公开(公告)号：US20120102474A1

公开(公告)日：2012-04-26

申请号：US12912382

申请日：2010-10-26

申请人： Shay Artzi ,  Ryan Berg ,  Yinnon A. Haviv ,  John T. Peyton, JR. ,  Marco Pistoia ,  Manu Sridharan ,  Babita Sharma ,  Omri Weisman ,  Robert Wiener

发明人： Shay Artzi ,  Ryan Berg ,  Yinnon A. Haviv ,  John T. Peyton, JR. ,  Marco Pistoia ,  Manu Sridharan ,  Babita Sharma ,  Omri Weisman ,  Robert Wiener

IPC分类号： G06F9/45

CPC分类号： G06F8/75

摘要： Systems and methods are provided for statically analyzing a software application that is based on at least one framework. According to the method, source code of the software application and a specification associated with the software application are analyzed. The specification includes a list of synthetic methods that model framework-related behavior of the software application, and a list of entry points indicating the synthetic methods and/or application methods of the software application that can be invoked by the framework. Based on the source code and the specification, intermediate representations for the source code and the synthetic methods are generated. Based on the intermediate representations and the specification, call graphs are generated to model which application methods of the software application invoke synthetic methods or other application methods of the software application. The software application is statically analyzed based on the call graphs and the intermediate representations so as to generate analysis results for the software application.

摘要翻译： 提供了系统和方法，用于静态分析基于至少一个框架的软件应用程序。 根据该方法，分析软件应用的源代码和与软件应用相关的规范。 该规范包括对软件应用程序的框架相关行为进行建模的综合方法列表，以及指示框架可以调用的软件应用程序的合成方法和/或应用方法的入口点列表。 基于源代码和规范，生成源代码和合成方法的中间表示。 基于中间表示和规范，生成调用图来模拟软件应用程序的哪些应用程序调用软件应用程序的合成方法或其他应用程序。 基于调用图和中间表示静态分析软件应用程序，以生成软件应用程序的分析结果。