CN111506900A - Vulnerability detection method and device, electronic equipment and computer storage medium - Google Patents
Vulnerability detection method and device, electronic equipment and computer storage medium Download PDFInfo
- Publication number
- CN111506900A CN111506900A CN202010295600.0A CN202010295600A CN111506900A CN 111506900 A CN111506900 A CN 111506900A CN 202010295600 A CN202010295600 A CN 202010295600A CN 111506900 A CN111506900 A CN 111506900A
- Authority
- CN
- China
- Prior art keywords
- code
- vulnerability
- detected
- taint
- preset
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
- 238000001514 detection method Methods 0.000 title claims abstract description 35
- 238000011161 development Methods 0.000 claims abstract description 86
- 230000006870 function Effects 0.000 claims description 83
- 238000012546 transfer Methods 0.000 claims description 9
- 238000004458 analytical method Methods 0.000 claims description 5
- 238000001914 filtration Methods 0.000 claims description 4
- 230000005540 biological transmission Effects 0.000 claims description 2
- 238000000034 method Methods 0.000 abstract description 27
- 239000000284 extract Substances 0.000 abstract description 3
- 238000012550 audit Methods 0.000 description 11
- 238000004891 communication Methods 0.000 description 6
- 238000004590 computer program Methods 0.000 description 6
- 238000010586 diagram Methods 0.000 description 6
- 230000003287 optical effect Effects 0.000 description 6
- 238000012545 processing Methods 0.000 description 6
- 238000005516 engineering process Methods 0.000 description 2
- 239000013307 optical fiber Substances 0.000 description 2
- 230000008569 process Effects 0.000 description 2
- 230000000644 propagated effect Effects 0.000 description 2
- 239000004065 semiconductor Substances 0.000 description 2
- 230000006978 adaptation Effects 0.000 description 1
- 230000002411 adverse Effects 0.000 description 1
- 238000003491 array Methods 0.000 description 1
- 239000013256 coordination polymer Substances 0.000 description 1
- 238000010219 correlation analysis Methods 0.000 description 1
- 230000007547 defect Effects 0.000 description 1
- 230000006872 improvement Effects 0.000 description 1
- 239000004973 liquid crystal related substance Substances 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/57—Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
- G06F21/577—Assessing vulnerabilities and evaluating computer system security
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
- G06F21/56—Computer malware detection or handling, e.g. anti-virus arrangements
- G06F21/562—Static detection
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F8/00—Arrangements for software engineering
- G06F8/40—Transformation of program code
- G06F8/41—Compilation
- G06F8/42—Syntactic analysis
- G06F8/427—Parsing
Landscapes
- Engineering & Computer Science (AREA)
- General Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Hardware Design (AREA)
- Software Systems (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Computing Systems (AREA)
- Health & Medical Sciences (AREA)
- General Health & Medical Sciences (AREA)
- Virology (AREA)
- Stored Programmes (AREA)
Abstract
The disclosure provides a vulnerability detection method and device, electronic equipment and a computer readable storage medium, and relates to the technical field of computer programming. The method comprises the following steps: extracting key information of the code to be detected by adopting a syntax tree, and constructing a key information structure body; determining a routing function in the key information structure body based on a preset routing rule corresponding to the development frame type; and determining whether the code to be detected has vulnerability information or not based on a preset vulnerability rule of the development frame type. The method analyzes the code to be detected by adopting the syntax tree, extracts the key information structure body of the code to be detected, identifies the development frame of the code to be detected, can remotely adapt to any development frame under the condition of not modifying the code, dynamically configures bug rules, is convenient for misreporting and tuning in time, finds all reachable paths of the stain, comprehensively analyzes the paths which possibly generate the bugs, judges the bugs more accurately, reduces false alarms, realizes full-automatic bug detection and saves manpower.
Description
Technical Field
The present disclosure relates to the field of computer programming technologies, and in particular, to a vulnerability detection method and apparatus, an electronic device, and a computer storage medium.
Background
With the development of computer languages and the improvement of security awareness of computer networks of people, the detection of code bugs is more and more important in computer code writing.
Generally, when a developer develops a project, security awareness is not high enough, so that security vulnerabilities exist in codes, the security vulnerabilities may bring extremely serious influences to the project or an enterprise, but many times, due to the increase of the number of projects, the increase of the number of codes is doubled, and the audit of the existing code vulnerabilities is basically manual audit, so that thermal power consumption is very large, the manual audit is tired, the audit is possibly inaccurate, and the code security is reduced.
Therefore, the existing code security vulnerability audit is basically manual audit, the labor consumption is high, manual fatigue is easy to go out of the audit, the audit is not accurate, the code security is reduced, and the problem is urgently needed to be solved.
Disclosure of Invention
The purpose of the present disclosure is to solve at least one of the above technical defects, and in particular, the existing code security vulnerability audit is basically manual audit, which has high manpower consumption and is easy to go out of order and cause manual fatigue, resulting in inaccurate audit and reduced code security.
In a first aspect, a vulnerability detection method is provided, and the method includes:
analyzing a code to be detected by adopting a syntax tree, extracting key information of the code to be detected, and constructing a key information structure;
identifying the development frame type of the code to be detected;
determining a routing function in the key information structure body based on a preset routing rule corresponding to the development frame type;
determining the position of a stain in the code to be detected based on a preset stain rule corresponding to the development frame type and the routing function, and generating a stain data flow graph;
and determining whether the code to be detected has vulnerability information or not based on a preset vulnerability rule corresponding to the development frame type through the taint data flow graph.
In a second aspect, a vulnerability detection apparatus is provided, which includes:
the analysis module is used for analyzing the code to be detected by adopting a syntax tree, extracting key information of the code to be detected and constructing a key information structure body;
the frame identification module is used for identifying the development frame of the code to be detected by adopting a preset development frame identification characteristic;
a routing function identification module, configured to determine a routing function in the key information structure based on a routing rule of the development framework;
the taint data flow graph generation module is used for determining the position of the taint in the code based on the taint rule of the development framework and the routing function and generating a taint data flow graph;
and the vulnerability information determining module is used for traversing the taint data flow graph based on a preset vulnerability rule corresponding to the development frame type and determining whether vulnerability information exists in the code to be detected.
In a third aspect, an electronic device is provided, which includes:
one or more processors;
a memory;
one or more applications, wherein the one or more applications are stored in the memory and configured to be executed by the one or more processors, the one or more programs configured to: and executing the vulnerability detection method.
In a fourth aspect, a computer storage medium is provided, where at least one instruction, at least one program, a set of codes, or a set of instructions is stored, and the at least one instruction, the at least one program, the set of codes, or the set of instructions is loaded and executed by the processor to implement the vulnerability detection method.
The method and the device have the advantages that codes to be detected are analyzed by adopting the syntax tree, the key information structure body of the codes to be detected is extracted, the development framework of the codes to be detected can be remotely adapted to any development framework under the condition that the codes are not modified, routing search rules, stain positioning rules and leak judgment rules in the development framework are adopted, leak rules are dynamically configured, timely misreport tuning is facilitated, a data flow graph with complete stains is generated according to routing search and stain positioning, all reachable paths of the stains are found, paths which possibly generate the leaks are comprehensively analyzed, the existence of the leaks is comprehensively judged according to index positions of parameters and the leak rules, the judgment of the leaks is more accurate, the misinformation is reduced, full-automatic leak detection is realized, and manpower is saved.
Drawings
In order to more clearly illustrate the technical solutions in the embodiments of the present disclosure, the drawings used in the description of the embodiments of the present disclosure will be briefly described below.
Fig. 1 is a schematic flowchart of a vulnerability detection method according to an embodiment of the present disclosure;
fig. 2 is a schematic flowchart of a method for determining a routing function according to an embodiment of the present disclosure;
fig. 3 is a schematic flow chart diagram of a data flow graph generating method according to an embodiment of the present disclosure;
FIG. 4 is a diagram illustrating a transfer of a taint in a function provided by an embodiment of the present disclosure;
FIG. 5 is a schematic diagram of a taint transfer among a plurality of functions provided by the embodiments of the present disclosure;
fig. 6 is a schematic structural diagram of a vulnerability detection apparatus according to an embodiment of the present disclosure;
fig. 7 is a schematic structural diagram of an electronic device according to an embodiment of the present disclosure.
The above and other features, advantages and aspects of various embodiments of the present disclosure will become more apparent by referring to the following detailed description when taken in conjunction with the accompanying drawings. Throughout the drawings, the same or similar reference numbers refer to the same or similar elements. It should be understood that the drawings are schematic and that elements and features are not necessarily drawn to scale.
Detailed Description
Embodiments of the present disclosure will be described in more detail below with reference to the accompanying drawings. While certain embodiments of the present disclosure are shown in the drawings, it is to be understood that the present disclosure may be embodied in various forms and should not be construed as limited to the embodiments set forth herein, but rather are provided for a more thorough and complete understanding of the present disclosure. It should be understood that the drawings and embodiments of the disclosure are for illustration purposes only and are not intended to limit the scope of the disclosure.
It should be understood that the various steps recited in the method embodiments of the present disclosure may be performed in a different order, and/or performed in parallel. Moreover, method embodiments may include additional steps and/or omit performing the illustrated steps. The scope of the present disclosure is not limited in this respect.
The term "include" and variations thereof as used herein are open-ended, i.e., "including but not limited to". The term "based on" is "based, at least in part, on". The term "one embodiment" means "at least one embodiment"; the term "another embodiment" means "at least one additional embodiment"; the term "some embodiments" means "at least some embodiments". Relevant definitions for other terms will be given in the following description.
It should be noted that the terms "first", "second", and the like in the present disclosure are only used for distinguishing the devices, modules or units, and are not used for limiting the devices, modules or units to be different devices, modules or units, and also for limiting the sequence or interdependence relationship of the functions executed by the devices, modules or units.
It is noted that references to "a", "an", and "the" modifications in this disclosure are intended to be illustrative rather than limiting, and that those skilled in the art will recognize that "one or more" may be used unless the context clearly dictates otherwise.
The names of messages or information exchanged between devices in the embodiments of the present disclosure are for illustrative purposes only, and are not intended to limit the scope of the messages or information.
The embodiment of the present disclosure provides a vulnerability detection method, as shown in fig. 1, the method includes:
in step S101, the syntax tree is used to analyze the code to be detected, extract the key information of the code to be detected, and construct a key information structure.
For the disclosed embodiments, the Abstract Syntax Tree (AST) is a tree representation of the abstract syntax structure of the source code, and each node on the tree represents a structure in the source code, which is abstract because the abstract syntax tree does not represent every detail of the real syntax, for example, the nesting brackets are hidden in the structure of the tree and are not represented in the form of nodes. The abstract syntax tree does not depend on the syntax of the source language, that is, the context used in the parsing stage is grammatical-free, because when the grammar is written, the grammar is often equivalently transformed (left recursion, backtracking, ambiguity and the like are eliminated), which introduces some redundant components into the grammar analysis, adversely affects the subsequent stages, and even makes the combined stages confused. Therefore, many compilers often construct parse trees independently, building a clear interface for the front-end and back-end.
In the embodiment of the disclosure, when a syntax tree is used to parse a code to be detected, extracting key information of the code to be detected, and constructing a key information structure, where for an item to be detected, for all Python files of the item, the key information in the code to be Python is extracted based on AST syntax parsing of Python itself, where the key information includes almost all information of a Python code segment, for example, what is left of an expression, what is right of the expression, what function calls are included on right, what is parameters of the function, including position index information of the parameters in the function, and what information is specifically needed, which information is determined by a person skilled in the art according to a specific embodiment, and the disclosure is not limited thereto. According to the extracted key information, a structure body is constructed, a data set composed of a series of data with the same type or different types, called the structure body, can be declared as a variable, a pointer, an array or the like, and is used for realizing a more complex data structure.
In step S102, the development framework type of the code to be detected is identified.
In the embodiment of the present disclosure, the development framework refers to a middleware base platform developed for improving the WEB program development efficiency, a developer does not need to write codes from 0, but the framework is already made with some template objects, the developer develops the program by calling the framework to save time and cost, and the front-end WEB framework is well-known, such as boottrap, extjs, easyui, flex, MiniUI, jQuery UI, and the like.
For the embodiment of the disclosure, the framework identification is performed on the structural body constructed in the project through the development framework characteristics in the server rule loaded remotely, the framework used by Python is identified, specifically, the framework type characteristics preset in the server are loaded, the characteristics in the structural body are obtained, the characteristics of the structural body are compared with the preset framework type characteristics, and the framework type corresponding to the structural body is determined.
In step S103, a routing function in the key information structure is determined based on a preset routing rule corresponding to the development framework type.
In the disclosed embodiment, the routing rule refers to some routing writing methods in the development framework, and different routing rules are identified according to some specific writing methods.
In the disclosed embodiment, a routing function in the key information structure is identified based on the routing rule in the development framework identified in the preceding step. The code command is acquired before the routing function is identified, the code of the routing writing method part of the code command is identified and matched with the routing function in the preset routing function library, and when the same code segment is matched, the routing function of the code is determined. Route, as in the following pseudo code, is a classical route writing method:
in step S104, based on the preset taint rule and the routing function corresponding to the development frame type, the position of the taint in the code to be detected is determined, and a taint data flow graph is generated.
In the embodiment of the present disclosure, the taint rule refers to how the routing function accepts the user input, for example, aaa is request. Get is used for receiving user input, and all the rules capable of receiving user input are collated, namely the taint rule.
For the embodiment of the present disclosure, the taint rule is set in advance by a person skilled in the art, and the possible taint rules are collected manually, and then all the taint positions are identified by combining with the routing function, specifically, a code segment of the routing function is obtained, a code field in the code segment is identified, the code field is matched with the preset taint rule, when a field identical to the code segment is matched in the preset taint rule, the routing function is determined according to the taint rule, whether the code segment has a taint, if the taint exists, the position where the taint exists is recorded, and a taint data flow graph is formed.
In step S105, based on a preset vulnerability rule corresponding to the development framework type, traversing the taint data flow graph to determine whether vulnerability information exists in the code to be detected.
In the embodiment of the present disclosure, the preset bug rule refers to a bug rule preset by a person skilled in the art, and the bug rule refers to a rule capable of determining whether a bug exists in a data flow graph, and is generally a combination of multiple rules.
For the embodiment of the disclosure, after the taint data flow graph is constructed, the data flow graph is subjected to a pass through preset bug rules, whether a bug exists in the data flow graph is judged according to the rules, and the bug existence can be confirmed only when a certain path in the data flow graph meets the following conditions, wherein the judging conditions include: correct index position, presence of high risk function, successful keyword matching, and absence of filtering function. And when a certain path in a certain taint data flow graph simultaneously meets the conditions, judging that the data flow graph has a bug.
The method and the device have the advantages that codes to be detected are analyzed by adopting the syntax tree, the key information structure body of the codes to be detected is extracted, the development framework of the codes to be detected can be remotely adapted to any development framework under the condition that the codes are not modified, routing search rules, stain positioning rules and leak judgment rules in the development framework are adopted, leak rules are dynamically configured, timely misreport tuning is facilitated, a data flow graph with complete stains is generated according to routing search and stain positioning, all reachable paths of the stains are found, paths which possibly generate the leaks are comprehensively analyzed, the existence of the leaks is comprehensively judged according to index positions of parameters and the leak rules, the judgment of the leaks is more accurate, the misinformation is reduced, full-automatic leak detection is realized, and manpower is saved.
The embodiment of the present disclosure provides a possible implementation manner, identifying a development framework type of a code to be detected, including:
acquiring development frame characteristics of a code to be detected; and identifying the development frame type corresponding to the development frame characteristics of the code to be detected according to the preset development frame identification characteristics.
In the embodiment of the present disclosure, a development frame feature is obtained, a code field is obtained, a frame feature part field is identified and matched with a preset frame feature, the matched frame feature is used as a frame feature of a code to be detected, a frame type corresponding to the frame feature is determined as the frame type of the code to be detected, specifically, the frame type is marked for the code to be detected, and a routing rule, a vulnerability rule, and the like corresponding to the frame type are obtained.
According to the method and the device, the frame characteristics of the code to be detected are obtained, the corresponding frame type is matched, and the code is analyzed and processed with the subsequent obtaining rule, so that the vulnerability determination accuracy is improved.
As shown in fig. 2, the determining a routing function in a key information structure based on a routing rule of a development framework includes:
in step S201, the syntax of the key information structure routing is identified.
In the embodiment of the present disclosure, the syntax of the route refers to the writing method of the routing function of the code segment, such as authbp.
For the embodiment of the present disclosure, the syntax for obtaining the routing of the key information structure is mainly to determine the writing method of the routing function by obtaining the code segment and recognizing the code in the code segment, as in the above section, when the authbp route is recognized, the writing method of the routing can be determined to be authbp route.
In step S202, the syntax of the route is matched with the routing rule of the development framework, and a routing function is determined, where the routing rule includes a correspondence between the syntax of the route and the corresponding routing rule.
For the embodiment of the present disclosure, after determining the routing syntax of the code to be detected, matching the routing syntax with a preset routing rule, where the preset routing rule is determined according to the frame type identified in the foregoing step, specifically, after determining the frame type, loading the routing rule corresponding to the frame type, matching the routing syntax determined in the foregoing step with the routing rule, and determining the routing function of the code to be detected. Specifically, if the routing syntax is determined to be authbp.
The routing grammar of the code to be detected is identified and matched with the preset routing rule, the routing rule of the code to be detected is determined, and the accuracy rate of judging the routing rule is high.
A possible implementation manner is provided in the embodiments of the present disclosure, and as shown in fig. 3, generating a taint data flow graph includes:
in step S301, when the taint is transferred in a function, a taint marking node is generated according to the location of the taint, and the taint marking node is used as a node in the taint data flow graph.
In the embodiment of the present disclosure, a taint may be continuously transferred in a current function, or may be transferred in different files, and for different transfer modes, different dataflow graph determination flows exist.
For the disclosed embodiment, as shown in fig. 4, when a taint is transferred in a function, a taint marking node is generated according to the location of the taint, and the byte point is used as a node of a taint flow graph, specifically, as shown in fig. 4, a taint flows from node a to node B and then to node C, and then the data flow graph of the taint is a-B-C, where node A, B, C is a node in a function. Of course, the specific number of nodes needs to be determined in a specific embodiment.
In step S302, when the taint is transferred among a plurality of functions, a plurality of taint marking nodes of the taint in the plurality of functions are generated according to the index position of the transfer function of the taint, and the plurality of taint marking nodes are taken as nodes in the taint data flow graph.
In the embodiment of the present disclosure, as shown in fig. 5, a taint is transferred among a plurality of functions, when a data flow graph of the taint is generated, an index position of a current function where the taint is located needs to be obtained, and then a taint marking node of the taint data flow graph is generated according to the index position, specifically, when the taint is transferred from a1 node of a function a to b1 node of a function b, an index position of the function taint at a node a1 is obtained first, a first taint marking node a.a1 is generated, when the taint is transferred to b1 node of the function b, a second taint marking node b.b1 is generated, then the data flow graph of the taint is a.a1-b.b1, where nodes a1 and b1 are data nodes in the function a and the function b, respectively.
According to the method and the device, the data flow graph of the taint is determined through different taint transfer modes, the completeness of determination of the data flow graph is guaranteed, and the accuracy of determination of subsequent vulnerabilities is improved.
The embodiment of the present disclosure provides a possible implementation manner, where determining vulnerability information in a code to be detected based on a preset vulnerability rule corresponding to a development framework type through a taint data flow graph includes:
and based on a preset vulnerability rule corresponding to the development frame type, traversing the taint data flow graph, and determining vulnerability information in the code to be detected when at least one path in the taint data flow graph meets the preset vulnerability rule.
In the embodiment of the disclosure, after the data flow graph of the stain is determined, based on a preset leak rule, the data flow graph is traversed, and when at least one path in the data flow graph of the stain meets the preset leak rule, leak information in a code to be detected is determined, wherein the preset leak rule comprises that an index position of a transfer parameter of the stain is a preset position; and the path has a preset high-risk function; and the keywords in the stain are matched with the preset keywords; and no preset filtering function exists in the path. Specifically, each node in the data flow graph is judged according to the vulnerability rule, whether the node meets the vulnerability rule is judged, and when the node meets the vulnerability rule, a vulnerability exists in the data flow graph of the node.
In the embodiment of the disclosure, the data flow graph of the taint is judged through the preset bug rules, whether a bug exists or not is determined, and the bug judgment is accurate.
The embodiment of the present disclosure provides a possible implementation manner, and after determining vulnerability information in a code to be detected, the implementation manner further includes:
and determining a key row of the vulnerability information in the codes to be detected according to the vulnerability information, generating vulnerability report information based on the codes of the key row with the upper and lower preset row numbers and the key row codes, and reporting the vulnerability report information.
In the embodiment of the disclosure, when it is determined that the code to be detected has the vulnerability information, vulnerability report information is generated based on a key line in the code where the vulnerability information is located, and specifically, the vulnerability report information is generated based on an upper and a lower preset line number of the key line.
For the embodiment of the disclosure, after the vulnerability information is determined, the upper two lines of codes and the lower two lines of codes of the code line where the vulnerability information is located are determined as vulnerability report information to be reported, of course, the specific number of required lines of codes can be determined by a person skilled in the art, and the disclosure does not limit the information.
The method and the device have the advantages that codes to be detected are analyzed by adopting the syntax tree, the key information structure body of the codes to be detected is extracted, the development framework of the codes to be detected can be remotely adapted to any development framework under the condition that the codes are not modified, routing search rules, stain positioning rules and leak judgment rules in the development framework are adopted, leak rules are dynamically configured, timely misreport tuning is facilitated, a data flow graph with complete stains is generated according to routing search and stain positioning, all reachable paths of the stains are found, paths which possibly generate the leaks are comprehensively analyzed, the existence of the leaks is comprehensively judged according to index positions of parameters and the leak rules, the judgment of the leaks is more accurate, the misinformation is reduced, full-automatic leak detection is realized, and manpower is saved.
An embodiment of the present disclosure provides a vulnerability detection apparatus, as shown in fig. 6, the vulnerability detection apparatus 60 may include:
the parsing module 601 is configured to parse the code to be detected by using a syntax tree, extract key information of the code to be detected, and construct a key information structure;
the frame identification module 602 is configured to identify a development frame of the code to be detected by using a preset development frame identification feature;
a routing function identification module 603, configured to determine a routing function in the key information structure based on a routing rule of the development framework;
a taint data flow graph generating module 604, configured to determine a location of a taint in the code based on the taint rule and the routing function of the development framework, and generate a taint data flow graph;
and the vulnerability information determining module 605 is configured to determine whether vulnerability information exists in the code to be detected based on the vulnerability rules of the development framework through the taint data flow graph.
The vulnerability detection apparatus of this embodiment can execute the vulnerability detection method shown in the foregoing embodiments of the present disclosure, and the implementation principles thereof are similar, and are not described herein again.
The method and the device have the advantages that the logic of frame adaptation, route searching, stain positioning and flaw judgment is generalized, a frame can be remotely adapted and randomly developed under the condition that codes are not modified, a flaw rule can be dynamically configured, timely false alarm and tuning are facilitated, upward backtracking is conducted when a function in an object with an execution function as a class is executed, discriminant analysis is conducted, judgment of the flaw is more refined, false alarms are reduced, data among multiple modules are subjected to correlation analysis, a complete data flow graph is generated, all reachable paths of stains are found, paths which may generate the flaw are comprehensively analyzed, existence of the flaw is comprehensively judged according to index positions of parameters and the flaw rule, judgment of the flaw is more accurate, false alarms are reduced, full-automatic flaw detection is achieved, and manpower is saved.
Referring now to FIG. 7, shown is a schematic diagram of an electronic device 700 suitable for use in implementing embodiments of the present disclosure. The terminal device in the embodiments of the present disclosure may include, but is not limited to, a mobile terminal such as a mobile phone, a notebook computer, a digital broadcast receiver, a PDA (personal digital assistant), a PAD (tablet computer), a PMP (portable multimedia player), a vehicle terminal (e.g., a car navigation terminal), and the like, and a stationary terminal such as a digital TV, a desktop computer, and the like. The electronic device shown in fig. 6 is only an example, and should not bring any limitation to the functions and the scope of use of the embodiments of the present disclosure.
The electronic device includes: a memory and a processor, wherein the processor may be referred to as the processing device 701 hereinafter, and the memory may include at least one of a Read Only Memory (ROM)702, a Random Access Memory (RAM)703 and a storage device 708 hereinafter, as shown in detail below:
as shown in fig. 7, electronic device 700 may include a processing means (e.g., central processing unit, graphics processor, etc.) 701 that may perform various appropriate actions and processes in accordance with a program stored in a Read Only Memory (ROM)702 or a program loaded from storage 708 into a Random Access Memory (RAM) 703. In the RAM 703, various programs and data necessary for the operation of the electronic apparatus 700 are also stored. The processing device 701, the ROM 702, and the RAM 703 are connected to each other by a bus 704. An input/output (I/O) interface 705 is also connected to bus 704.
In general, input devices 706 including, for example, a touch screen, touch pad, keyboard, mouse, camera, microphone, accelerometer, gyroscope, etc., output devices 707 including, for example, a liquid crystal display (L CD), speaker, vibrator, etc., storage devices 708 including, for example, magnetic tape, hard disk, etc., and communication devices 709. communication devices 709 may allow electronic device 700 to communicate wirelessly or wiredly with other devices to exchange data.
In particular, according to an embodiment of the present disclosure, the processes described above with reference to the flowcharts may be implemented as computer software programs. For example, embodiments of the present disclosure include a computer program product comprising a computer program carried on a non-transitory computer readable medium, the computer program containing program code for performing the method illustrated by the flow chart. In such embodiments, the computer program may be downloaded and installed from a network via the communication means 709, or may be installed from the storage means 708, or may be installed from the ROM 702. The computer program, when executed by the processing device 701, performs the above-described functions defined in the methods of the embodiments of the present disclosure.
It should be noted that the computer readable medium in the present disclosure can be a computer readable signal medium or a computer readable storage medium or any combination of the two. A computer readable storage medium may be, for example, but not limited to, an electronic, magnetic, optical, electromagnetic, infrared, or semiconductor system, apparatus, or device, or any combination of the foregoing. More specific examples of the computer readable storage medium may include, but are not limited to: an electrical connection having one or more wires, a portable computer diskette, a hard disk, a Random Access Memory (RAM), a read-only memory (ROM), an erasable programmable read-only memory (EPROM or flash memory), an optical fiber, a portable compact disc read-only memory (CD-ROM), an optical storage device, a magnetic storage device, or any suitable combination of the foregoing. In the present disclosure, a computer readable storage medium may be any tangible medium that can contain, or store a program for use by or in connection with an instruction execution system, apparatus, or device. In contrast, in the present disclosure, a computer readable signal medium may comprise a propagated data signal with computer readable program code embodied therein, either in baseband or as part of a carrier wave. Such a propagated data signal may take many forms, including, but not limited to, electro-magnetic, optical, or any suitable combination thereof. A computer readable signal medium may also be any computer readable medium that is not a computer readable storage medium and that can communicate, propagate, or transport a program for use by or in connection with an instruction execution system, apparatus, or device. Program code embodied on a computer readable medium may be transmitted using any appropriate medium, including but not limited to: electrical wires, optical cables, RF (radio frequency), etc., or any suitable combination of the foregoing.
In some embodiments, the clients, servers may communicate using any currently known or future developed network protocol, such as HTTP (HyperText transfer protocol), and may be interconnected with any form or medium of digital data communication (e.g., a communications network). examples of communications networks include local area networks ("L AN"), wide area networks ("WAN"), the Internet (e.g., the Internet), and peer-to-peer networks (e.g., ad hoc peer-to-peer networks), as well as any currently known or future developed networks.
The computer readable medium may be embodied in the electronic device; or may exist separately without being assembled into the electronic device.
The computer readable medium carries one or more programs which, when executed by the electronic device, cause the electronic device to: analyzing the code to be detected by adopting a syntax tree, extracting key information of the code to be detected, and constructing a key information structure; identifying the development frame type of the code to be detected; determining a routing function in the key information structure body based on a preset routing rule corresponding to the development frame type; determining the position of a stain in the code to be detected based on a preset stain rule and a routing function corresponding to the development frame type, and generating a stain data flow graph; and determining whether the code to be detected has vulnerability information or not based on a preset vulnerability rule corresponding to the development frame type through the taint data flow graph.
In the context of remote computers, remote computers may be implemented over any type of network including local area networks (L AN) or Wide Area Networks (WAN) to the user's computer or to external computer systems, which are coupled to the user's computer system or which contain blocks or blocks of computer program code, which may be implemented in any form of dedicated hardware, or combinations of blocks, and which may be implemented in hardware, or combinations of blocks or blocks, wherein each block or block represents a possible implementation of the system, method, or computer product according to the various embodiments of the present disclosure.
The modules or units described in the embodiments of the present disclosure may be implemented by software or hardware. Wherein the designation of a module or unit does not in some cases constitute a limitation of the unit itself.
For example, without limitation, exemplary types of hardware logic that may be used include Field Programmable Gate Arrays (FPGAs), Application Specific Integrated Circuits (ASICs), Application Specific Standard Products (ASSPs), systems on a chip (SOCs), complex programmable logic devices (CP L D), and so forth.
In the context of this disclosure, a machine-readable medium may be a tangible medium that can contain, or store a program for use by or in connection with an instruction execution system, apparatus, or device. The machine-readable medium may be a machine-readable signal medium or a machine-readable storage medium. A machine-readable medium may include, but is not limited to, an electronic, magnetic, optical, electromagnetic, infrared, or semiconductor system, apparatus, or device, or any suitable combination of the foregoing. More specific examples of a machine-readable storage medium would include an electrical connection based on one or more wires, a portable computer diskette, a hard disk, a Random Access Memory (RAM), a read-only memory (ROM), an erasable programmable read-only memory (EPROM or flash memory), an optical fiber, a portable compact disc read-only memory (CD-ROM), an optical storage device, a magnetic storage device, or any suitable combination of the foregoing.
According to one or more embodiments of the present disclosure, there is provided a vulnerability detection method, including:
analyzing the code to be detected by adopting a syntax tree, extracting key information of the code to be detected, and constructing a key information structure;
identifying the development frame type of the code to be detected;
determining a routing function in the key information structure body based on a preset routing rule corresponding to the development frame type;
determining the position of a stain in the code to be detected based on a preset stain rule and a routing function corresponding to the development frame type, and generating a stain data flow graph;
and determining whether the code to be detected has vulnerability information or not based on a preset vulnerability rule corresponding to the development frame type through the taint data flow graph.
Further, identifying the development framework type of the code to be detected comprises:
acquiring development frame characteristics of a code to be detected;
and identifying the development frame type corresponding to the development frame characteristics of the code to be detected according to the preset development frame identification characteristics.
Further, determining a routing function in the key information structure based on the routing rule of the development framework includes:
identifying the grammar of the key information structure routing;
matching the grammar of the route with the routing rule of the development framework, and determining a routing function, wherein the routing rule comprises the corresponding relation between the grammar of the route and the corresponding routing rule.
Further, generating the taint dataflow graph includes:
when the taint is transferred in a function, generating a taint marking node according to the position of the taint, and taking the taint marking node as a node in the taint data flow graph;
when the taint is transferred in a plurality of functions, a plurality of taint marking nodes of the taint in the functions are generated according to the index position of the transfer function of the taint, and the plurality of taint marking nodes are used as nodes in the taint data flow graph.
Further, based on a preset vulnerability rule corresponding to the development frame type, determining vulnerability information in the code to be detected through a taint data flow graph, wherein the vulnerability information includes:
and based on a preset vulnerability rule corresponding to the development frame type, traversing the taint data flow graph, and determining vulnerability information in the code to be detected when at least one path in the taint data flow graph meets the preset vulnerability rule.
Further, the preset vulnerability rules include:
the index position of the transmission parameter of the stain is a preset position; and is
A preset high-risk function exists in the path; and is
Matching keywords in the stain with preset keywords; and is
No preset filtering function exists in the path.
Further, after determining the vulnerability information in the code to be detected, the method further includes:
and determining a key row of the vulnerability information in the codes to be detected according to the vulnerability information, generating vulnerability report information based on the codes of the key row with the upper and lower preset row numbers and the key row codes, and reporting the vulnerability report information.
According to one or more embodiments of the present disclosure, there is provided a vulnerability detection apparatus, including:
the analysis module is used for analyzing the code to be detected by adopting a syntax tree, extracting key information of the code to be detected and constructing a key information structure body;
the frame identification module is used for identifying the development frame of the code to be detected by adopting a preset development frame identification characteristic;
the routing function identification module is used for determining a routing function in the key information structure body based on the routing rule of the development framework;
the taint data flow graph generation module is used for determining the position of the taint in the code based on the taint rule and the routing function of the development framework and generating a taint data flow graph;
and the vulnerability information determining module is used for traversing the taint data flow graph based on a preset vulnerability rule corresponding to the development frame type and determining whether vulnerability information exists in the code to be detected.
According to one or more embodiments of the present disclosure, there is provided an electronic device including:
one or more processors;
a memory;
one or more application programs, wherein the one or more application programs are stored in the memory and configured to be executed by the one or more processors, the one or more programs configured to: the vulnerability detection method according to the foregoing is performed.
According to one or more embodiments of the present disclosure, a computer storage medium is provided, wherein the storage medium stores at least one instruction, at least one program, a set of codes, or a set of instructions, and the at least one instruction, the at least one program, the set of codes, or the set of instructions is loaded and executed by a processor to implement the foregoing vulnerability detection method.
The foregoing description is only exemplary of the preferred embodiments of the disclosure and is illustrative of the principles of the technology employed. It will be appreciated by those skilled in the art that the scope of the disclosure herein is not limited to the particular combination of features described above, but also encompasses other embodiments in which any combination of the features described above or their equivalents does not depart from the spirit of the disclosure. For example, the above features and (but not limited to) the features disclosed in this disclosure having similar functions are replaced with each other to form the technical solution.
Further, while operations are depicted in a particular order, this should not be understood as requiring that such operations be performed in the particular order shown or in sequential order. Under certain circumstances, multitasking and parallel processing may be advantageous. Likewise, while several specific implementation details are included in the above discussion, these should not be construed as limitations on the scope of the disclosure. Certain features that are described in the context of separate embodiments can also be implemented in combination in a single embodiment. Conversely, various features that are described in the context of a single embodiment can also be implemented in multiple embodiments separately or in any suitable subcombination.
Although the subject matter has been described in language specific to structural features and/or methodological acts, it is to be understood that the subject matter defined in the appended claims is not necessarily limited to the specific features or acts described above. Rather, the specific features and acts described above are disclosed as example forms of implementing the claims.
Claims (10)
1. A vulnerability detection method is characterized by comprising the following steps:
analyzing a code to be detected by adopting a syntax tree, extracting key information of the code to be detected, and constructing a key information structure;
identifying the development frame type of the code to be detected;
determining a routing function in the key information structure body based on a preset routing rule corresponding to the development frame type;
determining the position of a stain in the code to be detected based on a preset stain rule corresponding to the development frame type and the routing function, and generating a stain data flow graph;
and determining whether the code to be detected has vulnerability information or not based on a preset vulnerability rule corresponding to the development frame type through the taint data flow graph.
2. The vulnerability detection method of claim 1, wherein the identifying the development framework type of the code to be detected comprises:
acquiring development frame characteristics of the code to be detected;
and identifying the development frame type corresponding to the development frame characteristics of the code to be detected according to the preset development frame identification characteristics.
3. The vulnerability detection method of claim 1, wherein the determining a routing function in the key information structure based on the routing rules of the development framework comprises:
identifying the grammar of the key information structure routing;
matching the grammar of the route with the routing rule of the development framework, and determining the routing function, wherein the routing rule comprises the corresponding relation between the grammar of the route and the corresponding routing rule.
4. The vulnerability detection method of claim 1, wherein the generating a taint data flow graph comprises:
when the taint is transferred in a function, generating a taint marking node according to the position of the taint, and taking the taint marking node as a node in the taint data flow graph;
when the taint is transferred in a plurality of functions, a plurality of taint marking nodes of the taint in the functions are generated according to the index position of the transfer function of the taint, and the plurality of taint marking nodes are used as nodes in the taint data flow graph.
5. The vulnerability detection method according to claim 1, wherein the determining whether vulnerability information exists in the code to be detected based on the predefined vulnerability rules corresponding to the development framework type through the taint data flow graph comprises:
and traversing the taint data flow graph based on a preset vulnerability rule corresponding to the development frame type, and determining that vulnerability information exists in the code to be detected when at least one path in the taint data flow graph meets the preset vulnerability rule.
6. The vulnerability detection method according to claim 1, wherein the preset vulnerability rules include:
the index position of the transmission parameter of the stain is a preset position; and is
The path has a preset high-risk function; and is
Keywords in the spots are matched with preset keywords; and is
No preset filtering function exists in the path.
7. The vulnerability detection method according to claim 1, wherein after determining the vulnerability information in the code to be detected, further comprising:
and determining a key row of the vulnerability information in the codes to be detected according to the vulnerability information, generating vulnerability report information based on the codes of the upper and lower preset row numbers of the key row and the key row codes, and reporting the vulnerability report information.
8. A vulnerability detection apparatus, comprising:
the analysis module is used for analyzing the code to be detected by adopting a syntax tree, extracting key information of the code to be detected and constructing a key information structure body;
the frame identification module is used for identifying the development frame of the code to be detected by adopting a preset development frame identification characteristic;
a routing function identification module, configured to determine a routing function in the key information structure based on a routing rule of the development framework;
the taint data flow graph generation module is used for determining the position of the taint in the code based on the taint rule of the development framework and the routing function and generating a taint data flow graph;
and the vulnerability information determining module is used for traversing the taint data flow graph based on a preset vulnerability rule corresponding to the development frame type and determining whether vulnerability information exists in the code to be detected.
9. An electronic device, comprising:
one or more processors;
a memory;
one or more applications, wherein the one or more applications are stored in the memory and configured to be executed by the one or more processors, the one or more programs configured to: performing the vulnerability detection method of any of claims 1-7.
10. A computer storage medium having stored thereon at least one instruction, at least one program, a set of codes, or a set of instructions, which is loaded and executed by a processor to implement the vulnerability detection method of any of claims 1 to 7.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202010295600.0A CN111506900B (en) | 2020-04-15 | 2020-04-15 | Vulnerability detection method and device, electronic equipment and computer storage medium |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202010295600.0A CN111506900B (en) | 2020-04-15 | 2020-04-15 | Vulnerability detection method and device, electronic equipment and computer storage medium |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN111506900A true CN111506900A (en) | 2020-08-07 |
| CN111506900B CN111506900B (en) | 2023-07-18 |
Family
ID=71874310
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202010295600.0A Active CN111506900B (en) | 2020-04-15 | 2020-04-15 | Vulnerability detection method and device, electronic equipment and computer storage medium |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN111506900B (en) |
Cited By (8)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN112131573A (en) * | 2020-09-14 | 2020-12-25 | 深信服科技股份有限公司 | Method and device for detecting security vulnerability and storage medium |
| CN112347486A (en) * | 2020-11-30 | 2021-02-09 | 山东浪潮商用***有限公司 | Code vulnerability examination method and device for realizing privacy protection and readable medium |
| CN112632561A (en) * | 2020-12-28 | 2021-04-09 | 北京安全共识科技有限公司 | Web application vulnerability detection method and related device |
| CN113010890A (en) * | 2021-02-26 | 2021-06-22 | 中科天齐(山西)软件安全技术研究院有限公司 | Application program safety detection method and device, electronic equipment and storage medium |
| CN113220306A (en) * | 2021-05-31 | 2021-08-06 | 支付宝(杭州)信息技术有限公司 | Operation execution method and device and electronic equipment |
| CN117806971A (en) * | 2024-01-03 | 2024-04-02 | 北京北大软件工程股份有限公司 | Self-adaptive analysis configuration method and system |
| CN118094569A (en) * | 2024-04-24 | 2024-05-28 | 腾讯科技(深圳)有限公司 | Vulnerability detection method, vulnerability detection device, computer equipment and storage medium |
| CN118094255A (en) * | 2024-04-29 | 2024-05-28 | 杭州默安科技有限公司 | Method, device, equipment and storage medium for identifying filter function |
Citations (15)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102129538A (en) * | 2011-03-04 | 2011-07-20 | 北京邮电大学 | System and method for detecting buffer overflow vulnerability of source code of sensor network |
| US20140359776A1 (en) * | 2013-05-29 | 2014-12-04 | Lucent Sky Corporation | Method, system, and computer program product for automatically mitigating vulnerabilities in source code |
| CN104298921A (en) * | 2013-07-15 | 2015-01-21 | 深圳市腾讯计算机***有限公司 | Animation source file security vulnerability checking method and animation source file security vulnerability checking device |
| CN105204985A (en) * | 2014-06-23 | 2015-12-30 | 腾讯科技(深圳)有限公司 | Vulnerability detection method and device |
| CN107688748A (en) * | 2017-09-05 | 2018-02-13 | 中国人民解放军信息工程大学 | Fragility Code Clones detection method and its device based on leak fingerprint |
| WO2018086294A1 (en) * | 2016-11-14 | 2018-05-17 | 平安科技(深圳)有限公司 | Method and system for detecting security hole of application software, device, and storage medium |
| WO2018086292A1 (en) * | 2016-11-14 | 2018-05-17 | 平安科技(深圳)有限公司 | Method and system for detecting security hole of application software, device, and storage medium |
| CN109002721A (en) * | 2018-07-12 | 2018-12-14 | 南方电网科学研究院有限责任公司 | Mining analysis method for information security vulnerability |
| CN109462583A (en) * | 2018-10-31 | 2019-03-12 | 南京邮电大学 | A kind of reflection-type leak detection method combined based on static and dynamic |
| CN109460641A (en) * | 2018-11-15 | 2019-03-12 | 成都网域复兴科技有限公司 | A kind of loophole positioning excavation system and method for binary file |
| US20190089720A1 (en) * | 2016-05-31 | 2019-03-21 | University Of South Florida | Systems and methods for detecting attacks in big data systems |
| CN109710307A (en) * | 2018-12-29 | 2019-05-03 | 深圳点猫科技有限公司 | Method, the electronic equipment of abstract syntax tree are rebuild based on Python code |
| WO2019104312A1 (en) * | 2017-11-27 | 2019-05-31 | Fractal Industries, Inc. | Meta-indexing, search, compliance, and test framework for software development |
| CN110197072A (en) * | 2018-06-04 | 2019-09-03 | 腾讯科技(深圳)有限公司 | The method of excavation and system of software security flaw, storage medium and computer equipment |
| US20200074084A1 (en) * | 2018-08-29 | 2020-03-05 | Microsoft Technology Licensing, Llc | Privacy-preserving component vulnerability detection and handling |
-
2020
- 2020-04-15 CN CN202010295600.0A patent/CN111506900B/en active Active
Patent Citations (15)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102129538A (en) * | 2011-03-04 | 2011-07-20 | 北京邮电大学 | System and method for detecting buffer overflow vulnerability of source code of sensor network |
| US20140359776A1 (en) * | 2013-05-29 | 2014-12-04 | Lucent Sky Corporation | Method, system, and computer program product for automatically mitigating vulnerabilities in source code |
| CN104298921A (en) * | 2013-07-15 | 2015-01-21 | 深圳市腾讯计算机***有限公司 | Animation source file security vulnerability checking method and animation source file security vulnerability checking device |
| CN105204985A (en) * | 2014-06-23 | 2015-12-30 | 腾讯科技(深圳)有限公司 | Vulnerability detection method and device |
| US20190089720A1 (en) * | 2016-05-31 | 2019-03-21 | University Of South Florida | Systems and methods for detecting attacks in big data systems |
| WO2018086292A1 (en) * | 2016-11-14 | 2018-05-17 | 平安科技(深圳)有限公司 | Method and system for detecting security hole of application software, device, and storage medium |
| WO2018086294A1 (en) * | 2016-11-14 | 2018-05-17 | 平安科技(深圳)有限公司 | Method and system for detecting security hole of application software, device, and storage medium |
| CN107688748A (en) * | 2017-09-05 | 2018-02-13 | 中国人民解放军信息工程大学 | Fragility Code Clones detection method and its device based on leak fingerprint |
| WO2019104312A1 (en) * | 2017-11-27 | 2019-05-31 | Fractal Industries, Inc. | Meta-indexing, search, compliance, and test framework for software development |
| CN110197072A (en) * | 2018-06-04 | 2019-09-03 | 腾讯科技(深圳)有限公司 | The method of excavation and system of software security flaw, storage medium and computer equipment |
| CN109002721A (en) * | 2018-07-12 | 2018-12-14 | 南方电网科学研究院有限责任公司 | Mining analysis method for information security vulnerability |
| US20200074084A1 (en) * | 2018-08-29 | 2020-03-05 | Microsoft Technology Licensing, Llc | Privacy-preserving component vulnerability detection and handling |
| CN109462583A (en) * | 2018-10-31 | 2019-03-12 | 南京邮电大学 | A kind of reflection-type leak detection method combined based on static and dynamic |
| CN109460641A (en) * | 2018-11-15 | 2019-03-12 | 成都网域复兴科技有限公司 | A kind of loophole positioning excavation system and method for binary file |
| CN109710307A (en) * | 2018-12-29 | 2019-05-03 | 深圳点猫科技有限公司 | Method, the electronic equipment of abstract syntax tree are rebuild based on Python code |
Cited By (8)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN112131573A (en) * | 2020-09-14 | 2020-12-25 | 深信服科技股份有限公司 | Method and device for detecting security vulnerability and storage medium |
| CN112347486A (en) * | 2020-11-30 | 2021-02-09 | 山东浪潮商用***有限公司 | Code vulnerability examination method and device for realizing privacy protection and readable medium |
| CN112632561A (en) * | 2020-12-28 | 2021-04-09 | 北京安全共识科技有限公司 | Web application vulnerability detection method and related device |
| CN113010890A (en) * | 2021-02-26 | 2021-06-22 | 中科天齐(山西)软件安全技术研究院有限公司 | Application program safety detection method and device, electronic equipment and storage medium |
| CN113220306A (en) * | 2021-05-31 | 2021-08-06 | 支付宝(杭州)信息技术有限公司 | Operation execution method and device and electronic equipment |
| CN117806971A (en) * | 2024-01-03 | 2024-04-02 | 北京北大软件工程股份有限公司 | Self-adaptive analysis configuration method and system |
| CN118094569A (en) * | 2024-04-24 | 2024-05-28 | 腾讯科技(深圳)有限公司 | Vulnerability detection method, vulnerability detection device, computer equipment and storage medium |
| CN118094255A (en) * | 2024-04-29 | 2024-05-28 | 杭州默安科技有限公司 | Method, device, equipment and storage medium for identifying filter function |
Also Published As
| Publication number | Publication date |
|---|---|
| CN111506900B (en) | 2023-07-18 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN111506900A (en) | Vulnerability detection method and device, electronic equipment and computer storage medium | |
| CN110489345B (en) | Crash aggregation method, device, medium and equipment | |
| CN114422267B (en) | Flow detection method, device, equipment and medium | |
| CN112035359B (en) | Program testing method and device, electronic equipment and storage medium | |
| CN114328208A (en) | Code detection method and device, electronic equipment and storage medium | |
| CN114035805A (en) | Code conversion method, apparatus, medium, and device for pre-compiler | |
| CN111666218B (en) | Code auditing method, device, electronic equipment and medium | |
| CN111124541A (en) | Configuration file generation method, device, equipment and medium | |
| CN115951916A (en) | Component processing method and device, electronic equipment and storage medium | |
| CN112817864B (en) | Method, device, equipment and medium for generating test file | |
| CN115729797A (en) | Code similarity function detection method and device, electronic equipment and storage medium | |
| CN111367527B (en) | Language processing method, device, medium and electronic equipment | |
| CN112379967A (en) | Simulator detection method, device, equipment and medium | |
| CN112487416A (en) | Business process verification method and device and electronic equipment | |
| CN111797009A (en) | Method and device for detecting code compatibility and electronic equipment | |
| CN117235744B (en) | Source file online method, device, electronic equipment and computer readable medium | |
| CN111125015A (en) | Method, apparatus, terminal and medium for dump file classification | |
| CN116343905B (en) | Pretreatment method, pretreatment device, pretreatment medium and pretreatment equipment for protein characteristics | |
| CN114238976B (en) | File detection method and device, readable medium and electronic equipment | |
| CN117493149A (en) | Code security detection method, device, apparatus, storage medium, and program | |
| CN114780957A (en) | Script detection method, device, equipment and storage medium | |
| CN112463200A (en) | Development kit processing method and device, electronic device and storage medium | |
| CN116962548A (en) | Message structure difference recognition method and device | |
| CN116954618A (en) | Function compiling method, device, medium and electronic equipment | |
| CN116166856A (en) | Processing method, device, equipment and storage medium of table data |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| CB02 | Change of applicant information |
Address after: 100041 B-0035, 2 floor, 3 building, 30 Shixing street, Shijingshan District, Beijing. Applicant after: Douyin Vision Co.,Ltd. Address before: 100041 B-0035, 2 floor, 3 building, 30 Shixing street, Shijingshan District, Beijing. Applicant before: Tiktok vision (Beijing) Co.,Ltd. Address after: 100041 B-0035, 2 floor, 3 building, 30 Shixing street, Shijingshan District, Beijing. Applicant after: Tiktok vision (Beijing) Co.,Ltd. Address before: 100041 B-0035, 2 floor, 3 building, 30 Shixing street, Shijingshan District, Beijing. Applicant before: BEIJING BYTEDANCE NETWORK TECHNOLOGY Co.,Ltd. |
|
| CB02 | Change of applicant information | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |