一种基于静态分析技术的源代码安全检测模型
new static analysis model in source code
本文介绍了当前主流的静态代码分析技术,在分析讨论其优缺点基础上提出了一种新的静态代码检测模型。该模型结合了当前成熟的静态分析技术,并借鉴了编译器中数据流和控制流分析的思想,获取上下文关联的数据信息,从而更加准确地分析代码中存在的安全问题。
Introduce some current static analysis methods in source code, after comparing their advantage and disadvantage, a new model of static analysis is given. Bases on current analysis methods, the new model gets data information in context by data flow analysis and control flow analysis which are often referred in compiler, and therefore security problems could be found more exactly.
徐国爱、梁婕、杨义先、张淼
计算技术、计算机技术
数据流分析,控制流分析,别名分析,静态代码分析,源代码检测
Static analysis data flow analysis control flow analysis alias analysis
徐国爱,梁婕,杨义先,张淼.一种基于静态分析技术的源代码安全检测模型[EB/OL].(2007-11-21)[2025-08-18].http://www.paper.edu.cn/releasepaper/content/200711-432.点此复制
评论