DETECTING RACE CONDITION VULNERABILITIES IN COMPUTER SOFTWARE APPLICATIONS

摘要

Testing computer software applications is performed by identifying first and second executable portions of the computer software application, where the portions are configured to access a data resource, and where at least one of the portions is configured to write to the data resource, instrumenting the computer software application by inserting one or more instrumentation instructions into one or both of the portions, where the instrumentation instruction is configured to cause execution of the portion being instrumented to be extended by a randomly-determined amount of time, and testing the computer software application in multiple iterations, where the computer software application is executed in multiple parallel execution threads, where the portions are independently executed at least partially in parallel in different threads, and where the computer software application is differently instrumented in each of the iterations.

主权项

1. A system for testing computer software web applications, the system comprising:
a static analyzer configured to identify a first executable portion of a computer software web application and a second executable portion of the computer software web application, wherein the first and second executable portions are identified as being data interdependent and the first and second executable portions are configured to access a data resource, wherein at least one of the first and second executable portions is configured to write to the data resource; an instrumentation manager configured to instrument the computer software application by inserting at least one instrumentation instruction into at least one of the first and second executable portions, and configured to insert the at least one instrumentation instruction proximate to a location where the data resource is accessed, wherein the instrumentation instruction is configured to cause execution of the portion being instrumented to be extended by a randomly-determined amount of time; a software tester configured to test the computer software web application in each of a plurality of iterations, wherein the computer software web application is differently instrumented in each of the iterations; wherein the computer software web application is executed in multiple parallel execution threads, wherein the first and second executable portions are independently executed at least partially in parallel in different ones of the threads; wherein the software tester is configured to identify a race condition vulnerability associated with the computer software web application if
during one of the iterations the first executable portion writes to the data resource before the second executable portion accesses the data resource, andduring a different one of the iterations the second executable portion accesses the data resource before the first executable portion writes to the data resource; and wherein the static analyzer, instrumentation manager, and software tester are in implemented in a computer hardware.