Unlock instant, AI-driven research and patent intelligence for your innovation.

A Java taint analysis method based on rule definition

A taint analysis, java language technology, applied in the field of source code analysis, can solve problems such as difficult analysis

Active Publication Date: 2022-07-01
湖南泛联新安信息科技有限公司
View PDF0 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

For example, the native method provided by JNI in the Java language cannot be analyzed in depth, because the two sides of the JNI interface call layer are different programming languages: Java and C / C++ language, and the C / C++ programming language on the other side is generally Will be compiled into binary code, so it is quite difficult to analyze

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • A Java taint analysis method based on rule definition
  • A Java taint analysis method based on rule definition

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0016] In order to make those skilled in the art better understand the technical solutions of the present invention, the present invention will be further described in detail below with reference to the accompanying drawings.

[0017] like figure 1 As shown, a Java taint analysis method based on rule definition, the method includes the following steps:

[0018] S1. Define the rules of source points and sink points in the Java language to form formatting rules;

[0019] S2. Define the taint propagation rules of the Java language;

[0020] S3. According to the rules of source points and sink points in the Java language defined in step S1 and the taint propagation rules defined in step S2, construct a propagation path of each taint in the Java language to analyze the Java taint.

[0021] In this embodiment, the rules of the source point and the sink point in the Java language are first defined, and the taint propagation rules are defined at the same time, and then the propagati...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention specifically discloses a Java taint analysis method based on rule definition. The method includes: S1, defining rules for source points and sink points in Java language and forming formatting rules; S2, defining taint propagation rules in Java language ; S3, according to the rules of the source point and the sink point in the Java language defined in step S1 and the taint propagation rules defined in step S2, construct the propagation path of each taint in the Java language to analyze the Java taint. By defining the rules of the source point and the sink point in the Java language and the taint propagation rule, the invention constructs and tracks the taint propagation path in the Java language. The definition of rules and pass point rules are separated, making the taint propagation analysis customizable and extensible. Therefore, users can construct custom pollution analysis rules for Java taint analysis without knowing the core technology of static analysis. .

Description

technical field [0001] The invention relates to the technical field of source code analysis, in particular to a Java stain analysis method based on rule definition. Background technique [0002] Most of the existing taint analysis technologies are based on pointer analysis technology. The pointer analysis technology mainly builds a pointer flow graph (PFG) for pointer variables, that is, builds a relationship graph for the reference passing / mutual reference relationship between pointer variables. There is a problem with this analysis, that is, when statically analyzing the source code, it encounters some nodes that cannot be directly entered into the function to continue the analysis. For example, the native method provided by JNI in the Java language cannot be further analyzed, because the two sides of the JNI interface call layer are different programming languages: Java and C / C++ languages, and the C / C++ programming languages ​​on the other side are generally Will be com...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Patents(China)
IPC IPC(8): G06F11/36G06F21/56
CPCG06F11/3604G06F21/563G06F2221/033
Inventor 王盛杨智霖欧鹏程
Owner 湖南泛联新安信息科技有限公司