Program vulnerability analysis method based on executable formal semantics of Go language

A vulnerability analysis and semantic technology, applied in the computer field, can solve problems such as insufficient semantic integrity of the Go language, analysis of program loopholes, etc., and achieve the effect of solving the insufficient semantic integrity of the Go language

Pending Publication Date: 2021-12-31
SOUTH CENTRAL UNIVERSITY FOR NATIONALITIES +1
View PDF0 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0012] The present invention proposes a program vulnerability analysis method based on the executable formal semantics of Go language, which is used to solve or at least part

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Program vulnerability analysis method based on executable formal semantics of Go language
  • Program vulnerability analysis method based on executable formal semantics of Go language
  • Program vulnerability analysis method based on executable formal semantics of Go language

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0045] In order to solve the technical limitations of Go language formal semantics in terms of comprehensiveness and verification, and for program vulnerability analysis in the prior art, the present invention proposes a program vulnerability analysis method based on rewriting logic executable formal semantics, Executable formal semantics are implemented in the K framework. First, based on the K framework, the language rules can be specified modularly and accurately represent the real concurrent programming language, which is especially suitable for the analysis of the concurrent language Go language. Second, the semantics in K have strict significance as an item rewriting system, Full formal proofs are supported. In fact, after the semantics are defined, first use the kompile tool to compile the semantics, the K framework will automatically generate the corresponding interpreter, and automatically support model checking and symbolic execution analysis for the program, and the...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention provides a program vulnerability analysis method based on executable formal semantics of a Go language, which comprises the following steps of: (1) studying an expanded barkes normal form officially given by the GO language, and providing a method for converting GO [EBNF] into a general barkes normal form in combination with a BNF grammar format supportable by a K framework to obtain GO [BNF]; (2) defining an executable semantic GO [KS] of the Go language based on rewriting logic by applying a K framework according to the characteristics of the GO [BNF] and the Go language; (3) analyzing the correctness of GO [KS] by adopting a method based on test cases, separately executing the test cases in the K framework and the IntelliJ IDEA tool, and analyzing the correctness of semantics by comparing the consistency of the results of the test cases; and (4) based on the K framework, searching vulnerabilities of the Go program by applying GO [KS]. Integrity of semantics of the Go language is improved, and analysis of program vulnerabilities is realized.

Description

technical field [0001] The invention relates to the field of computer technology, in particular to a program vulnerability analysis method based on Go language executable formal semantics. Background technique [0002] The Go language is an open-source compiled programming language launched by Google in 2009, also known as GOLang, developed from the C language and designed for concurrency. It not only has the simplicity and efficiency of C, but also the cross-platform, A series of advantages such as the convenience of python, and the efficient concurrency of programs can be realized based on coroutines (goroutines) and channels (channels), in which coroutines are responsible for executing codes, and channels are responsible for passing events between coroutines. For the assignment of coroutine tasks And scheduling is done by the runtime itself. In addition, the Go language also has a garbage collector, which can automate memory management. Its strong static typing feature a...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): G06F11/36G06F21/57
CPCG06F11/3688G06F21/577
Inventor 孟博刘琴王德军赵璨
Owner SOUTH CENTRAL UNIVERSITY FOR NATIONALITIES
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products