CN115827444A - Ordered, enhanced and cacheable symbol execution static analysis method and system - Google Patents

Ordered, enhanced and cacheable symbol execution static analysis method and system Download PDF

Info

Publication number
CN115827444A
CN115827444A CN202211504336.2A CN202211504336A CN115827444A CN 115827444 A CN115827444 A CN 115827444A CN 202211504336 A CN202211504336 A CN 202211504336A CN 115827444 A CN115827444 A CN 115827444A
Authority
CN
China
Prior art keywords
function
branch
unit
analysis
calculation
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202211504336.2A
Other languages
Chinese (zh)
Inventor
朱辉
陈昭宇
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Ruan'an Technology Co ltd
Original Assignee
Ruan'an Technology Co ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Ruan'an Technology Co ltd filed Critical Ruan'an Technology Co ltd
Priority to CN202211504336.2A priority Critical patent/CN115827444A/en
Publication of CN115827444A publication Critical patent/CN115827444A/en
Pending legal-status Critical Current

Links

Images

Classifications

    • YGENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
    • Y02TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
    • Y02DCLIMATE CHANGE MITIGATION TECHNOLOGIES IN INFORMATION AND COMMUNICATION TECHNOLOGIES [ICT], I.E. INFORMATION AND COMMUNICATION TECHNOLOGIES AIMING AT THE REDUCTION OF THEIR OWN ENERGY USE
    • Y02D10/00Energy efficient computing, e.g. low power processors, power management or thermal management

Abstract

The invention relates to a method and a system for orderly, enhanced and cacheable symbol execution static analysis, which calculate program functions by topological sorting of a graph structure and check the dependency sequence of a device; sequentially carrying out each inspection step; caching and searching the check information of each dependence step; calculating the checking information of the current checker by using the information combination of the checked checkers; and calculating the checking information of the current function by using the information combination of the checked functions. The invention realizes the mutual dependency of the inspectors by a combined mode according to the dependency sequence, increases the reusability of the inspectors and reduces the repeated development; the dependence sequence among the functions can solve the analysis dependence problem of cross-function calling; meanwhile, the analysis efficiency can be effectively improved by caching the analyzed result, and incremental analysis and cross-binary library analysis can be realized on the basis.

Description

Ordered, enhanced and cacheable symbol execution static analysis method and system
Technical Field
The invention relates to the technical field of information security, in particular to an ordered, enhanced and cacheable symbol execution static analysis method and system.
Background
The symbol execution method in the code static analysis is a mode of adopting a search algorithm, simulating code execution logic, utilizing technologies such as constraint solving and the like to more accurately search for code defects, the search time is in direct proportion to the code scale of a program, codes above ten million line levels are processed, the complete search time can take several hours, and the requirements of software development enterprises on quickness of massive promotion and automatic flow cannot be met; cross-function and cross-file analysis are common problems of static analysis, so that how to solve the problems of the existing code static analysis method needs to be considered at present.
It is noted that the information disclosed in the above background section is only for enhancement of understanding of the background of the present disclosure and therefore may include information that does not constitute prior art that is already known to a person of ordinary skill in the art.
Disclosure of Invention
The invention aims to overcome the defects of the prior art, provides an ordered, enhanced and cacheable symbol execution static analysis method and system, and solves the defects of the existing code static analysis method.
The purpose of the invention is realized by the following technical scheme: an ordered, enhanced, cacheable symbol execution static analysis method comprising:
s1, abstracting each function call point in a program code into a node caller, a directed edge of the node caller and the caller pointing to the callee, and collecting the call node and the call edge of a whole program as a function call graph of the program;
s2, carrying out topological sorting on the function call graph to obtain a list with the dependence sequence of the functions in a reverse order;
s3, dividing the function call graph into a function unit and a checker unit according to the reverse order, sequentially performing traversal calculation on the function unit and the checker unit, and completing the analysis after complete traversal is completed;
s4, storing the intermediate result of the calculation through a stack for subsequent dependence calculation, and searching the intermediate cache result depended by the calculation;
and S5, solving and judging whether the defect condition is met or not according to all the related statement numbers and statement execution information inquired in the cache and the statement execution information, and generating a defect result if the defect condition is met.
The step S3 specifically comprises the following steps:
dividing the function in the function call graph into a plurality of independent function units, wherein the branch of each function unit is an independent execution path, traversing by adopting a depth-first order, and completing the analysis of the function unit by traversing the completed branch path;
and splitting all inspectors in the function call graph according to functions to realize units organized by taking the functions as a unit, repeatedly executing the steps S1 and S2 on the functions realized by each inspector unit, sequentially obtaining the function call graphs of all the inspector units and an inspector function list with a dependence order, and sequentially analyzing and calculating the program functions by the inspectors according to the dependence order.
The checker comprises a base layer and a logic layer, wherein the base layer is used for extracting base information and can be reused in other checkers; and the logic layer is used for completing the service logic with specific defects according to the use of the released memory service logic.
The stack storage includes: when the simulation execution reaches a conditional branch, each branch condition newly creates a stack frame, intermediate information contained in the subsequent branch condition is stored in the stack frame, after the current branch condition is executed, the stack frame of the branch condition is popped up, the stack frame of other branch conditions is switched to, and accordingly, the stack frame set in the stack is complete information when the branch condition is reached.
The defect condition is obtained by abstracting the program semantics according to the content of the checker, representing the program semantics as a group of constraint condition symbols in mathematical logic, and finally judging the group of constraint conditions by constraint solving; constraint solving mainly solves the defect condition and the branch condition in a case, and the constraint is carried out in advance in a branch stage to reduce the calculation of an unreachable branch, or the branch condition is calculated in a final defect generation stage to reduce the calculation amount of the branch condition.
An ordered, enhanced and cacheable symbol execution static analysis system comprises an ordering preparation module, an ordered traversal module, a cache management module and an inspection calculation module;
the sort preparation module: the system comprises a function calling point, a node callee, a function calling graph and a function calling graph, wherein the function calling point is used for abstracting each function calling point in a program code into a node caller, a node callee and a directed edge of the caller pointing to the callee, the calling nodes and the calling edges of a whole program are collected into the function calling graph of the program, and the function calling graph is subjected to topological sorting to obtain a list with the dependence order of functions being in a reverse order;
the ordered traversal module: the function call graph is divided into a function unit and a checker unit according to the reverse order sequence, and the function unit and the checker unit are sequentially traversed and calculated, and the analysis is completed after the complete traversal is completed;
the cache management module: the device is used for storing the intermediate result of the calculation through a stack for subsequent dependence calculation and searching the intermediate cache result depended by the calculation;
the inspection calculation module: and solving and judging whether the defect condition is met or not according to all the related statement numbers and statement execution information which are inquired in the cache and the statement execution information, and generating a defect result if the defect condition is met.
The ordered traversal module comprises a function analysis unit and a checker analysis unit;
the function analysis unit: the function call graph is used for dividing the function in the function call graph into a plurality of independent function units, the branch of each function unit is an independent execution path, the depth-first order traversal is adopted, and the analysis of the function unit is completed by traversing the completed branch path;
the checker analysis unit: the function call graph sorting module is used for splitting all inspectors in the function call graph according to functions, realizing the inspectors as units organized by taking the functions as units, repeatedly executing the sorting preparation module on the functions realized by each inspector unit, sequentially obtaining the function call graphs of all the inspector units and an inspector function list with a dependent sequence, and sequentially analyzing and calculating the program functions by the inspectors according to the dependent sequence.
A computer-readable storage medium, on which a computer program is stored which, when being executed by a processor, carries out the steps of the static analysis method.
A terminal device comprising a memory having a computer program stored thereon and a processor implementing the steps of the static analysis method when executing the computer program.
The invention has the following advantages: a method and system for orderly, enhanced and cacheable symbol execution static analysis are realized as interdependent inspectors in a combined manner according to a dependency sequence, thereby increasing the reusability of the inspectors and reducing repeated development; the dependence sequence among the functions can solve the analysis dependence problem of cross-function calling; meanwhile, the analysis efficiency can be effectively improved by caching the analyzed result, and incremental analysis and cross-binary library analysis can be realized on the basis.
Drawings
FIG. 1 is a schematic flow diagram of the process of the present invention;
FIG. 2 is an exemplary diagram of a function call graph topology ordering;
FIG. 3 is a diagram of an example branch path state save stack.
Detailed Description
In order to make the objects, technical solutions and advantages of the embodiments of the present application clearer, the technical solutions in the embodiments of the present application will be clearly and completely described below with reference to the drawings in the embodiments of the present application, and it is obvious that the described embodiments are only a part of the embodiments of the present application, and not all the embodiments. The components of the embodiments of the present application, generally described and illustrated in the figures herein, can be arranged and designed in a wide variety of different configurations. Thus, the detailed description of the embodiments of the present application provided below in connection with the appended drawings is not intended to limit the scope of the claimed application, but is merely representative of selected embodiments of the application. All other embodiments, which can be derived by a person skilled in the art from the embodiments of the present application without making any creative effort, shall fall within the protection scope of the present application. The invention is further described below with reference to the accompanying drawings.
One embodiment of the invention relates to an ordered, enhanced and cacheable symbol execution static analysis method, which comprises the steps of calculating program functions through topological sorting of a graph structure and checking the dependence sequence of a device; sequentially carrying out each inspection step; caching and searching the check information of each dependence step; calculating the checking information of the current checker by using the information combination of the checked checkers; and calculating the checking information of the current function by using the information combination of the checked functions.
As shown in fig. 1, the method specifically includes the following steps:
s1, abstracting each function Call point in a program code into a node Caller (Caller), a node Callee (Callee) and a directed edge of the Caller pointing to the Callee, and collecting the Call nodes and the Call edges of a whole program as a function Call Graph (Call Graph) of the program;
the function call graph represents a call relation graph among functions in a program, nodes in the graph are functions, and directed edges represent the call relation among the functions.
S2, carrying out topological sorting on the function call graph to obtain a list with the dependence sequence of the functions in a reverse order;
as shown in fig. 2, the topological sorting order is not unique, and can represent a dependency order; the checker set to be checked is also a directed graph relation which can be topologically sorted, for example, both the USE _ enter _ FREE and the FORWARD _ NULL depend on the DEREF _ POINTER, and the checker set is also sorted to obtain a checker list.
S3, dividing the function call graph into a function unit and a checker unit according to the reverse order, sequentially performing traversal calculation on the function unit and the checker unit, and completing the analysis after complete traversal is completed;
further, the method specifically comprises the following steps:
1) The function unit can be divided into two parts, namely a calculation part and a control part, wherein the calculation part is used for calculating data, and the control part is used for calculating the control conditions of the branch flow. The invention can exhaust all possible control conditions and can obtain the complete possible execution path and execution result of the function by performing simulation calculation on data.
2) The branches are selected to be in a tree structure, namely, only the last branch is switched when the branches are switched each time, and the calculation results of the previous branches can be reused without being influenced. The results of the previous computations can be cached down in a stack for reuse by branches on subsequent reachable paths, as can be seen in fig. 3.
3) Each function can obtain the following results through simulation calculation:
executing the constraint condition set on the branch 1+ the calculation result set of the branch 1;
executing the constraint condition set on the branch 2+ the calculation result set of the branch 2;
executing the constraint condition set on the branch 3+ the calculation result set of the branch 3;
...。
4) For the calculation result of each complete branch path, the invention calculates the constraint condition of the constraint condition set on the branch, namely, whether the path can be reached or not can be known, and the path can be reached under what constraint condition. This step can be solved using a general constraint solver.
5) And calculating whether the constraint condition of the calculation result set of the branch is reachable or not, wherein the result is the calculation result of the checker.
The specific analysis and calculation of the checker is implemented according to the service logic of each check item, and as an example of a service, the released memory (USE _ enter _ FREE) checker:
in a C/C + + program, a memory exception may occur with repeated references to released memory, causing a program crash. The service logic of the checker looks up whether there is a possibility of this problem occurring in the possible execution branch path. According to the service scene, the memory state can be abstracted into three limited types: undefined, allocated, released, and representing transitions of these several states in a finite state machine. The computing part is the transfer mode of the abstract state and the illegal transfer operation generating the exception. For example, in the C + + code check, the following table shows:
Figure BDA0003967614330000061
other inspection services may refer to this example to similarly model and compute the content and code semantics to be inspected.
S4, the steps ensure the dependence sequence of the function unit to be checked and the checker unit, and the subsequent calculation unit can directly utilize the result of the analyzed part and put the result into a cache file. The checking service calculation process of each unit has a cache operation: storing the intermediate result of the calculation through a stack for subsequent dependence calculation, and searching the intermediate cache result depended by the calculation;
the checker design is realized by extracting common basic components to upper layer dependence, which is similar to inheritance mode in object-oriented programming. For example, the design USEs the released memory (USE _ enter _ FREE) checker as two layers: pointer dereferencing (base layer), using freed memory (logical layer). The basic layer finishes basic information extraction, and the logic layer finishes the service logic of specific defects according to the service logic of the released memory. And the base layer can be reused at other checkers, such as pointer dereferencing (base layer) can also be provided to the NULL pointer dereferencing checker for use (FORWARD _ NULL).
The intermediate result simulates the execution result of simulation on a certain executable path, the execution result of different branches is different, and the execution information of one branch depends on the execution of the last reachable branch. The invention realizes the relation in a stack mode, when the simulation execution reaches a conditional branch, each branch condition newly creates a stack frame, such as branch condition one, and intermediate information contained in the subsequent branch condition is stored in the stack frame. And after the first branch condition is executed, popping up the stack frame of the first branch condition, and pushing in the stack frame of the second branch condition to reciprocate. This allows finding only the information of the executable branch, which is also referred to as path-sensitive information in the static analysis.
As shown in fig. 3, each individual type check calculation intermediate information is the result information generated after simulation execution of a certain statement of the program, and can be represented as a mapping structure: < check type, < statement number, statement execution information > >; and context dependency relationships exist among the sentences, for example, expressed as (sentence number 1, sentence number 5.... And sentence number n), all related sentences can be associated and extracted according to the dependency relationships.
The intermediate cache result data format is dictionary (key, value set pair), the dictionary key stores the code tree position corresponding to the information, and the value stores the whole information event stream list associated with the code tree. The calculation process of each check item unit applied to each function unit is a gradual extraction process of code content from syntactic information to semantic information. Such as the NULL pointer dereference checker (FORWARD _ NULL), the base unit first extracts the syntax information to find out which variables are involved in the pointer operation. On the basis, the subsequent checker directly utilizes the part of syntactic information to perform semantic logical calculation (the calculation process is generally symbol execution commonly used in static analysis, and a constraint solving method can be specifically referred to final annotation), so as to generate new information. And inserting the generated new information into the dictionary set. The information flow in the dictionary set is ordered and represents the complete event flow generated by the defect.
And the intermediate result of each check item unit applied to each function unit is stored in a local disk persistent mode.
The intermediate results that each check term unit applies to each function unit computation may be multiplexed for dependent check term units and dependent function units. The reason is that the content of the function is not changed, and the content of the function-dependent call is not changed, and the analysis result of the analyzer for this function is not changed. The characteristic can be used for realizing incremental analysis and cross-library analysis, and the analysis efficiency is improved. The storage format and medium have no explicit requirements, and the dependent intermediate results can be inquired in the subsequent analysis of other units. However, in order to meet the requirements of incremental analysis, offline analysis, and multiplexing, persistent storage media, such as files or databases, are proposed.
And S5, solving and judging whether a defect condition is met or not according to all the related statement numbers and statement execution information which are inquired in the cache and the statement execution information and according to the statement execution information, and generating a defect result if the defect condition is met.
Furthermore, the defect condition is the abstraction of the program semantics according to the content of the checker, and is expressed as a group of constraint condition symbols in mathematical logic, and finally, the constraint condition is judged by constraint solving; constraint solving mainly solves the defect condition and the branch condition in a case, and the constraint is carried out in advance in a branch stage to reduce the calculation of an unreachable branch, or the branch condition is calculated in a final defect generation stage to reduce the calculation amount of the branch condition. The constraint solving tool may be considered to be implemented using an open source scheme, such as microsoft Z3, etc.
Another embodiment of the invention relates to an ordered, enhanced and cacheable symbol execution static analysis system, which comprises an ordering preparation module, an ordered traversal module, a cache management module and an inspection calculation module;
further, the sort preparation module: the system comprises a function calling point, a node callee, a function calling graph and a function calling graph, wherein the function calling point is used for abstracting each function calling point in a program code into a node caller, a node callee and a directed edge of the caller pointing to the callee, the calling nodes and the calling edges of a whole program are collected into the function calling graph of the program, and the function calling graph is subjected to topological sorting to obtain a list with the dependence order of functions being in a reverse order;
further, the ordered traversal module: the function call graph is divided into a function unit and a checker unit according to the reverse order sequence, and the function unit and the checker unit are sequentially traversed and calculated, and the analysis is completed after the complete traversal is completed;
further, the cache management module: the intermediate result of the calculation is stored through a stack for subsequent dependence calculation, and the intermediate cache result depended by the calculation is searched;
further, the inspection calculation module: and solving and judging whether the defect condition is met or not according to all the related statement numbers and statement execution information which are inquired in the cache and the statement execution information, and generating a defect result if the defect condition is met.
Further, the ordered traversal module comprises a function analysis unit and a checker analysis unit;
wherein the function analysis unit: the function call graph is used for dividing the function in the function call graph into a plurality of independent function units, the branch of each function unit is an independent execution path, the depth-first order traversal is adopted, and the analysis of the function unit is completed by traversing the completed branch path;
an inspector analysis unit: the function call graph sorting module is used for splitting all inspectors in the function call graph according to functions, realizing the inspectors as units organized by taking the functions as units, repeatedly executing the sorting preparation module on the functions realized by each inspector unit, sequentially obtaining the function call graphs of all the inspector units and an inspector function list with a dependent sequence, and sequentially analyzing and calculating the program functions by the inspectors according to the dependent sequence.
Yet another embodiment of the invention relates to a computer-readable storage medium, on which a computer program is stored which, when being executed by a processor, carries out the steps of the static analysis method.
Wherein the computer program comprises computer program code, which may be in the form of source code, object code, an executable file or some intermediate form, etc. The computer-readable medium may include: any entity or device capable of carrying the computer program code, recording medium, usb disk, removable hard disk, magnetic disk, optical disk, computer Memory, read-Only Memory (ROM), random Access Memory (RAM), electrical carrier wave signals, telecommunications signals, software distribution medium, and the like. It should be noted that the computer readable medium may contain content that is subject to appropriate increase or decrease as required by legislation and patent practice in jurisdictions, for example, in some jurisdictions, computer readable media does not include electrical carrier signals and telecommunications signals as is required by legislation and patent practice.
Yet another embodiment of the present invention relates to a terminal device, which includes a memory and a processor, wherein the memory stores a computer program, and the processor implements the steps of the static analysis method when executing the computer program.
The foregoing is illustrative of the preferred embodiments of the present invention, and it is to be understood that the invention is not limited to the precise form disclosed herein and is not to be construed as limited to the exclusion of other embodiments, and that various other combinations, modifications, and environments may be used and modifications may be made within the scope of the concepts described herein, either by the above teachings or the skill or knowledge of the relevant art. And that modifications and variations may be effected by those skilled in the art without departing from the spirit and scope of the invention as defined by the appended claims.

Claims (9)

1. An ordered, enhanced, cacheable method of performing static analysis on symbols, comprising: the static analysis method comprises the following steps:
s1, abstracting each function call point in a program code into a node caller, a directed edge pointing to a callee by the node caller and the caller, and gathering the call node and the call edge of a whole program into a function call graph of the program;
s2, carrying out topological sorting on the function call graph to obtain a list with the dependence sequence of the functions in a reverse order;
s3, dividing the function call graph into a function unit and a checker unit according to the reverse order, sequentially performing traversal calculation on the function unit and the checker unit, and completing the analysis after complete traversal is completed;
s4, storing the intermediate result of the calculation through a stack for subsequent dependence calculation, and searching the intermediate cache result depended by the calculation;
and S5, solving and judging whether the defect condition is met or not according to all the related statement numbers and statement execution information inquired in the cache and the statement execution information, and generating a defect result if the defect condition is met.
2. The method of claim 1, wherein the method further comprises: the step S3 specifically comprises the following steps:
dividing the function in the function call graph into a plurality of independent function units, wherein the branch of each function unit is an independent execution path, traversing by adopting a depth-first order, and completing the analysis of the function unit by traversing the completed branch path;
and splitting all inspectors in the function call graph according to functions to realize units organized by taking the functions as a unit, repeatedly executing the steps S1 and S2 on the functions realized by each inspector unit, sequentially obtaining the function call graphs of all the inspector units and an inspector function list with a dependence order, and sequentially analyzing and calculating the program functions by the inspectors according to the dependence order.
3. The method of claim 2, wherein the method further comprises: the checker comprises a base layer and a logic layer, wherein the base layer is used for extracting base information and can be reused in other checkers; and the logic layer is used for completing the service logic with specific defects according to the use of the released memory service logic.
4. The method of claim 1, wherein the method further comprises: the stack storage includes: when the simulation execution reaches a conditional branch, each branch condition newly creates a stack frame, intermediate information contained in the subsequent branch condition is stored in the stack frame, after the current branch condition is executed, the stack frame of the branch condition is popped up, the stack frame of other branch conditions is switched to, and accordingly, the stack frame set in the stack is complete information when the branch condition is reached.
5. The method of claim 2 for performing static analysis of ordered, enhanced, cacheable symbols, wherein: the defect condition is obtained by abstracting the program semantics according to the content of the checker, representing the program semantics as a group of constraint condition symbols in mathematical logic, and finally judging the group of constraint conditions by constraint solving; constraint solving mainly solves the defect condition and the branch condition in a case, and the constraint is carried out in advance in a branch stage to reduce the calculation of an unreachable branch, or the branch condition is calculated in a final defect generation stage to reduce the calculation amount of the branch condition.
6. An ordered, enhanced, cacheable symbolic execution static analysis system, comprising: the system comprises a sequencing preparation module, an ordered traversal module, a cache management module and an inspection calculation module;
the sort preparation module: the system comprises a function calling point, a node callee, a function calling graph and a function calling graph, wherein the function calling point is used for abstracting each function calling point in a program code into a node caller, a node callee and a directed edge of the caller pointing to the callee, the calling nodes and the calling edges of a whole program are collected into the function calling graph of the program, and the function calling graph is subjected to topological sorting to obtain a list with the dependence order of functions being in a reverse order;
the ordered traversal module: the function call graph is divided into a function unit and a checker unit according to the reverse order, and the function unit and the checker unit are sequentially traversed and calculated, and the analysis is completed after complete traversal is completed;
the cache management module: the device is used for storing the intermediate result of the calculation through a stack for subsequent dependence calculation and searching the intermediate cache result depended by the calculation;
the inspection calculation module: and solving and judging whether the defect condition is met or not according to all the related statement numbers and statement execution information which are inquired in the cache and the statement execution information, and generating a defect result if the defect condition is met.
7. The system of claim 6, wherein the system further comprises: the ordered traversal module comprises a function analysis unit and a checker analysis unit;
the function analysis unit: the function call graph is used for dividing functions in the function call graph into a plurality of independent function units, the branch of each function unit is an independent execution path, the depth-first order traversal is adopted, and the analysis of the function unit is completed by traversing the completed branch path;
the checker analysis unit: the function call graph sorting module is used for splitting all inspectors in the function call graph according to functions, realizing the inspectors as units organized by taking the functions as units, repeatedly executing the sorting preparation module on the functions realized by each inspector unit, sequentially obtaining the function call graphs of all the inspector units and an inspector function list with a dependent sequence, and sequentially analyzing and calculating the program functions by the inspectors according to the dependent sequence.
8. A computer-readable storage medium having stored thereon a computer program, characterized in that: the computer program when being executed by a processor realizes the steps of the static analysis method as set forth in any one of the claims 1-5.
9. A terminal device comprising a memory and a processor, the memory having stored thereon a computer program, characterized in that: the processor, when executing the computer program, performs the steps of the static analysis method of any of claims 1-5.
CN202211504336.2A 2022-11-28 2022-11-28 Ordered, enhanced and cacheable symbol execution static analysis method and system Pending CN115827444A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202211504336.2A CN115827444A (en) 2022-11-28 2022-11-28 Ordered, enhanced and cacheable symbol execution static analysis method and system

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202211504336.2A CN115827444A (en) 2022-11-28 2022-11-28 Ordered, enhanced and cacheable symbol execution static analysis method and system

Publications (1)

Publication Number Publication Date
CN115827444A true CN115827444A (en) 2023-03-21

Family

ID=85532333

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202211504336.2A Pending CN115827444A (en) 2022-11-28 2022-11-28 Ordered, enhanced and cacheable symbol execution static analysis method and system

Country Status (1)

Country Link
CN (1) CN115827444A (en)

Similar Documents

Publication Publication Date Title
CN109697162B (en) Software defect automatic detection method based on open source code library
CN111459799B (en) Software defect detection model establishing and detecting method and system based on Github
Rattan et al. Software clone detection: A systematic review
US10606570B2 (en) Representing software with an abstract code graph
US10394694B2 (en) Unexplored branch search in hybrid fuzz testing of software binaries
CN112394942B (en) Distributed software development compiling method and software development platform based on cloud computing
Brown et al. Clone detection and elimination for Haskell
CN116629330B (en) Operator detection method and device and computer equipment
CN104885060B (en) Data leakage updates and checks that the leakage of device, data updates inspection method
CN115827444A (en) Ordered, enhanced and cacheable symbol execution static analysis method and system
US7210128B2 (en) Event-driven observability enhanced coverage analysis
CN112395199B (en) Distributed software instance testing method based on cloud computing and software development platform
CN113536316B (en) Method and device for detecting component dependency information
CN114791865A (en) Method, system and medium for detecting self-consistency of configuration items based on relational graph
CN114492366A (en) Binary file classification method, computing device and storage medium
CN113626823A (en) Reachability analysis-based inter-component interaction threat detection method and device
CN113177191A (en) Firmware function similarity detection method and system based on fuzzy matching
Zhang et al. Software Crucial Functions Ranking and Detection in Dynamic Execution Sequence Patterns
CN112230895A (en) EL expression analysis method, device, equipment and storage medium
Liu et al. PTDETECTOR: An Automated JavaScript Front-end Library Detector
CN113568662B (en) Code change influence range analysis method and system based on calling relation
CN116302074B (en) Third party component identification method, device, equipment and storage medium
CN117632012A (en) Data lake data storage method, device, equipment and medium based on storage stripping
CN117311673A (en) Data processing system, method, equipment and computer readable storage medium
CN115729752A (en) Register checking method and device and storage medium

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination