained, and the new assignment object is regarded as the request parameter to carry out the operation in the step (2).
In some embodiments, the horizontal override checking step further comprises:
(1) Traversing the code, and searching each range judgment statement in the code;
(2) For each range judgment statement, acquiring a leaf node of the range judgment statement;
(3) If the leaf node is the request parameter, the request parameter is determined to be verified;
(4) Obtaining the assignment operation of the leaf node, obtaining the data source of the leaf node, repeating the process to obtain a final source, and if the source is the determined request parameter, determining the request parameter as verified;
(5) And (4) if the step (3) and the step (4) are not determined to be verified, entering the step (2) to verify the next range judgment statement until traversal is completed, and obtaining a verification result.
According to the technical scheme of the embodiment of the invention, the code to be detected is obtained; determining at least one request function and a request parameter corresponding to the request function based on the code to be detected; traversing each request parameter, and determining the annotation information corresponding to the request parameter based on the request parameter for any request parameter; and performing horizontal override detection based on the marking information corresponding to the request parameters to obtain an override detection result. According to the technical scheme, the code level override automatic detection is realized by determining the request parameters corresponding to the code to be detected and the label information corresponding to the request parameters and carrying out the level override detection based on the label information corresponding to the request parameters, a test request is not required to be constructed, and the code level override detection efficiency is improved.
EXAMPLE III
Fig. 3 is a flowchart of a code override detection method provided in a third embodiment of the present invention, and the method of the present embodiment and various alternatives of the code override detection method provided in the foregoing embodiments may be combined. The code override detection method provided by the embodiment is further optimized. Optionally, the labeling information corresponding to the request parameter includes a parameter checking mode; the unauthorized detection result comprises the existence of unauthorized risks and the absence of unauthorized risks; correspondingly, the performing horizontal override detection based on the labeling information corresponding to the request parameter to obtain an override detection result includes: if the request parameter is verified according to the parameter verification mode and the verification is passed, determining that the unauthorized detection result is that no unauthorized risk exists; and if the request parameter is not verified according to the parameter verification mode, determining that the unauthorized detection result is an unauthorized risk.
As shown in fig. 3, the method includes:
s310, acquiring the code to be detected.
S320, determining at least one request parameter based on the code to be detected.
S330, traversing each request parameter, and determining the marking information corresponding to the request parameter based on the request parameter for any request parameter, wherein the marking information corresponding to the request parameter comprises a parameter checking mode.
S340, if the request parameter is verified according to the parameter verification mode and the verification is passed, determining that the unauthorized detection result is that no unauthorized risk exists; and if the request parameter is not verified according to the parameter verification mode, determining that the unauthorized detection result is the unauthorized risk.
In this embodiment, the code to be detected may be application source code. Illustratively, the code to be detected may be application source code of a bank Web or a mobile application.
Specifically, if the request parameter is verified according to a parameter verification mode and the verification is passed, indicating that the request parameter does not generate horizontal override behavior, determining that the override detection result is that no override risk exists; and if the request parameter is not verified according to the parameter verification mode, the checking mechanism of the request parameter is possibly bypassed, and a horizontal override behavior possibly exists, determining that the override detection result is an override risk.
For example, taking a bank scenario as an example, when a user collects money, the user needs to upload information such as a name and a bank card number, and at this time, it needs to check whether the bank card belongs to the user. Further, all the bank card numbers under the user name can be obtained from the code to be detected of the background system, if the bank card number uploaded by the user is equal to all the bank card numbers under the user name, the verification is passed, and the verification is finished.
In some optional embodiments, after determining at least one request parameter based on the code to be detected, further comprising: and marking the request parameters to obtain marking information corresponding to the request parameters.
In this embodiment, the annotation method includes an automatic auxiliary annotation method and a manual annotation. For the automatic auxiliary labeling method, the request parameters can be preliminarily labeled through rule matching or a machine learning model, and then manually checked and supplemented.
Exemplarily, the semantic information of the request parameter is obtained by performing semantic recognition on the code to be detected, and the semantic information of the request parameter can be used as the labeling information corresponding to the request parameter. Or, rule matching is performed on the code to be detected to obtain semantic information of the request parameter, and the semantic information of the request parameter can be used as the labeling information corresponding to the request parameter. The semantic information may be obtained from context information such as a comment, an identifier, a front-end page, and the like of the code to be detected, and the semantic information may be identification information such as userID, custID, pid, and the like.
According to the technical scheme of the embodiment of the invention, the code to be detected is obtained; determining at least one request parameter based on the code to be detected; traversing each request parameter, and determining the annotation information corresponding to the request parameter based on the request parameter for any request parameter; if the request parameter is verified according to the parameter verification mode and the verification is passed, determining that the unauthorized detection result is that the unauthorized risk does not exist; and if the request parameter is not verified according to the parameter verification mode, determining that the unauthorized detection result is the unauthorized risk. According to the technical scheme, the horizontal override detection is carried out in a parameter detection mode in the labeling information of the request parameters, so that the code horizontal override automatic detection is realized, and the code horizontal override detection efficiency is improved.
Example four
Fig. 4 is a schematic structural diagram of a code unauthorized detection apparatus according to a fourth embodiment of the present invention. As shown in fig. 4, the apparatus includes:
a code to be detected acquisition module 410, configured to acquire a code to be detected;
a request parameter determining module 420, configured to determine at least one request parameter based on the code to be detected;
a labeling information determining module 430, configured to traverse each request parameter, and for any request parameter, determine, based on the request parameter, labeling information corresponding to the request parameter;
and the horizontal override detection module 440 is configured to perform horizontal override detection based on the label information corresponding to the request parameter to obtain an override detection result.
According to the technical scheme of the embodiment of the invention, the code to be detected is obtained; determining at least one request parameter based on the code to be detected; traversing each request parameter, and determining the annotation information corresponding to the request parameter based on the request parameter for any request parameter; and performing horizontal override detection based on the labeling information corresponding to the request parameters to obtain an override detection result. According to the technical scheme, the code level override automatic detection is realized and the code level override detection efficiency is improved by determining the request parameters corresponding to the codes to be detected and the label information corresponding to the request parameters and carrying out the level override detection based on the label information corresponding to the request parameters.
In some optional embodiments, the request parameter determining module 420 includes:
and the function parameter determining unit is used for determining at least one request function and a request parameter corresponding to the request function based on the code to be detected.
In some optional embodiments, the function parameter determining unit is specifically configured to:
performing syntax tree transformation on the code to be detected to obtain the code to be detected in a syntax tree form;
and determining at least one request function and request parameters corresponding to the request function based on the codes to be detected in the form of the syntax tree.
In some optional embodiments, the function parameter determining unit is specifically configured to:
and matching key information of the code to be detected based on a preset matching rule to obtain at least one request function and a request parameter corresponding to the request function.
In some optional embodiments, the annotation information determining module 430 is specifically configured to:
matching the request parameters in a database to obtain marking information corresponding to the request parameters;
the database stores at least one request parameter and labeling information corresponding to each request parameter.
In some optional embodiments, the annotation information corresponding to the request parameter includes a parameter verification manner; the unauthorized detection result comprises the existence of unauthorized risks and the absence of unauthorized risks;
the horizontal override detection module 440 is specifically configured to:
if the request parameter is verified according to the parameter verification mode and the verification is passed, determining that the unauthorized detection result is that no unauthorized risk exists;
and if the request parameter is not verified according to the parameter verification mode, determining that the unauthorized detection result is the unauthorized risk.
In some optional embodiments, the code to be detected is application source code.
The code unauthorized detection device provided by the embodiment of the invention can execute the code unauthorized detection method provided by any embodiment of the invention, and has corresponding functional modules and beneficial effects of the execution method.
EXAMPLE five
FIG. 5 illustrates a schematic diagram of an electronic device 10 that may be used to implement an embodiment of the invention. Electronic devices are intended to represent various forms of digital computers, such as laptops, desktops, workstations, personal digital assistants, servers, blade servers, mainframes, and other appropriate computers. The electronic device may also represent various forms of mobile devices, such as personal digital assistants, cellular phones, smart phones, wearable devices (e.g., helmets, glasses, watches, etc.), and other similar computing devices. The components shown herein, their connections and relationships, and their functions, are meant to be exemplary only, and are not meant to limit implementations of the inventions described and/or claimed herein.
As shown in fig. 5, the electronic device 10 includes at least one processor 11, and a memory communicatively connected to the at least one processor 11, such as a Read Only Memory (ROM) 12, a Random Access Memory (RAM) 13, and the like, wherein the memory stores a computer program executable by the at least one processor, and the processor 11 can perform various suitable actions and processes according to the computer program stored in the Read Only Memory (ROM) 12 or the computer program loaded from a storage unit 18 into the Random Access Memory (RAM) 13. In the RAM 13, various programs and data necessary for the operation of the electronic apparatus 10 can also be stored. The processor 11, the ROM 12, and the RAM 13 are connected to each other via a bus 14. An input/output (I/O) interface 15 is also connected to bus 14.
A number of components in the electronic device 10 are connected to the I/O interface 15, including: an input unit 16 such as a keyboard, a mouse, or the like; an output unit 17 such as various types of displays, speakers, and the like; a storage unit 18 such as a magnetic disk, optical disk, or the like; and a communication unit 19 such as a network card, modem, wireless communication transceiver, etc. The communication unit 19 allows the electronic device 10 to exchange information/data with other devices via a computer network such as the internet and/or various telecommunication networks.
Processor 11 may be a variety of general and/or special purpose processing components having processing and computing capabilities. Some examples of processor 11 include, but are not limited to, a Central Processing Unit (CPU), a Graphics Processing Unit (GPU), various dedicated Artificial Intelligence (AI) computing chips, various processors running machine learning model algorithms, a Digital Signal Processor (DSP), and any suitable processor, controller, microcontroller, and so forth. Processor 11 performs the various methods and processes described above, such as a code override detection method, including:
acquiring a code to be detected;
determining at least one request parameter based on the code to be detected;
traversing each request parameter, and determining the marking information corresponding to the request parameter based on the request parameter for any request parameter;
and performing horizontal override detection based on the labeling information corresponding to the request parameters to obtain an override detection result.
In some embodiments, the code override detection method may be implemented as a computer program tangibly embodied in a computer-readable storage medium, such as storage unit 18. In some embodiments, part or all of the computer program may be loaded and/or installed onto the electronic device 10 via the ROM 12 and/or the communication unit 19. When the computer program is loaded into RAM 13 and executed by processor 11, one or more steps of the code override detection method described above may be performed. Alternatively, in other embodiments, the processor 11 may be configured to perform the code override detection method by any other suitable means (e.g., by means of firmware).
Various implementations of the systems and techniques described here above may be implemented in digital electronic circuitry, integrated circuitry, field Programmable Gate Arrays (FPGAs), application Specific Integrated Circuits (ASICs), application Specific Standard Products (ASSPs), system on a chip (SOCs), load programmable logic devices (CPLDs), computer hardware, firmware, software, and/or combinations thereof. These various embodiments may include: implemented in one or more computer programs that are executable and/or interpretable on a programmable system including at least one programmable processor, which may be special or general purpose, receiving data and instructions from, and transmitting data and instructions to, a storage system, at least one input device, and at least one output device.
A computer program for implementing the methods of the present invention may be written in any combination of one or more programming languages. These computer programs may be provided to a processor of a general purpose computer, special purpose computer, or other programmable data processing apparatus, such that the computer programs, when executed by the processor, cause the functions/acts specified in the flowchart and/or block diagram block or blocks to be performed. A computer program can execute entirely on a machine, partly on a machine, as a stand-alone software package partly on a machine and partly on a remote machine or entirely on a remote machine or server.
In the context of the present invention, a computer-readable storage medium may be a tangible medium that can contain, or store a computer program for use by or in connection with an instruction execution system, apparatus, or device. A computer readable storage medium may include, but is not limited to, an electronic, magnetic, optical, electromagnetic, infrared, or semiconductor system, apparatus, or device, or any suitable combination of the foregoing. Alternatively, the computer readable storage medium may be a machine readable signal medium. More specific examples of a machine-readable storage medium would include an electrical connection based on one or more wires, a portable computer diskette, a hard disk, a Random Access Memory (RAM), a read-only memory (ROM), an erasable programmable read-only memory (EPROM or flash memory), an optical fiber, a compact disc read-only memory (CD-ROM), an optical storage device, a magnetic storage device, or any suitable combination of the foregoing.
To provide for interaction with a user, the systems and techniques described here can be implemented on an electronic device having: a display device (e.g., a CRT (cathode ray tube) or LCD (liquid crystal display) monitor) for displaying information to a user; and a keyboard and a pointing device (e.g., a mouse or a trackball) by which a user can provide input to the electronic device. Other kinds of devices may also be used to provide for interaction with a user; for example, feedback provided to the user can be any form of sensory feedback (e.g., visual feedback, auditory feedback, or tactile feedback); and input from the user can be received in any form, including acoustic, speech, or tactile input.
The systems and techniques described here can be implemented in a computing system that includes a back-end component (e.g., as a data server), or that includes a middleware component (e.g., an application server), or that includes a front-end component (e.g., a user computer having a graphical user interface or a web browser through which a user can interact with an implementation of the systems and techniques described here), or any combination of such back-end, middleware, or front-end components. The components of the system can be interconnected by any form or medium of digital data communication (e.g., a communication network). Examples of communication networks include: local Area Networks (LANs), wide Area Networks (WANs), blockchain networks, and the internet.
The computing system may include clients and servers. A client and server are generally remote from each other and typically interact through a communication network. The relationship of client and server arises by virtue of computer programs running on the respective computers and having a client-server relationship to each other. The server can be a cloud server, also called a cloud computing server or a cloud host, and is a host product in a cloud computing service system, so that the defects of high management difficulty and weak service expansibility in the traditional physical host and VPS service are overcome.
It should be understood that various forms of the flows shown above may be used, with steps reordered, added, or deleted. For example, the steps described in the present invention may be executed in parallel, sequentially, or in different orders, and are not limited herein as long as the desired results of the technical solution of the present invention can be achieved.
The above-described embodiments should not be construed as limiting the scope of the invention. It should be understood by those skilled in the art that various modifications, combinations, sub-combinations and substitutions may be made in accordance with design requirements and other factors. Any modification, equivalent replacement, and improvement made within the spirit and principle of the present invention should be included in the protection scope of the present invention.

Claims (10)

1. A method for code unauthorized detection, comprising:
acquiring a code to be detected;
determining at least one request parameter based on the code to be detected;
traversing each request parameter, and determining the annotation information corresponding to the request parameter based on the request parameter for any request parameter;
and performing horizontal override detection based on the labeling information corresponding to the request parameters to obtain an override detection result.
2. The method according to claim 1, wherein said determining at least one request parameter based on said code to be detected comprises:
and determining at least one request function and request parameters corresponding to the request function based on the code to be detected.
3. The method according to claim 2, wherein the determining at least one request function and a request parameter corresponding to the request function based on the code to be detected comprises:
performing syntax tree transformation on the code to be detected to obtain the code to be detected in a syntax tree form;
and determining at least one request function and request parameters corresponding to the request function based on the codes to be detected in the form of the syntax tree.
4. The method according to claim 2, wherein the determining at least one request function and a request parameter corresponding to the request function based on the code to be detected comprises:
and matching key information of the code to be detected based on a preset matching rule to obtain at least one request function and a request parameter corresponding to the request function.
5. The method according to claim 1, wherein the determining annotation information corresponding to the request parameter based on the request parameter comprises:
matching the request parameters in a database to obtain marking information corresponding to the request parameters;
the database stores at least one request parameter and marking information corresponding to each request parameter.
6. The method according to claim 1, wherein the label information corresponding to the request parameter comprises a parameter checking mode; the unauthorized detection result comprises the existence of unauthorized risks and the absence of unauthorized risks;
correspondingly, the performing horizontal override detection based on the labeling information corresponding to the request parameter to obtain an override detection result includes:
if the request parameter is verified according to the parameter verification mode and the verification is passed, determining that the unauthorized detection result is that no unauthorized risk exists;
and if the request parameter is not verified according to the parameter verification mode, determining that the unauthorized detection result is the unauthorized risk.
7. The method of claim 1, wherein the code to be detected is application source code.
8. A code unauthorized detection apparatus, comprising:
the code acquisition module to be detected is used for acquiring the code to be detected;
a request parameter determining module, configured to determine at least one request parameter based on the to-be-detected code;
the annotation information determining module is used for traversing each request parameter and determining annotation information corresponding to the request parameter based on the request parameter for any request parameter;
and the horizontal override detection module is used for carrying out horizontal override detection based on the marking information corresponding to the request parameters to obtain an override detection result.
9. An electronic device, characterized in that the electronic device comprises:
at least one processor; and
a memory communicatively coupled to the at least one processor; wherein the content of the first and second substances,
the memory stores a computer program executable by the at least one processor, the computer program being executable by the at least one processor to enable the at least one processor to perform the code unauthorized detection method of any of claims 1-7.
10. A computer-readable storage medium having stored thereon computer instructions for causing a processor to implement the code override detection method of any one of claims 1-7 when executed.
CN202211301105.1A 2022-10-24 2022-10-24 Code unauthorized detection method and device, electronic equipment and storage medium Pending CN115455437A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202211301105.1A CN115455437A (en) 2022-10-24 2022-10-24 Code unauthorized detection method and device, electronic equipment and storage medium

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202211301105.1A CN115455437A (en) 2022-10-24 2022-10-24 Code unauthorized detection method and device, electronic equipment and storage medium

Publications (1)

Publication Number Publication Date
CN115455437A true CN115455437A (en) 2022-12-09

Family

ID=84310718

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202211301105.1A Pending CN115455437A (en) 2022-10-24 2022-10-24 Code unauthorized detection method and device, electronic equipment and storage medium

Country Status (1)

Country Link
CN (1) CN115455437A (en)

Similar Documents

Publication Publication Date Title
TWI782205B (en) Risk control model training, risk control method, device and equipment for identifying the theft of second-hand door number accounts
CN115242731A (en) Message processing method, device, equipment and storage medium
CN115145587A (en) Product parameter checking method and device, electronic equipment and storage medium
CN112363814A (en) Task scheduling method and device, computer equipment and storage medium
CN115328621B (en) Transaction processing method, device, equipment and storage medium based on block chain
CN108768742B (en) Network construction method and device, electronic equipment and storage medium
CN115455437A (en) Code unauthorized detection method and device, electronic equipment and storage medium
CN115333783A (en) API call abnormity detection method, device, equipment and storage medium
CN114443802A (en) Interface document processing method and device, electronic equipment and storage medium
CN112968876A (en) Content sharing method and device, electronic equipment and storage medium
CN111429257A (en) Transaction monitoring method and device
CN114444041A (en) Interface access method and device, electronic equipment and storage medium
CN114627410A (en) Video verification method and related device for obtaining service
CN115857939A (en) Statement validity checking method and device, electronic equipment and medium
CN117035989A (en) Asset risk exposure classification identification method, device and equipment
CN116226867A (en) Script processing method, device, equipment and medium
CN117609723A (en) Object identification method and device, electronic equipment and storage medium
CN115564573A (en) Financing risk identification method, device, equipment and storage medium
CN117829755A (en) Data processing method, device, equipment and storage medium
CN116382640A (en) Method, device, equipment and storage medium for managing micro-service
CN115601157A (en) Quota processing method, device, electronic equipment and computer readable medium
CN117313159A (en) Data processing method, device, equipment and storage medium
CN115017134A (en) Database operation management method and device, electronic equipment and storage medium
CN116318968A (en) Target operation execution method, device, equipment and storage medium
CN117194471A (en) Data blood edge analysis method, device, medium, electronic equipment and product

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination