Functional language source code vulnerability scanner
A code scanning system has a syntax generation component that receives source code and generates an abstract syntax tree file. The system includes a white list of permitted pure functions, and a black list of prohibited impure functions. In addition, the system includes a static code analyzer for pe...
Gespeichert in:
| Hauptverfasser: | , , , , , |
|---|---|
| Format: | Patent |
| Sprache: | eng |
| Schlagworte: | |
| Online-Zugang: | Volltext bestellen |
| Tags: |
Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
|
| container_end_page | |
|---|---|
| container_issue | |
| container_start_page | |
| container_title | |
| container_volume | |
| creator | Harrod, William Knight Knipmeyer, Kevin Tijerina, Matthew Joshua Norton, Joseph W Kimbrel, Paul David Schwarz, Michael Gregory |
| description | A code scanning system has a syntax generation component that receives source code and generates an abstract syntax tree file. The system includes a white list of permitted pure functions, and a black list of prohibited impure functions. In addition, the system includes a static code analyzer for performing static analysis of the source code. The static code analyzer includes a function analyzer that receives the AST file and identifies the functions. Each function is compared to the white list, and if it is present, marked as permitted in a static analysis file. If the function is not on the white list, it is compared to the black list. If it is present on the black list, it is marked as prohibited in the static analysis file. If the function is not on the white or black list, it is marked as "unknown" and subjected to manual analysis. |
| format | Patent |
| fullrecord | <record><control><sourceid>epo_EVB</sourceid><recordid>TN_cdi_epo_espacenet_US10628584B1</recordid><sourceformat>XML</sourceformat><sourcesystem>PC</sourcesystem><sourcerecordid>US10628584B1</sourcerecordid><originalsourceid>FETCH-epo_espacenet_US10628584B13</originalsourceid><addsrcrecordid>eNrjZDB1K81LLsnMz0vMUchJzEsvTUxPVSjOLy1KTlVIzk9JVSgrzclLLUpMyszJLKlUKE5OzANyeRhY0xJzilN5oTQ3g6Kba4izh25qQX58anFBYnJqXmpJfGiwoYGZkYWphYmToTExagCpMy3p</addsrcrecordid><sourcetype>Open Access Repository</sourcetype><iscdi>true</iscdi><recordtype>patent</recordtype></control><display><type>patent</type><title>Functional language source code vulnerability scanner</title><source>esp@cenet</source><creator>Harrod, William Knight ; Knipmeyer, Kevin ; Tijerina, Matthew Joshua ; Norton, Joseph W ; Kimbrel, Paul David ; Schwarz, Michael Gregory</creator><creatorcontrib>Harrod, William Knight ; Knipmeyer, Kevin ; Tijerina, Matthew Joshua ; Norton, Joseph W ; Kimbrel, Paul David ; Schwarz, Michael Gregory</creatorcontrib><description>A code scanning system has a syntax generation component that receives source code and generates an abstract syntax tree file. The system includes a white list of permitted pure functions, and a black list of prohibited impure functions. In addition, the system includes a static code analyzer for performing static analysis of the source code. The static code analyzer includes a function analyzer that receives the AST file and identifies the functions. Each function is compared to the white list, and if it is present, marked as permitted in a static analysis file. If the function is not on the white list, it is compared to the black list. If it is present on the black list, it is marked as prohibited in the static analysis file. If the function is not on the white or black list, it is marked as "unknown" and subjected to manual analysis.</description><language>eng</language><subject>CALCULATING ; COMPUTING ; COUNTING ; ELECTRIC DIGITAL DATA PROCESSING ; PHYSICS</subject><creationdate>2020</creationdate><oa>free_for_read</oa><woscitedreferencessubscribed>false</woscitedreferencessubscribed></display><links><openurl>$$Topenurl_article</openurl><openurlfulltext>$$Topenurlfull_article</openurlfulltext><thumbnail>$$Tsyndetics_thumb_exl</thumbnail><linktohtml>$$Uhttps://worldwide.espacenet.com/publicationDetails/biblio?FT=D&date=20200421&DB=EPODOC&CC=US&NR=10628584B1$$EHTML$$P50$$Gepo$$Hfree_for_read</linktohtml><link.rule.ids>230,308,780,885,25563,76318</link.rule.ids><linktorsrc>$$Uhttps://worldwide.espacenet.com/publicationDetails/biblio?FT=D&date=20200421&DB=EPODOC&CC=US&NR=10628584B1$$EView_record_in_European_Patent_Office$$FView_record_in_$$GEuropean_Patent_Office$$Hfree_for_read</linktorsrc></links><search><creatorcontrib>Harrod, William Knight</creatorcontrib><creatorcontrib>Knipmeyer, Kevin</creatorcontrib><creatorcontrib>Tijerina, Matthew Joshua</creatorcontrib><creatorcontrib>Norton, Joseph W</creatorcontrib><creatorcontrib>Kimbrel, Paul David</creatorcontrib><creatorcontrib>Schwarz, Michael Gregory</creatorcontrib><title>Functional language source code vulnerability scanner</title><description>A code scanning system has a syntax generation component that receives source code and generates an abstract syntax tree file. The system includes a white list of permitted pure functions, and a black list of prohibited impure functions. In addition, the system includes a static code analyzer for performing static analysis of the source code. The static code analyzer includes a function analyzer that receives the AST file and identifies the functions. Each function is compared to the white list, and if it is present, marked as permitted in a static analysis file. If the function is not on the white list, it is compared to the black list. If it is present on the black list, it is marked as prohibited in the static analysis file. If the function is not on the white or black list, it is marked as "unknown" and subjected to manual analysis.</description><subject>CALCULATING</subject><subject>COMPUTING</subject><subject>COUNTING</subject><subject>ELECTRIC DIGITAL DATA PROCESSING</subject><subject>PHYSICS</subject><fulltext>true</fulltext><rsrctype>patent</rsrctype><creationdate>2020</creationdate><recordtype>patent</recordtype><sourceid>EVB</sourceid><recordid>eNrjZDB1K81LLsnMz0vMUchJzEsvTUxPVSjOLy1KTlVIzk9JVSgrzclLLUpMyszJLKlUKE5OzANyeRhY0xJzilN5oTQ3g6Kba4izh25qQX58anFBYnJqXmpJfGiwoYGZkYWphYmToTExagCpMy3p</recordid><startdate>20200421</startdate><enddate>20200421</enddate><creator>Harrod, William Knight</creator><creator>Knipmeyer, Kevin</creator><creator>Tijerina, Matthew Joshua</creator><creator>Norton, Joseph W</creator><creator>Kimbrel, Paul David</creator><creator>Schwarz, Michael Gregory</creator><scope>EVB</scope></search><sort><creationdate>20200421</creationdate><title>Functional language source code vulnerability scanner</title><author>Harrod, William Knight ; Knipmeyer, Kevin ; Tijerina, Matthew Joshua ; Norton, Joseph W ; Kimbrel, Paul David ; Schwarz, Michael Gregory</author></sort><facets><frbrtype>5</frbrtype><frbrgroupid>cdi_FETCH-epo_espacenet_US10628584B13</frbrgroupid><rsrctype>patents</rsrctype><prefilter>patents</prefilter><language>eng</language><creationdate>2020</creationdate><topic>CALCULATING</topic><topic>COMPUTING</topic><topic>COUNTING</topic><topic>ELECTRIC DIGITAL DATA PROCESSING</topic><topic>PHYSICS</topic><toplevel>online_resources</toplevel><creatorcontrib>Harrod, William Knight</creatorcontrib><creatorcontrib>Knipmeyer, Kevin</creatorcontrib><creatorcontrib>Tijerina, Matthew Joshua</creatorcontrib><creatorcontrib>Norton, Joseph W</creatorcontrib><creatorcontrib>Kimbrel, Paul David</creatorcontrib><creatorcontrib>Schwarz, Michael Gregory</creatorcontrib><collection>esp@cenet</collection></facets><delivery><delcategory>Remote Search Resource</delcategory><fulltext>fulltext_linktorsrc</fulltext></delivery><addata><au>Harrod, William Knight</au><au>Knipmeyer, Kevin</au><au>Tijerina, Matthew Joshua</au><au>Norton, Joseph W</au><au>Kimbrel, Paul David</au><au>Schwarz, Michael Gregory</au><format>patent</format><genre>patent</genre><ristype>GEN</ristype><title>Functional language source code vulnerability scanner</title><date>2020-04-21</date><risdate>2020</risdate><abstract>A code scanning system has a syntax generation component that receives source code and generates an abstract syntax tree file. The system includes a white list of permitted pure functions, and a black list of prohibited impure functions. In addition, the system includes a static code analyzer for performing static analysis of the source code. The static code analyzer includes a function analyzer that receives the AST file and identifies the functions. Each function is compared to the white list, and if it is present, marked as permitted in a static analysis file. If the function is not on the white list, it is compared to the black list. If it is present on the black list, it is marked as prohibited in the static analysis file. If the function is not on the white or black list, it is marked as "unknown" and subjected to manual analysis.</abstract><oa>free_for_read</oa></addata></record> |
| fulltext | fulltext_linktorsrc |
| identifier | |
| ispartof | |
| issn | |
| language | eng |
| recordid | cdi_epo_espacenet_US10628584B1 |
| source | esp@cenet |
| subjects | CALCULATING COMPUTING COUNTING ELECTRIC DIGITAL DATA PROCESSING PHYSICS |
| title | Functional language source code vulnerability scanner |
| url | https://sfx.bib-bvb.de/sfx_tum?ctx_ver=Z39.88-2004&ctx_enc=info:ofi/enc:UTF-8&ctx_tim=2025-01-11T10%3A44%3A59IST&url_ver=Z39.88-2004&url_ctx_fmt=infofi/fmt:kev:mtx:ctx&rfr_id=info:sid/primo.exlibrisgroup.com:primo3-Article-epo_EVB&rft_val_fmt=info:ofi/fmt:kev:mtx:patent&rft.genre=patent&rft.au=Harrod,%20William%20Knight&rft.date=2020-04-21&rft_id=info:doi/&rft_dat=%3Cepo_EVB%3EUS10628584B1%3C/epo_EVB%3E%3Curl%3E%3C/url%3E&disable_directlink=true&sfx.directlink=off&sfx.report_link=0&rft_id=info:oai/&rft_id=info:pmid/&rfr_iscdi=true |