公开(公告)号：EP1627303A2

公开(公告)日：2006-02-22

申请号：EP04759886.7

申请日：2004-04-15

申请人： Ounce Labs, Inc.

发明人： BERG, Ryan, James ,  ROSE, Larry ,  PEYTON, John ,  DAHANY, John, J. ,  GOTTLIEB, Robert ,  REHBEIN, Chris

IPC分类号： G06F9/44

CPC分类号： G06F21/577 ,  G06F8/43 ,  G06F11/3604

摘要： A method and system detect vulnerabilities in source code. Source code (134) is processed by a parser (136) into an intermediate representation. Models (e.g., in the form of lattices) are derived (138) for the variables in the code and for the variables and/or expressions using in conjunction with routine calls. The models are then analyzed in conjunction with pre-specified rules in a vulnerability database (142), about the routines to determine (140) if the routine call possesses one or more pre-selected vulnerabilities.