Method and device for tracking variable objects

A technology of objects and variables, which is applied in the field of tracking methods and devices of variable objects, and can solve the problems of missed vulnerability reporting and inability to track variable objects, etc.

Active Publication Date: 2020-09-18
ALIBABA GRP HLDG LTD
View PDF5 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0004] The embodiment of the present application provides a method and device for tracking variable objects, so as to at least solve the technical problem that the variable objects cannot be tracked in the process of vulnerability scanning, resulting in missed vulnerability reports

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Method and device for tracking variable objects
  • Method and device for tracking variable objects
  • Method and device for tracking variable objects

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0031] According to the embodiment of the present application, an embodiment of a method for tracking variable objects is also provided. It should be noted that the steps shown in the flow chart of the accompanying drawings can be executed in a computer system such as a set of computer-executable instructions, Also, although a logical order is shown in the flowcharts, in some cases the steps shown or described may be performed in an order different from that shown or described herein.

[0032] The method embodiment provided in Embodiment 1 of the present application may be executed in a mobile terminal, a computer terminal, or a similar computing device. Take running on a computer terminal as an example, figure 1 It is a network environment diagram of a computer terminal of a method for tracking variable objects in the embodiment of the present application. like figure 1 As shown, the computer terminal 10 may include one or more (only one is shown in the figure) processors 1...

Embodiment 2

[0100] According to an embodiment of the present application, there is also provided a variable object tracking device for implementing the above variable object tracking method, Figure 5 is a schematic diagram of a variable object tracking device according to an embodiment of the present application, such as Figure 5 As shown, the device includes:

[0101] The search unit 51 is configured to find the first operation statement of the variable object when performing vulnerability search based on the control flow graph of the detected program, wherein the first operation statement is used to instruct the variable object to perform value assignment and value operation.

[0102] The acquiring unit 52 is configured to acquire a statement set of a variable object from a pre-collected variable information set, wherein the statement set includes a plurality of second operation statements, wherein the second operation statement indicates that the operation performed on the variable o...

Embodiment 3

[0127] Embodiments of the present application may provide a computer terminal, and the computer terminal may be any computer terminal device in a group of computer terminals. Optionally, in this embodiment, the foregoing computer terminal may also be replaced with a terminal device such as a mobile terminal.

[0128] Optionally, in this embodiment, the foregoing computer terminal may be located in at least one network device among multiple network devices of the computer network.

[0129]The method embodiment provided in Embodiment 1 of the present application may be executed in a mobile terminal, a computer terminal, or a similar computing device. Take running on a computer terminal as an example, Figure 10 It is a block diagram of the hardware structure of a computer terminal of a variable object tracking method in the embodiment of the present application. Such as Figure 10 As shown, the computer terminal 10 may include one or more (only one is shown in the figure) pro...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses a tracking method and device of a variable object. The method comprises the following steps: when carrying out bug search on a control flow diagram based on a detected program, finding out a first manipulation language of the variable object, wherein the first manipulation statement is used for indicating to carry out assignment operation and valuing operation on the variable object; obtaining a statement set of the variable object from a pre-collected variable information set, wherein the statement set comprises a plurality of second manipulation statements, and manipulation which is indicated by the second manipulation statements and is carried out on the variable object is opposite to manipulation which is indicated by the first manipulation statement and is carried out on the variable object; determining a third manipulation statement, having function calling relation with the first manipulation statement, in the plurality of second manipulation statements according to the control flow diagram; by taking a statement position of the determined third manipulation statement as a starting point, tracking the variable object. By adopting the tracking method and device of the variable object, the technical problem that missed reports of bugs are caused by the fact that the variable object cannot be tracked in a bug scanning process is solved.

Description

technical field [0001] The present application relates to the field of data processing, in particular, to a method and device for tracking variable objects. Background technique [0002] In the prior art, in the static scanning of Android Package (Android installation package, APK) vulnerabilities, the APK of a program to be detected is usually decompiled into some intermediate language, and then the static scanning is realized by performing vulnerability scanning on the intermediate language analysis , wherein, in the process of parsing the intermediate language, a relatively common scenario is to trace the flow path of a certain register in the program. If the value of the register comes from the local variable object, it is easier to track, but if the value of a register passes through the class member variable object or static variable object in the flow path, it is difficult to be tracked. Because a variable object of this type may be assigned at any location in the AP...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Patents(China)
IPC IPC(8): G06F21/56
CPCG06F21/562G06F2221/033
Inventor 陈晋福
Owner ALIBABA GRP HLDG LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap