公开(公告)号：US20170220807A1

公开(公告)日：2017-08-03

申请号：US15500532

申请日：2014-08-29

Applicant: HEWLETT PACKARD ENTERPRISE DEVELOPMENT LP

Inventor： Alvaro Munoz ,  Yekaterina O'Neil

IPC: G06F21/57 ,  G06F9/44

CPC classification number: G06F21/577 ,  G06F8/75 ,  G06F11/3604 ,  G06F16/289 ,  G06F2221/033

Abstract: Example implementations relate to static program analysis. For example, an apparatus includes a processor to perform static program analysis on a set of processor executable instructions associated with an object-relational mapping (ORM) framework. The first set of processor executable instructions includes an object. The processor is also to generate a propagation path of the object based on an execution flow of the object. The propagation path includes a first node and a second node. The first node corresponds to a first ORM operation to store the object in a database. The second node corresponds to a second ORM operation to retrieve the object from the database. The second node is linked to the first node based on a common attribute of the object. In response to a determination that the propagation path includes a sink, the processor is to output a security risk warning.

公开(公告)号：US10546132B2

公开(公告)日：2020-01-28

申请号：US15500531

申请日：2014-09-30

Applicant: HEWLETT PACKARD ENTERPRISE DEVELOPMENT LP

Inventor： Alvaro Munoz ,  Yekaterina O'Neil

IPC: H04L29/06 ,  G06F21/57 ,  G06F11/36

Abstract: In one implementation, a static analysis system can include an operator engine to identify a modification operation on a string based on a structural comparison of program code to a static analysis rule, a label engine to maintain a label with the string based on the static analysis rule, and a sink engine to identify that the label denotes a string property and provide an analysis message associated with the string property based on the label.

公开(公告)号：US20170220806A1

公开(公告)日：2017-08-03

申请号：US15500531

申请日：2014-09-30

Applicant: HEWLETT PACKARD ENTERPRISE DEVELOPMENT LP

Inventor： Alvaro Munoz ,  Yekaterina O'Neil

IPC: G06F21/57 ,  G06F11/36

Abstract: In one implementation, a static analysis system can include an operator engine to identify a modification operation on a string based on a structural comparison of program code to a static analysis rule, a label engine to maintain a label with the string based on the static analysis rule, and a sink engine to identify that the label denotes a string property and provide an analysis message associated with the string property based on the label.