发明名称 |
Method and system for detecting interprocedural vulnerability by analysis of source code |
摘要 |
Methods and systems of detecting vulnerabilities in source code using inter-procedural analysis of source code. Vulnerabilities in a pre-existing source code listing are detected. The variables in the source code listing are modeled in the context of at least one of the inherent control flow and inherent data flow. The variable models are used to create models of arguments to routine calls in the source code listing. The source code listing is modeled with a call graph to represent routine call interactions expressed in the source code listing. The arguments to routine calls are modeled to account for inter-procedural effects and dependencies on the arguments as expressed in the source code listing.
|
申请公布号 |
US7617489(B2) |
申请公布日期 |
2009.11.10 |
申请号 |
US20060522039 |
申请日期 |
2006.09.15 |
申请人 |
OUNCE LABS, INC. |
发明人 |
PEYTON JOHN;GOTTLIEB ROBERT |
分类号 |
G06F9/44 |
主分类号 |
G06F9/44 |
代理机构 |
|
代理人 |
|
主权项 |
|
地址 |
|