STATIC TAINTING ANASYSTEM AND METHOD FOR TAINT ANALYSIS OF COMPUTER PROGRAM CODELYSIS

STATIC TAINTING ANASYSTEM AND METHOD FOR TAINT ANALYSIS OF COMPUTER PROGRAM CODELYSIS

A method is provided to infer taintedness in code expressions encoded in a computer readable device comprising: configuring a computer system to, store a representation of a computer program that is to be evaluated in non-transitory storage media; identify within the representation a pointer cast op...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Hauptverfasser: SCOTT, ROGER H, CHOU, ANDY C
Format: Patent
Sprache:eng ; fre
Schlagworte:
CALCULATING
COMPUTING
COUNTING
ELECTRIC COMMUNICATION TECHNIQUE
ELECTRIC DIGITAL DATA PROCESSING
ELECTRICITY
PHYSICS
TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHICCOMMUNICATION
Online-Zugang:Volltext bestellen
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
Beschreibung
Zusammenfassung:A method is provided to infer taintedness in code expressions encoded in a computer readable device comprising: configuring a computer system to, store a representation of a computer program that is to be evaluated in non-transitory storage media; identify within the representation a pointer cast operation; determine whether an identified cast operation involves a cast from a pointer to a raw memory data type to a pointer to a structured data type; determine whether a structured data type casted to is associated with indicia of externalness; designating data addressed by that pointer as tainted; and determine whether data designated as tainted is consumed by an operation in the computer program that acts as a taintedness sink.