A Guided Symbolic Execution Method Based on Static Path Analysis

A technology of guiding symbols and static paths, applied in the field of guided symbol execution based on static path analysis, which can solve problems such as difficulty in quickly reaching the target code, limited symbol execution technology, and path explosion

Active Publication Date: 2017-08-25
中国人民解放军总参谋部第五十四研究所 +1
View PDF3 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

However, the symbolic execution technology is limited and the path explosion problem makes it difficult to quickly reach the specified target code

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • A Guided Symbolic Execution Method Based on Static Path Analysis

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0025] The present invention will be described in detail below in conjunction with specific examples, but the present invention is not limited thereto.

[0026] First, it is necessary to determine the target of the detection through static analysis, that is, to find the code (or instruction) related to memory allocation in the target program. To this end, it is necessary to obtain the path-related functions and basic blocks from the program start point to the specified code point, and calculate the weight of these functions and basic blocks according to the path accessibility and distance, forming a weighted source-target based on code basic blocks directed graph.

[0027] After the weight of the function / basic block path is determined, the actual reachable path is found through symbolic execution. By adopting the heuristic guiding symbol execution technology, the reachable path of static analysis with large weight can be preferentially selected for traversal, reducing the co...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention provides a guided symbol execution method based on static path analysis, which can quickly reach the position of the specified code, and provide the test input to reach the target code. Step 1: First, determine the detection target through static analysis, and find the code or instructions related to memory allocation in the target program; Step 2, obtain the path-related functions and basic blocks from the program starting point to the specified code point, and determine the path accessibility according to the path. Calculate the weights of these functions and basic blocks with distances and distances; step 3, preferentially select the static analysis reachable paths with large weights to traverse; step 4, static path analysis; step 5, correlate the paths obtained by static path analysis Function and basic block information are placed in Paths[funcs, bbs], all target instructions to be analyzed are stored in the Vector of allocCallInst, and all current path states are stored in states. When the symbolic execution engine executes the analysis on the target program, through the loop Interpret and execute the instructions in the program one by one.

Description

technical field [0001] The invention relates to a method for executing guidance symbols, in particular to a method for executing guidance symbols based on static path analysis. Background technique [0002] Symbolic execution is a kind of analysis of the program by treating the input data as a symbolic value and simulating the program execution. During the execution process, the constraint conditions of the path are formed by using the quantifier-free first-order formula to form a constraint expression. [0003] Although symbolic execution technology was proposed thirty years ago, a large number of researchers have been enthusiastic about it in recent years, especially in software security analysis, symbolic execution technology has been used to generate high-coverage test cases, find bugs in programs, etc. Deep bugs, automatic attack code generation, and more. Symbolic execution techniques have been implemented in various tools in both academic laboratories and industry. ...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Patents(China)
IPC IPC(8): G06F11/36
Inventor 肖奇学陈渝张知皦史元春郭世泽茅俊杰吴志勇肖络元赵静
Owner 中国人民解放军总参谋部第五十四研究所
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap