首页>
外国专利>
Generating sound and minimal security reports based on static analysis of a program
Generating sound and minimal security reports based on static analysis of a program
展开▼
机译:根据程序的静态分析生成可靠的安全报告和最小限度的报告
展开▼
页面导航
摘要
著录项
相似文献
摘要
A method is disclosed that includes, using a static analysis, analyzing a software program to determine a number of paths from sources accepting information to sinks using that information or a modified version of that information and to determine multiple paths from the number of paths. The determined multiple paths have a same transition from an application portion of the software program to a library portion of the software program and require a same downgrading action to address a vulnerability associated with source-sink pairs in the multiple paths. The analyzing includes determining the multiple paths using a path-sensitive analysis. The method includes, for the determined multiple paths, grouping the determined multiple paths into a single representative indication of the determined multiple paths. The method includes outputting the single representative indication. Computer program products and apparatus are also disclosed.
展开▼