A Fault Detection Method for Integer Overflow Based on Metamorphic Relations

A technology of integer overflow and transformation relationship, applied in the field of software testing, can solve the problems of restricting the application field of dynamic testing and difficult test case execution results, and achieve the effect of low false positive rate, low false negative rate and accurate detection.

Active Publication Date: 2017-10-03
PLA UNIV OF SCI & TECH
View PDF2 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

However, there are difficulties in how to design effective test cases and how to judge whether the test case execution results are correct
These two problems greatly limit the application field of dynamic testing in integer overflow fault detection

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • A Fault Detection Method for Integer Overflow Based on Metamorphic Relations
  • A Fault Detection Method for Integer Overflow Based on Metamorphic Relations
  • A Fault Detection Method for Integer Overflow Based on Metamorphic Relations

Examples

Experimental program
Comparison scheme
Effect test

Embodiment approach

[0037] A kind of integer overflow fault detection method based on metamorphosis relation of the present invention, comprises the following steps:

[0038] The first step is to conduct a static test on the source code of the program under test, and identify the integers that may cause integer overflow as integer overflow checkpoints. Static detection is performed on the source code of the program under test by using the existing static testing tool in the prior art, and the source code statement of the program source code referring to an integer that may cause integer overflow in the source code of the program under test is marked as an integer overflow checkpoint. . For the detection and calibration of statements that refer to integers in the source code of the program under test, the existing static test method is used to detect whether there are statements that may cause integer overflow in the source code of the program under test using existing static test tools , and ide...

Embodiment

[0066] Such as figure 1 As shown, the flow chart of the integer overflow fault detection method based on metamorphosis test is given. In order to describe the implementation process of the present invention in detail and clearly, this example takes a section of code in the program OpenSSH3.3 as an example as the program under test for related description. The program under test is a free and open-source implementation of the SSH protocol, which can be used to remotely control or transfer files between computers. If an integer overflow fault occurs in the program under test, it is very likely to lead to unsafe access. Dynamically detects whether it will fail on integer overflow.

[0067] The source code segment of the program under test in this example is as follows:

[0068]

[0069] Next, the method of the present invention will be described step by step for the detection of whether the integer in the above-mentioned source code segment of the program under test will ov...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses an integer overflow fault detection method based on a transformation relationship. First, a static test tool is used to perform static detection on a program under test, and an integer variable in which integer overflow may occur is preliminarily determined, and is marked as an integer overflow check. point; then, the integers referenced by the integer-definition statement and the integer-use statement are identified based on a "definition-use" model containing the list of integer-definition statements and the list of integer-use statements that cause the integer overflow fault. Overflow integer, if the overflow integer has the dangerous use of the integer expressed in the statement list, it will be identified as a dangerous integer; finally, before the statement of the source code of the tested program that refers to the dangerous integer is executed, the transformation test method is adopted. Detects whether an integer overflow fault occurs for the dangerous integer. Through the method of the present invention, an accurate and effective method is provided for the detection of integer overflow faults.

Description

technical field [0001] The invention relates to integer overflow fault detection in software, in particular to an integer overflow fault detection method based on metamorphic relations, which belongs to the field of software testing. Background technique [0002] Integer overflow faults are considered to be an important factor affecting the security of software systems. In order to detect the occurrence of such a failure, there are generally two methods. The first is static testing, also known as static review, through which some static review tools are used to review program source code or binary code according to set rules. The biggest advantage of this method is that it can be implemented automatically, avoiding manual participation, and improving the feasibility of the method. But its biggest disadvantage is the high rate of false alarms, that is, it will generate a large number of false failures. Because the defects or failures obtained through the static review tool...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Patents(China)
IPC IPC(8): G06F11/36
Inventor 惠战伟黄松李辉任正平胡斌余沛毅
Owner PLA UNIV OF SCI & TECH
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap