Source code vulnerability detection method and device

Source code vulnerability detection method and device

The invention relates to the technical field of vulnerability detection, and particularly discloses a source code vulnerability detection method and device.The method comprises the steps that a vulnerability detection request is received; the vulnerability detection request carries a to-be-detected...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Hauptverfasser: CHEN WEI, ZHANG YUE, XU XIAOTIAN, DONG BIN, KAGEMORI, SI GUANLIN, LI MIN
Format: Patent
Sprache:chi ; eng
Schlagworte:
CALCULATING
COMPUTING
COUNTING
ELECTRIC DIGITAL DATA PROCESSING
PHYSICS
Online-Zugang:Volltext bestellen
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
Beschreibung
Zusammenfassung:The invention relates to the technical field of vulnerability detection, and particularly discloses a source code vulnerability detection method and device.The method comprises the steps that a vulnerability detection request is received; the vulnerability detection request carries a to-be-detected program source code and a scanning analysis report; the scanning analysis report comprises a report vulnerability set; performing program slicing on the to-be-detected program source code according to a preset slicing criterion to obtain a plurality of program slices; based on the report vulnerability set, screening out a corresponding vulnerability program slice from the plurality of program slices; inputting the vulnerability program slices and the vulnerability types corresponding to the vulnerability program slices into a target false alarm model, and outputting a false alarm result report; generating a vulnerability detection report based on the scanning analysis report and the false alarm result report; the v