Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Vulnerability analysis method and device for source code package, terminal and storage medium

A vulnerability analysis and code package technology, applied in the field of code auditing, can solve problems such as user data tampering, code auditors being unable to discover source code vulnerabilities or hazard information more intuitively, and not knowing third-party component vulnerabilities or hazards, etc., to reduce Effects of Unpredictable Risk

Pending Publication Date: 2022-01-04
SECZONE TECH CO LTD
View PDF0 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

These flaws, errors or irrationality may be exploited intentionally or unintentionally, thereby adversely affecting the assets or operation of an organization, such as information systems being attacked or controlled, important information being stolen, user data being tampered with, and systems being used as A springboard for intrusion into other host systems, etc.
[0003] In related technologies, when many developers use some third-party components (jar packages), they do not know whether the third-party components used have loopholes or hazards, and it is easy to mistakenly use the loopholes or hazards in the source code. Three-party components
[0004] Regarding the related technologies mentioned above, the inventor believes that code auditors cannot intuitively discover hidden loopholes or hazard information in the source code, resulting in unpredictable risks in the process of using the source code

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Vulnerability analysis method and device for source code package, terminal and storage medium
  • Vulnerability analysis method and device for source code package, terminal and storage medium

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0046] In order to make the purpose, technical solutions and advantages of this application clearer, the following in conjunction with the attached Figure 1-2 And embodiment, this application is described in further detail. It should be understood that the specific embodiments described here are only used to explain the present application, not to limit the present application.

[0047] The embodiment of the vulnerability analysis terminal of the source code package of the present application will be further described in detail below in conjunction with the accompanying drawings.

[0048] Code audit is to check the security defects in the source code, check whether there are security risks in the source code of the program, or whether there are irregularities in the coding, and check and analyze the source code of the program one by one through automated tools or manual review, and find these sources. Security vulnerabilities caused by code flaws, with code revision measures...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention relates to the field of code auditing, in particular to a vulnerability analysis method and device for a source code package, a terminal and a storage medium, and the method comprises the following steps: obtaining jar package information in a source code; judging an introduction mode of the jar packet according to the jar packet information; and warning the risk information of the jar packet according to a preset scheme based on the introduction mode of the jar packet. According to the method and the device, a code auditor can intuitively find the risk information hidden in the jar package of the source code, so that a developer is urged to replace or upgrade by using another jar package, and the unpredictable risk existing in the process of using the source code is reduced.

Description

technical field [0001] The invention relates to the field of code auditing, in particular to a vulnerability analysis method, device, terminal and storage medium of a source code package. Background technique [0002] Vulnerabilities are weaknesses or flaws in hardware, software, protocol implementation or system security policies, which allow attackers to access or destroy the system without authorization. Vulnerabilities may come from flaws in application software or operating system design or errors in coding, or from design flaws in the process of business interaction or unreasonable logic flow. These flaws, errors or irrationality may be exploited intentionally or unintentionally, thereby adversely affecting the assets or operation of an organization, such as information systems being attacked or controlled, important information being stolen, user data being tampered with, and systems being used as A springboard for intrusion into other host systems, etc. [0003] In...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
IPC IPC(8): G06F21/56G06F21/57G06F21/51G06F9/445
CPCG06F21/563G06F21/51G06F9/445G06F21/577
Inventor 万振华
Owner SECZONE TECH CO LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com