发明名称 |
Identifying software components in a software codebase |
摘要 |
Systems, methods, and computer program embodiments are disclosed for detecting third party software components in a software codebase. In an embodiment, a source file containing source code may be received at a server, and a code signature may be generated for the source file based on a determined structure of the source code. The generated code signature may then be compared to signatures stored in a reference database to identify matching third party software files. In an embodiment, the reference database may store a plurality of code signatures corresponding to third party software files. A list of the identified third party software files may be created and presented to a user. |
申请公布号 |
US9471285(B1) |
申请公布日期 |
2016.10.18 |
申请号 |
US201514795559 |
申请日期 |
2015.07.09 |
申请人 |
SYNOPSYS, INC. |
发明人 |
Koohgoli Mahshad;Shen Xiaojun;Potts Christopher;Malaki Aida |
分类号 |
G06F15/16;G06F9/455;G06F9/44;G06F9/54 |
主分类号 |
G06F15/16 |
代理机构 |
HIPLegal LLP |
代理人 |
HIPLegal LLP ;Szepesi Judith |
主权项 |
1. A method for detecting third party software components in a source file, comprising:
receiving a source file containing source code at a server; generating a code signature for the source file, the generating comprising:
determining a language of the source file;identifying a list of language reserved keywords and key phrases associated with the programing language;removing from the source file text that does not match a language reserved keyword or key phrase of the identified list;removing from the source file language-specific control characters and control character sequences;replacing each language reserved keyword and key phrase of the source file with a corresponding compact byte representation to produce an encoded sequence; andhashing the encoded sequence to produce the code signature; comparing the generated code signature to signatures stored in a reference database to identify matching third Party software files, the reference database storing a plurality of code signatures corresponding to the third party software files; creating a list of the identified third party software files; and presenting the list of identified third party to a user. |
地址 |
Mountain View CA US |