| 摘要 |
In production applications that process and transfer secure and sensitive customer data, the heap dump files of these applications, which may be useful for debugging production issues and bugs, may contain secure and sensitive information. Thus, to make the useful debugging information available in heap dumps from production applications without compromising secure client data to those assigned to debugging and fixing production issues, these heap dumps may be scrubbed of sensitive information without scrubbing information that is useful for debugging. |
| 主权项 |
1. A machine implemented method comprising:
analyzing, by a host system a heap dump to determine class dependencies, the host system including at least a processor system having at least one processor, and a memory system having at least one machine readable medium that stores contents of a heap dump, including content that was stored within at least a collection of memory cells used by a function that had been called while an application is running and was dumped into the machine readable medium; creating a map, by the processor system, of the heap dump, mapping the class dependencies, by mapping which classes depend on which classes; locating and erasing, by the host system, sensitive information, wherein the steps of locating and erasing sensitive information includes at least determining
whether a piece of information originated from a particular class that is used for storing confidential information, andwhether an object associated with the piece of information is of a particular type, and if the information originated from that particular class and the object is of the particular type, erasing the information in case the information is sensitive information; storing, by the host system, into the memory system information that remains after the erasing; rebuilding, by the host system, the content of the heap dump by at least reconstructing the class dependencies without the sensitive information, therein restoring dependencies of classes on other classes; a class dependency being an object from which another object derives functionality, the heap dump, after being rebuilt, includes the class dependencies, the reconstructing of the class dependencies including re-establishing references in objects to other objects that are relied on for functionality; the heap dump data including at least
an instance dump portion, which is a portion of the heap dump data that includes at least an address of an object of interest, information related to a state of the object of interest that the object of interest was in just prior to the dump, and address of objects that referenced the object of interest, anda class dump portion, which is a portion of the heap dump that identifies objects created as specified by a particular class, the class dump includes at least address allocated to a class and a name of the class. |
