针对现存的大部分软件漏洞静态检测工具无法灵活检测用户关心的漏洞的情况,提出了一种基于模式匹配的漏洞检测方法.首先,对待测程序源码进行解析,将其转化为中间表示并存放在自定义的数据结构中;然后,用安全规则语言描述漏洞并解析安全规则,将其转换成对应的自动机模型存放在内存中;最后,将源代码的中间表示与安全规则进行模式匹配,并跟踪自动机的状态转化,根据自动机状态向用户提交漏洞报告.实验结果表明,该方法的漏报率低、扩展性好.%For the conditions that most of the existing software vulnerability static detecting tools cannot detect vulnerabilities that users care,this paper proposed a vulnerability detection method based on pattern matching.First,the source code which is going to be tested is parsed,and the code is transformed into intermediate representation which is stored in the user-defined data structure.Then,the vulnerability is described and the safety rules is parsed by using safety rule languages,and they are converted into corresponding automata model which can be stored in memory.Finally,the source code intermediate representation and safety rule should be for pattern matching,and the automata state should be transformed.And we need to submit the report based on the automata state to users.The experimental results show that this method has a low missing report rate and good expansibility.
展开▼
