| 发明名称 | Scalable and precise string analysis using index-sensitive static string abstractions | ||
| 摘要 | A disclosed method includes accessing one or more seeding specifications and a program including computer-readable code and applying the one or more seeding specifications to the program to identify for analysis seeds including strings for corresponding identified string variables. The method includes tracking flows emanating from the identified seeds. The tracking includes computing an integral offset into a tracked string variable for any statements causing such a computation. The tracking also includes providing a string representation based on the computed integral offset, wherein the provided string representation comprises a value of the integral offset and an indication of the corresponding tracked string variable. The tracking further includes modeling string manipulations of the tracked string variables using the string representations. Apparatus and program products are also disclosed. | ||
| 申请公布号 | US9164869(B2) | 申请公布日期 | 2015.10.20 |
| 申请号 | US201314025943 | 申请日期 | 2013.09.13 |
| 申请人 | International Business Machines Corporation | 发明人 | Guarnieri Salvatore A.;Pistoia Marco;Tripp Omer |
| 分类号 | G06F11/00;G06F12/14;G06F12/16;G08B23/00;G06F11/36;G06F21/57;G06F21/56 | 主分类号 | G06F11/00 |
| 代理机构 | Harrington & Smith | 代理人 | Harrington & Smith |
| 主权项 | 1. A computer system comprising: one or more memories storing computer-readable code; and one or more hardware processors, configured in response to executing the computer-readable code to cause the computer system to perform: accessing one or more seeding specifications and a program comprising computer-readable code; applying the one or more seeding specifications to the program to identify for analysis seeds comprising strings for corresponding identified string variables; and tracking flows emanating from the identified seeds and performing at least the following for the tracking: computing an integral offset into a tracked string variable for any statements causing such a computation; providing a string representation based on the computed integral offset, wherein the provided string representation comprises a value of the integral offset and an indication of the corresponding tracked string variable; and modeling string manipulations of the tracked string variables using the string representations, wherein tracking further comprises, for string manipulations other than statements performing the index-sensitive string manipulation and statements causing computation of an integral offset into a tracked string variable, applying an operation to the string representation while preserving the integral offset. | ||
| 地址 | Armonk NY US | ||