Method for analyzing memory security in C code by using data stream analysis algorithm

A technology of data flow analysis and algorithm analysis, which is applied in the field of data flow analysis algorithm and static analysis tool development, can solve memory safety problems and other problems, and achieve the effect of easy detection and memory safety

Pending Publication Date: 2022-03-08
上海那一科技有限公司
View PDF0 Cites 2 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

The core of Rust memory management is through ownership, which stipulates that each block of memory on the heap has only one ownership owner at the same time. Rust uses static analysis to accurately analyze the scope of each variable. When the scope of the ownership owner After the end, the memory space on the heap will be automatically released; while C needs to manually solve the application and release of the memory space on the heap, which is likely to cause many memory safety problems
[0003] Rust is relatively better than C in terms of memory safety, but most of the Linux kernel code is written in C and will not be changed to Rust in a short time

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Examples

Experimental program
Comparison scheme
Effect test

Embodiment

[0032] A method for analyzing memory safety in C code by using a data flow analysis algorithm, defining C language memory instructions as a formalized instruction set, and then performing the following operations,

[0033] Statically analyze the position where the code needs to be marked and add a mark to the corresponding pointer, and automatically add a mark to the code; the pointer includes two types of ownership and non-ownership.

[0034] Convert the C code into an abstract syntax tree (AST), check the type of each instruction in the abstract syntax tree, and make different modifications to the pointer authority transfer / borrowing statements involved in the abstract syntax tree, so that it can be used in static single assignment (SSA) is distinguished. This step is called annotation.

[0035] Linearize the abstract syntax tree to obtain the control flow graph in the form of static single assignment, analyze the data flow, and obtain the result of the convergent permissio...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention provides a method for analyzing memory security in a C code by using a data stream analysis algorithm. Defining an instruction into a formalized instruction set, and performing the following operations: statically analyzing a code demand and adding a mark to a pointer; codes are converted into an abstract syntax tree, type checking is carried out on each instruction, and related pointer permission transfer or borrowing statements are modified at the same time, so that the related pointer permission transfer or borrowing statements are distinguished in static single assignment; performing linearization on the abstract syntax tree to obtain a control flow graph in a static single assignment form, and performing data flow analysis to obtain a result of a convergent permission mapping table; and iterating the stabilized result by using a data flow analysis algorithm, and checking whether a memory security problem exists or not by using an error checking function. The method has the advantages that based on a series of common instructions related to the memory in the C language, the formalized instruction set is defined, a series of memory error detection methods are defined, and memory safety detection is facilitated.

Description

technical field [0001] The invention relates to the fields of data flow analysis algorithm and static analysis tool development, in particular to a method for analyzing the memory safety in C code by using the data flow analysis algorithm. Background technique [0002] Modern programming languages ​​have two ways to recover the memory space on the heap: one is that the user explicitly calls the memory recovery function in the code to release the memory manually; the other is to introduce an automatic garbage collection mechanism. The core of Rust memory management is through ownership, which stipulates that each block of memory on the heap has only one ownership owner at the same time. Rust uses static analysis to accurately analyze the scope of each variable. When the scope of the ownership owner After the end, the memory space on the heap will be automatically released; while C needs to manually solve the application and release of the memory space on the heap, which is li...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): G06F8/41
CPCG06F8/42
Inventor 贾枭孙振东
Owner 上海那一科技有限公司
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap