摘要:
It is determined whether a plurality of screens to be sequentially displayed by a process of a program satisfies a specification without executing this program. A system of the present invention stores a first schema prescribing a specification of a first screen, a second schema prescribing a specification of a second screen, and an event switching the display by program from the first screen to the second screen. First, a partial program executed in response to an event generated during displaying the screen satisfying the first schema is extracted from a program on the basis of the first schema and the event. Next, an intermediate program for calculating a set of screens being displayed in response to an event generated during displaying screens in a set of screens satisfying the first schema from this set is generated on the basis of the partial program. Next, it is determined that these screens satisfy a specification on condition that the first screen satisfies the first schema and a set of screens obtained by applying the intermediate program to the first schema satisfies the second schema.
摘要:
It is determined whether a plurality of screens to be sequentially displayed by a process of a program satisfies a specification without executing this program. A system of the present invention stores a first schema prescribing a specification of a first screen, a second schema prescribing a specification of a second screen, and an event switching the display by program from the first screen to the second screen. First, a partial program executed in response to an event generated during displaying the screen satisfying the first schema is extracted from a program on the basis of the first schema and the event. Next, an intermediate program for calculating a set of screens being displayed in response to an event generated during displaying screens in a set of screens satisfying the first schema from this set is generated on the basis of the partial program. Next, it is determined that these screens satisfy a specification on condition that the first screen satisfies the first schema and a set of screens obtained by applying the intermediate program to the first schema satisfies the second schema.
摘要:
It is determined whether a plurality of screens to be sequentially displayed by a process of a program satisfies a specification without executing this program. A system of the present invention stores a first schema prescribing a specification of a first screen, a second schema prescribing a specification of a second screen, and an event switching the display by program from the first screen to the second screen. First, a partial program executed in response to an event generated during displaying the screen satisfying the first schema is extracted from a program on the basis of the first schema and the event. Next, an intermediate program for calculating a set of screens being displayed in response to an event generated during displaying screens in a set of screens satisfying the first schema from this set is generated on the basis of the partial program. Next, it is determined that these screens satisfy a specification on condition that the first screen satisfies the first schema and a set of screens obtained by applying the intermediate program to the first schema satisfies the second schema.
摘要:
A computer-implemented method, program product, and system for determining the validity of a string generated by a computer programming language program. The method includes: abstracting a constraint between variables extracted from a source code for a programming language, describing the constraint in M2L, and storing the constraint; and evaluating the validity of the string on an M2L solver on the basis of the constraint and a M2L specification to determine whether the string is safe or unsafe.
摘要:
Systems, methods and computer program products for string analysis with security labels for vulnerability detection. Exemplary embodiments include a method in a computer system configured to analyze security-labeled strings and to detect vulnerability, the method including receiving a program with security labels, translating the program into a static single assignment form, constructing a control flow graph having basic blocks as nodes, extracting instructions relating to string functions and object variables, calculating pre-conditions of variables for the basic blocks, extracting constraints among the variables subject to a rule set for translating pre-conditions, solving the constraints and obtaining a set of strings that he object variables form as a context-free grammar to obtain a set of security-labeled strings, checking if the set of security-labeled strings satisfies a rule of the rule set for translating pre-conditions and identifying locations in the program where a vulnerability is detected.
摘要:
A computer-implemented method, program product, and system for determining the validity of a string generated by a computer programming language program. The method includes: abstracting a constraint between variables extracted from a source code for a programming language, describing the constraint in M2L, and storing the constraint; and evaluating the validity of the string on an M2L solver on the basis of the constraint and a M2L specification to determine whether the string is safe or unsafe.
摘要:
Calls to stop functions are identified in a computer program file. The stop functions are functions that interact with external resources. Parameters of the calls to the stop functions that are references to the external resources are identified. An analysis is performed over the computer program file to find out possible values of the parameters of the calls.
摘要:
A method for dynamically selecting string analysis algorithms can begin with the training of the dynamic string analysis handler of a string analysis module to effectively handle a subset of string queries having contextual metadata received from a client application in an instructional environment. The effectiveness of the training module can be based upon feedback from the client application. Upon completion of the training, a string analysis algorithm selection policy can be synthesized. The string analysis algorithm selection policy can correlate a context of a string query in the subset to the usage of a string analysis algorithm. When in the operational environment, the dynamic string analysis handler can dynamically handle string queries having contextual metadata received from the client application in accordance with the string analysis algorithm selection policy. The string analysis algorithm to be used for a string query can be dynamically and independently determined.
摘要:
An illegal pattern and a computer program having a method are received. The method has one or more return statements, and a number of basic blocks. The method is normalized so that each return statement of the target method relating to the illegal pattern returns a constant Boolean value. A first path condition and a second path condition for one or more corresponding paths is determined such that one or more corresponding basic blocks return a constant Boolean value of true for the first path condition and a constant Boolean value of false for the second path condition. An unsatisfiability of each path condition is determined using a monadic second-order logic (M2L) technique. Where the unsatisfiability of either path condition is false, the method is reported as not being a validator. Where the unsatisfiability of either path condition is true, the method is reported as being a validator.
摘要:
A transformation tree for an object model (OM) is defined. The transformation tree has nodes interconnected by edges, where each node is connected to at most one other tree node. Each node corresponds to a state of the OM; each edge corresponds to an event causing the OM to transition from the state of one node to the state of another node. A transformation graph for the OM is constructed by simulating the transformation tree. The transformation graph has nodes interconnected by edges, and is a directed graph in which each node is connected to one or more other nodes. Each node corresponds to a state of the OM; each edge corresponds to an event causing the OM to transition from the state of one node to the state of another node. Crawling-oriented actions are performed in relation to the OM by being performed in relation to the transformation graph.