Method and system for detecting interprocedural vulnerability by analysis of source code

摘要

Methods and systems of detecting vulnerabilities in source code using inter-procedural analysis of source code. Vulnerabilities in a pre-existing source code listing are detected. The variables in the source code listing are modeled in the context of at least one of the inherent control flow and inherent data flow. The variable models are used to create models of arguments to routine calls in the source code listing. The source code listing is modeled with a call graph to represent routine call interactions expressed in the source code listing. The arguments to routine calls are modeled to account for inter-procedural effects and dependencies on the arguments as expressed in the source code listing.