Unlock instant, AI-driven research and patent intelligence for your innovation.

Method and device for analyzing safety defects of software source code

A defect analysis and source code technology, applied in the direction of software testing/debugging, etc., can solve the problems of different standards, not being included, not adapting to the reality of code review, etc., to achieve the effect of strong intuition and conducive to development

Active Publication Date: 2015-06-17
CHINA INFORMATION TECH SECURITY EVALUATION CENT
View PDF3 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

The existing taxonomy generally includes defect types found by dynamic testing and document defects, etc., but these defect types are not the focus of review in code review
[0006] (2) Some defect types in the code defect classification do not adapt to the current code review situation, while some new code defect types are not included
[0007] (3) At present, there are many types of source code defect classifications, and the standards are different, each with its own deficiencies
There is no specific, more careful and complete classification for source code defects

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Method and device for analyzing safety defects of software source code
  • Method and device for analyzing safety defects of software source code
  • Method and device for analyzing safety defects of software source code

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0033] In order to describe the technical content, structural features, achieved goals and effects of the present invention in detail, the following will be described in detail in conjunction with the embodiments and accompanying drawings.

[0034] Source code, also called source program, refers to uncompiled text code. is a series of human-readable computer language instructions.

[0035] We can understand it as source code, just take the webpage we are currently seeing as an example. In fact, it is composed of a lot of source code. Through our IE (Microsoft Internet Explorer) browser (or server) Translated into what we see now.

[0036] Source code is code written in assembly language and high-level language. The main target is for developers; the applications we usually use are released after source code compilation and packaging, and the final result presented is for users and final customers.

[0037] With the continuous innovation and development of Internet applicati...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses a method analyzing safety defects of a software source code. The method comprises step one, setting multiple defect data groups of defect types of the source code; step two, calling the source code and analyzing defect cause, result and representation form; step three, judging whether the defect cause, result and representation form are in the defect data groups, entering a step four if the defect cause, result and representation form are in the defect data groups, entering a step thirty-one if the defect cause, result and representation form are not in the defect data groups, and adding the defect cause and / or result and / or representation form into the defect data groups; and step four, generating and displaying the defect cause, result and representation form. The invention further discloses a device for analyzing the safety defects of the software source code. The device enables the defects detected by different tools to be described through the uniform scale so that the description is clear, specific and strong in visible performance.

Description

technical field [0001] The invention relates to the field of source code detection, in particular to a method and device for analyzing security defects of software source codes. Background technique [0002] With the continuous deepening of social informatization, people have to face increasingly prominent information security issues. Studies have shown that a considerable number of security problems are caused by the security loopholes in the software itself. A large number of defects introduced in the software development process are one of the important reasons for software vulnerabilities. [0003] Different software defects will have different consequences, and it is necessary to treat various types of defects differently, analyze the causes, study the degree of harm, and preventive methods. Establishing a relatively complete defect classification information can guide the prevention and repair of software security defects. [0004] Software defects are generally cla...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Patents(China)
IPC IPC(8): G06F11/36
Inventor 吴世忠郭涛王眉林郭恒童小刚
Owner CHINA INFORMATION TECH SECURITY EVALUATION CENT