Method and device for detecting security flaws of source files

A detection method and technology of a detection device, which are applied in the field of software security, can solve the problems of consuming test system resources, complexity, and low code testing efficiency, and achieve the effects of saving test system resources, simplifying processing procedures, and improving code scanning efficiency.

Active Publication Date: 2013-03-06
BAIDU ONLINE NETWORK TECH (BEIJIBG) CO LTD
View PDF4 Cites 39 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

This kind of detection method by building an abstract syntax tree, and then traversing the abstract syntax tree for backtracking algorithm, and finally finding a user-controllable path is relat...

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Method and device for detecting security flaws of source files
  • Method and device for detecting security flaws of source files
  • Method and device for detecting security flaws of source files

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0041] In order to make the object, technical solution and advantages of the present invention clearer, the present invention will be described in detail below in conjunction with the accompanying drawings and specific embodiments.

[0042] like figure 1 As shown, it is a flow chart of the detection method of the source file security vulnerability of the present invention, the method scans the source files one by one, and performs the following steps on the currently scanned source files:

[0043] S101. Perform lexical analysis on the source file.

[0044] The lexical analysis is a scanning process that converts the character sequence of the source file into a token (Token) sequence, so as to perform the next step of grammatical analysis. Among them, Token represents the character sequence of the information unit in the source file, similar to words in natural language, and is the smallest unit that constitutes the source file, including basic characters, identifiers, constan...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention provides a method and a device for detecting security flaws of source files. The method includes scanning the source files one by one and executing steps on the scanned source files including subjecting the source files to lexical analysis and grammatical analysis, performing variable identification operation and risk point identification operation in the process of the lexical analysis, wherein the variable identification operation includes identifying variables and storing identified variables; the risk point identification operation includes identifying risk points, backtracking the stored variables by means of parameters of the risk points which are identified, and if the parameters of the risk points can be backtracked to an importable point, considering the risk point is potential risk points to cause security flaws when without security function processing in the process of backtracking. Compared with the prior art, the method for detecting security flaws of the source files has no need to build up an abstract syntax tree, processing procedures are simplified, resources of a testing system are saved, and code scanning efficiency is improved.

Description

【Technical field】 [0001] The invention relates to the technical field of software security in information security, in particular to a detection method and detection device for source file security loopholes. 【Background technique】 [0002] Existing methods for detecting security vulnerabilities in source files usually scan and analyze the source code to establish its corresponding abstract syntax tree (AST), and according to the pre-defined maneuverable points and risk points, in the established abstract syntax tree Search the execution path between the controllable point and the risk point to find potential risks that may lead to security breaches. If the risk point on the execution path can be controlled by the maneuverable point on the execution path, then determine the execution path as a potentially risky execution path that may lead to a security breach. This kind of detection method by building an abstract syntax tree, and then traversing the abstract syntax tree fo...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): G06F21/57
Inventor 计东
Owner BAIDU ONLINE NETWORK TECH (BEIJIBG) CO LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap