| 摘要 |
In system for enabling static vulnerability analysis of a software/web application that includes an indirectly modeled language portion and a directly modeled language portion, an indirectly modeled language information extractor select nodes of certain types from a syntax tree corresponding to the indirectly modeled language source code. Generally, the types of nodes that are selected are relevant to taint propagation. For one or more of the selected nodes, one or more statements corresponding to one or more of a type of the node, an input to the node, and an object associated with the node are generated. A static analyzer configured for a directly modeled language may perform vulnerability analysis of the software/web application using the generated statements. |
| 主权项 |
1. A method of enabling static analysis of indirectly modeled code by an analyzer lacking capability for direct analysis of any indirectly modeled code, the method comprising:
transforming by a processor a syntax tree of a code segment in an indirectly modeled language by including in each node of the syntax tree a respective location identifier identifying a location of at least one of an operator and an operand corresponding to that node in source code specified in the indirectly modeled language; identifying by the processor a set of nodes of selected types in the transformed syntax tree, each selected type being associated with taint propagation indicating propagation of a user input to a code module specified in a directly modeled language; and for each node in the identified set, generating by the processor a statement in a the directly modeled language, based on, at least in part, at least one of: (i) a type of the node, (ii) a type of an input to the node, and (iii) an object corresponding to the node. |
