| 发明名称 |
METHOD AND SYSTEM FOR DETECTING VULNERABILITIES IN SOURCE CODE |
| 摘要 |
A method and system of detecting vulnerabilities in source code. Source code is parsed into an intermediate representation. Models (e.g., in the form of lattices) are derived for the variables in the code and for the variables and/or expressions used in conjunction with routine calls. The models are then analyzed in conjunction with pre-specified rules about the routines to determine if the routine call posses one or more of pre-selected vulnerabilities.
|
| 申请公布号 |
US2008263525(A1) |
申请公布日期 |
2008.10.23 |
| 申请号 |
US20080163398 |
申请日期 |
2008.06.27 |
| 申请人 |
OUNCE LABS, INC. |
发明人 |
BERG RYAN JAMES;ROSE LARRY;PEYTON JOHN;DANAHY JOHN J.;GOTTLIEB ROBERT;REHBEIN CHRIS |
| 分类号 |
G06F11/36;G06F;G06F9/44;G06F11/30;G06F12/14;G06F19/00 |
主分类号 |
G06F11/36 |
| 代理机构 |
|
代理人 |
|
| 主权项 |
|
| 地址 |
|
