[go: up one dir, main page]

CN114691197A - Code analysis method and device, electronic equipment and storage medium - Google Patents

Code analysis method and device, electronic equipment and storage medium Download PDF

Info

Publication number
CN114691197A
CN114691197A CN202210335613.5A CN202210335613A CN114691197A CN 114691197 A CN114691197 A CN 114691197A CN 202210335613 A CN202210335613 A CN 202210335613A CN 114691197 A CN114691197 A CN 114691197A
Authority
CN
China
Prior art keywords
analysis
code
analyzed
source code
syntax tree
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202210335613.5A
Other languages
Chinese (zh)
Inventor
付威
李粒
章磊
李孝岩
齐向东
吴云坤
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Secworld Information Technology Beijing Co Ltd
Qax Technology Group Inc
Original Assignee
Secworld Information Technology Beijing Co Ltd
Qax Technology Group Inc
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Secworld Information Technology Beijing Co Ltd, Qax Technology Group Inc filed Critical Secworld Information Technology Beijing Co Ltd
Priority to CN202210335613.5A priority Critical patent/CN114691197A/en
Publication of CN114691197A publication Critical patent/CN114691197A/en
Pending legal-status Critical Current

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F8/00Arrangements for software engineering
    • G06F8/70Software maintenance or management
    • G06F8/75Structural analysis for program understanding

Landscapes

  • Engineering & Computer Science (AREA)
  • Software Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Debugging And Monitoring (AREA)
  • Stored Programmes (AREA)

Abstract

The application provides a code analysis method, a code analysis device, electronic equipment and a storage medium. The method comprises the following steps: acquiring a syntax tree of a source code to be analyzed and an analysis rule corresponding to a target defect type; and analyzing the syntax tree by using the analysis rule to determine the code content of the target defect type in the source code to be analyzed. Thus, defects in the source code in the code library can be determined by this method.

Description

代码分析方法、装置、电子设备和存储介质Code analysis method, apparatus, electronic device and storage medium

技术领域technical field

本申请涉及数据处理技术领域,具体而言,涉及代码分析方法、装置、电子设备和存储介质。The present application relates to the technical field of data processing, and in particular, to a code analysis method, apparatus, electronic device, and storage medium.

背景技术Background technique

代码库中通常能够用于存储应用程序的源代码,在实际应用中,可以通过对代码库中的源代码进行静态分析,以确定源代码中的缺陷。因此,如何对源代码进行静态分析至关重要。The code base can usually be used to store the source code of the application. In practical applications, the source code in the code base can be statically analyzed to determine the defects in the source code. Therefore, how to statically analyze the source code is crucial.

发明内容SUMMARY OF THE INVENTION

本申请实施例的目的在于提供代码分析方法、装置、电子设备和存储介质,用于解决现有技术中的问题。The purpose of the embodiments of the present application is to provide a code analysis method, an apparatus, an electronic device, and a storage medium, so as to solve the problems in the prior art.

本申请实施例第一方面提供了一种代码分析方法,所述方法包括:A first aspect of the embodiments of the present application provides a code analysis method, the method comprising:

获取待分析源代码的语法树,以及与目标缺陷类型对应的分析规则;Obtain the syntax tree of the source code to be analyzed, and the analysis rules corresponding to the target defect type;

利用所述分析规则对所述语法树进行分析,以确定所述待分析源代码中所述目标缺陷类型的代码内容。The syntax tree is analyzed by using the analysis rule to determine the code content of the target defect type in the source code to be analyzed.

于一实施例中,所述方法还包括:In one embodiment, the method further includes:

获取代码分析请求,所述代码分析请求包括所述目标缺陷类型以及所述待分析源代码的标识信息;相应的,Obtain a code analysis request, where the code analysis request includes the target defect type and the identification information of the source code to be analyzed; accordingly,

获取待分析源代码的语法树,以及与目标缺陷类型对应的分析规则,具体包括:Obtain the syntax tree of the source code to be analyzed and the analysis rules corresponding to the target defect type, including:

通过所述待分析源代码的标识信息,获取所述待分析源代码的语法树;以及,通过所述目标缺陷类型,获取所述分析规则。Obtain the syntax tree of the source code to be analyzed by using the identification information of the source code to be analyzed; and obtain the analysis rule by using the target defect type.

于一实施例中,所述方法还包括:In one embodiment, the method further includes:

针对代码库中不同应用程序的源代码和/或同一应用程序不同版本的源代码,分别构建相应的代码分析任务;以及,Build corresponding code analysis tasks separately for the source code of different applications in the code base and/or the source code of different versions of the same application; and,

获取代码分析请求,具体包括:Get code analysis requests, including:

在所述代码分析任务被触发的情况下,获取所述代码分析请求。When the code analysis task is triggered, the code analysis request is acquired.

于一实施例中,获取待分析源代码的语法树,具体包括:从语法树数据库中获取所述语法树。In one embodiment, acquiring the syntax tree of the source code to be analyzed specifically includes: acquiring the syntax tree from a syntax tree database.

于一实施例中,获取待分析源代码的语法树,具体包括:In one embodiment, acquiring the syntax tree of the source code to be analyzed specifically includes:

根据所述待分析源代码的编程语言的语法规则,对所述待分析源代码进行词法分析;Perform lexical analysis on the source code to be analyzed according to the grammar rules of the programming language of the source code to be analyzed;

对词法分析的结果进行语法分析,以生成所述语法树。The result of the lexical analysis is parsed to generate the syntax tree.

于一实施例中,通过如下方式获取与目标缺陷类型对应的分析规则:In one embodiment, the analysis rules corresponding to the target defect types are obtained in the following manner:

利用缺陷类型与分析规则的预设对应关系,获取与目标缺陷类型对应的分析规则。The analysis rule corresponding to the target defect type is obtained by using the preset correspondence between the defect type and the analysis rule.

于一实施例中,利用所述分析规则对所述语法树进行分析,以确定所述待分析源代码中所述目标缺陷类型的代码内容,具体包括:In one embodiment, the syntax tree is analyzed by using the analysis rule to determine the code content of the target defect type in the source code to be analyzed, which specifically includes:

利用所述分析规则对所述语法树进行类型分析、常量分析、语法树分析、控制流分析、数据流分析和/或污点分析,以确定所述待分析源代码中所述目标缺陷类型的代码内容。Perform type analysis, constant analysis, syntax tree analysis, control flow analysis, data flow analysis and/or taint analysis on the syntax tree using the analysis rules to determine the code of the target defect type in the source code to be analyzed content.

于一实施例中,所述方法还包括:将所述代码内容突出显示。In one embodiment, the method further includes: highlighting the code content.

本申请实施例第二方面提供了一种代码分析装置,包括:A second aspect of the embodiments of the present application provides a code analysis device, including:

获取单元,用于获取待分析源代码的语法树,以及与目标缺陷类型对应的分析规则;The acquisition unit is used to acquire the syntax tree of the source code to be analyzed, and the analysis rules corresponding to the target defect type;

分析单元,用于利用所述分析规则对所述语法树进行分析,以确定所述待分析源代码中所述目标缺陷类型的代码内容。An analysis unit, configured to analyze the syntax tree by using the analysis rule to determine the code content of the target defect type in the source code to be analyzed.

于一实施例中,所述装置还包括:请求获取单元,用于获取代码分析请求,所述代码分析请求包括所述目标缺陷类型的标识信息以及所述待分析源代码的标识信息;相应的,In one embodiment, the device further includes: a request obtaining unit, configured to obtain a code analysis request, where the code analysis request includes identification information of the target defect type and identification information of the source code to be analyzed; corresponding ,

所述获取单元,用于通过所述待分析源代码的标识信息,获取所述待分析源代码的语法树;以及,通过所述目标缺陷类型的标识信息,获取所述分析规则。The obtaining unit is configured to obtain the syntax tree of the source code to be analyzed through the identification information of the source code to be analyzed; and obtain the analysis rule through the identification information of the target defect type.

于一实施例中,所述装置还包括:任务构建单元,用于针对代码库中不同应用程序的源代码和/或同一应用程序不同版本的源代码,分别构建相应的代码分析任务;以及,In one embodiment, the apparatus further includes: a task construction unit, configured to respectively construct corresponding code analysis tasks for source codes of different applications in the code base and/or source codes of different versions of the same application; and,

所述请求获取单元具体包括:请求获取子单元,用于在所述代码分析任务被触发的情况下,获取所述代码分析请求。The request acquisition unit specifically includes: a request acquisition subunit, configured to acquire the code analysis request when the code analysis task is triggered.

于一实施例中,所述获取单元具体包括:第一获取子单元,用于从语法树数据库中获取所述语法树。In an embodiment, the obtaining unit specifically includes: a first obtaining subunit, configured to obtain the syntax tree from a syntax tree database.

于一实施例中,所述获取单元具体包括:第二获取子单元,用于根据所述待分析源代码的编程语言的语法规则,对所述待分析源代码进行词法分析;对词法分析的结果进行语法分析,以生成所述语法树。In one embodiment, the obtaining unit specifically includes: a second obtaining subunit, configured to perform lexical analysis on the source code to be analyzed according to the grammar rules of the programming language of the source code to be analyzed; The results are parsed to generate the syntax tree.

于一实施例中,所述获取单元具体包括:第三获取子单元,用于利用缺陷类型与分析规则的预设对应关系,获取与目标缺陷类型对应的分析规则。In one embodiment, the obtaining unit specifically includes: a third obtaining subunit, configured to obtain the analysis rule corresponding to the target defect type by using the preset correspondence between the defect type and the analysis rule.

于一实施例中,所述分析单元具体包括:分析子单元,用于利用所述分析规则对所述语法树进行类型分析、常量分析、语法树分析、控制流分析、数据流分析和/或污点分析,以确定所述待分析源代码中所述目标缺陷类型的代码内容。In one embodiment, the analysis unit specifically includes: an analysis subunit, configured to perform type analysis, constant analysis, syntax tree analysis, control flow analysis, data flow analysis and/or analysis on the syntax tree by using the analysis rule. Stain analysis to determine the code content of the target defect type in the source code to be analyzed.

于一实施例中,所述装置还包括:显示单元,用于将所述代码内容突出显示。In one embodiment, the apparatus further includes: a display unit, configured to highlight the code content.

本申请实施例第三方面提供了一种电子设备,包括:A third aspect of the embodiments of the present application provides an electronic device, including:

存储器,用以存储计算机程序;memory for storing computer programs;

处理器,用以执行本申请方法实施例中任一项所述的方法。The processor is configured to execute the method described in any one of the method embodiments of this application.

本申请实施例第四方面提供了一种存储介质,包括:程序,当其在电子设备上运行时,使得电子设备可执行本申请方法实施例中任一项所述的方法。A fourth aspect of the embodiments of the present application provides a storage medium, including: a program, when running on an electronic device, enables the electronic device to execute the method described in any one of the method embodiments of the present application.

采用本申请实施例所提供的代码分析方法,包括获取待分析源代码的语法树,以及与目标缺陷类型对应的分析规则,然后利用该分析规则对该语法树进行分析,从而确定待分析源代码中目标缺陷类型的代码内容。因此,能够通过该方法确定代码库中源代码的缺陷。The code analysis method provided by the embodiment of the present application includes acquiring the syntax tree of the source code to be analyzed, and the analysis rule corresponding to the target defect type, and then analyzing the syntax tree by using the analysis rule to determine the source code to be analyzed. The code content of the target defect type in . Therefore, defects in the source code in the code base can be determined by this method.

附图说明Description of drawings

为了更清楚地说明本申请实施例的技术方案,下面将对本申请实施例中所需要使用的附图作简单地介绍,应当理解,以下附图仅示出了本申请的某些实施例,因此不应被看作是对范围的限定,对于本领域普通技术人员来讲,在不付出创造性劳动的前提下,还可以根据这些附图获得其他相关的附图。In order to explain the technical solutions of the embodiments of the present application more clearly, the following briefly introduces the accompanying drawings that need to be used in the embodiments of the present application. It should be understood that the following drawings only show some embodiments of the present application, therefore It should not be regarded as a limitation of the scope. For those of ordinary skill in the art, other related drawings can also be obtained from these drawings without any creative effort.

图1为本申请一实施例提供的电子设备的结构示意图;FIG. 1 is a schematic structural diagram of an electronic device provided by an embodiment of the present application;

图2为本申请一实施例提供的代码分析方法的具体流程示意图;2 is a schematic flowchart of a code analysis method provided by an embodiment of the present application;

图3为本申请一实施例提供的,在具体应用场景下代码分析方法的具体流程示意图;3 is a schematic flowchart of a code analysis method in a specific application scenario, provided by an embodiment of the present application;

图4为本申请一实施例提供的代码分析装置的具体结构示意图。FIG. 4 is a schematic diagram of a specific structure of a code analysis apparatus provided by an embodiment of the present application.

具体实施方式Detailed ways

下面将结合本申请实施例中的附图,对本申请实施例中的技术方案进行描述。在本申请的描述中,诸如“第一”、“第二”、“第三”等术语仅用于区分描述,而不能理解为指示或暗示相对重要性或先后顺序。The technical solutions in the embodiments of the present application will be described below with reference to the accompanying drawings in the embodiments of the present application. In the description of the present application, terms such as "first", "second", "third" and the like are only used to distinguish the description, and should not be construed as indicating or implying relative importance or sequence.

如前所述,可以通过对代码库中的源代码进行静态分析,以确定源代码中的缺陷。As mentioned earlier, defects in source code can be identified by static analysis of the source code in the code base.

比如,在代码库中可以存储多个不同应用程序的源代码,并且这些应用程序可能会不断更新,因此即使对于同一个应用程序而言,其源代码还可能有多个不同的版本。如何对这些不同应用程序的源代码,甚至于同一应用程序的不同版本的源代码进行静待分析,以确定其缺陷至关重要。For example, the source code of many different applications can be stored in the code base, and these applications may be continuously updated, so even for the same application, its source code may have multiple different versions. How to perform static analysis on the source code of these different applications, or even the source code of different versions of the same application, to determine its defects is very important.

如图1所示,本实施例提供一种电子设备1,包括:至少一个处理器 11和存储器12,图1中以一个处理器为例。处理器11和存储器12可以通过总线10连接,存储器12存储有可被处理器11执行的指令,指令被处理器11执行,以使电子设备1可执行下述的实施例中方法的全部或部分流程。As shown in FIG. 1 , this embodiment provides an electronic device 1, including: at least one processor 11 and a memory 12. In FIG. 1, one processor is used as an example. The processor 11 and the memory 12 can be connected through the bus 10, and the memory 12 stores instructions that can be executed by the processor 11, and the instructions are executed by the processor 11, so that the electronic device 1 can execute all or part of the methods in the following embodiments process.

该电子设备1可以是手机、笔记本电脑、台式电脑或其组成的大型服务器或服务器集群等。The electronic device 1 may be a mobile phone, a notebook computer, a desktop computer, or a large server or server cluster composed thereof.

于一实施例中,当需要对代码库中所存储的源代码进行静态分析 (ProgramStatic Analysis)时,比如在不运行该源代码的情况下,通过语法树分析、控制流分析、数据流分析等技术对该源代码进行扫描,从而验证该源代码是否满足规范性、安全性、可靠性、可维护性等指标,此时可以通过该电子设备1执行下述的实施例中方法的全部或部分流程,来实现对该源代码的静态分析。In one embodiment, when the source code stored in the code base needs to be statically analyzed (ProgramStatic Analysis), for example, without running the source code, through syntax tree analysis, control flow analysis, data flow analysis, etc. The technology scans the source code to verify whether the source code satisfies the specifications, security, reliability, maintainability and other indicators. At this time, all or part of the methods in the following embodiments can be executed by the electronic device 1 Process to achieve static analysis of the source code.

如图2所示为本申请一实施例的代码分析方法的流程示意图,该方法部分或全部步骤可由图1所示的电子设备1来执行,这里可以此为示例,对该方法进行说明。该方法包括如下步骤:FIG. 2 is a schematic flowchart of a code analysis method according to an embodiment of the present application. Some or all of the steps of the method may be performed by the electronic device 1 shown in FIG. 1 , which can be used as an example here to describe the method. The method includes the following steps:

步骤S21:获取待分析源代码的语法树。Step S21: Obtain the syntax tree of the source code to be analyzed.

该待分析源代码可以是代码库中任意一个应用程序的源代码,也可以是代码库中任意一个应用程序的任意一个版本的源代码,比如从代码库随机获取一个应用程序的任意一个版本的源代码,作为该待分析源代码;当然,在实际应用中,该待分析源代码也可以是根据分析需要,从代码库中选取的某一个应用程序指定版本的源代码等。The source code to be analyzed can be the source code of any application in the code base, or the source code of any version of any application in the code base, for example, the source code of any version of an application is randomly obtained from the code base The source code is the source code to be analyzed; of course, in practical applications, the source code to be analyzed may also be the source code of a specified version of an application selected from the code base according to analysis needs.

该语法树(abstract syntax code,AST)是待分析源代码的抽象语法结构的树状表示。该语法树以树状的形式表现待分析源代码的编程语言的语法结构,其中,语法树上的每个节点分别表示待分析源代码中的一种结构,并且该语法树并不依赖于待分析源代码的编程语言的语法。The syntax tree (abstract syntax code, AST) is a tree-like representation of the abstract syntax structure of the source code to be analyzed. The syntax tree represents the syntax structure of the programming language of the source code to be analyzed in the form of a tree, wherein each node on the syntax tree represents a structure in the source code to be analyzed, and the syntax tree does not depend on the source code to be analyzed. The syntax of the programming language that analyzes the source code.

对于获取待分析源代码的语法树的具体方式,在实际应用中可以有多种,这里可以列举几种进行说明:There are many specific ways to obtain the syntax tree of the source code to be analyzed in practical applications. Here are several examples for description:

方式一:生成该待分析源代码的语法树。Method 1: Generate the syntax tree of the source code to be analyzed.

在该方式一中,可以先获取该待分析源代码,然后通过该待分析源代码来生成语法树。其中,通过该待分析源代码生成语法树的过程可以包括,先根据待分析源代码的编程语言的语法规则,对待分析源代码进行词法分析,然后对词法分析的结果进行语法分析,以生成该语法树。In the first manner, the source code to be analyzed may be obtained first, and then a syntax tree may be generated by using the source code to be analyzed. Wherein, the process of generating a syntax tree by using the source code to be analyzed may include: first, according to the grammar rules of the programming language of the source code to be analyzed, performing lexical analysis on the source code to be analyzed, and then performing syntax analysis on the result of the lexical analysis to generate the syntax tree.

比如,先根据待分析源代码的编程语言的语法规则,对待分析源代码进行词法分析,从而实现对待分析源代码的分词。在该过程中,可以按顺序获取待分析源代码中的有限字符序列,并结合相应编程语言的语法规则,识别该有限字符序列是否为具有词法含义的单词,若是则作为一个分词,若否则继续获取其他字符。比如,若待分析源代码的编程语言为C语言,可以结合C语言的语法规则,包括C语言的运算符、控制字符和合法的标识符,识别所获取的有限字符序列是否为具有词法含义的单词,进而确定是否作为一个分词。For example, according to the grammar rules of the programming language of the source code to be analyzed, lexical analysis is performed on the source code to be analyzed, so as to realize the word segmentation of the source code to be analyzed. In this process, the finite character sequence in the source code to be analyzed can be obtained in sequence, and combined with the grammar rules of the corresponding programming language, it can be identified whether the finite character sequence is a word with lexical meaning, if so, it is regarded as a word segmentation, otherwise, continue Get other characters. For example, if the programming language of the source code to be analyzed is the C language, it can be combined with the grammar rules of the C language, including the operators, control characters and legal identifiers of the C language, to identify whether the obtained limited character sequence has lexical meaning. word, and then determine whether it is a participle.

在对待分析源代码进行词法分析之后,得到的词法分析的结果为多个分词,然后进行语法分析,以确定是否存在语法错误,若是则输出错误提示,若否则将词法分析的结果转化为树形的形式,从而生成语法树。After the lexical analysis of the source code to be analyzed, the obtained lexical analysis results are multiple word segmentations, and then grammatical analysis is performed to determine whether there is a grammatical error, if so, an error message is output, otherwise, the lexical analysis result is converted into a tree shape form to generate a syntax tree.

方式二:从语法树数据库中获取该语法树。Method 2: Obtain the syntax tree from the syntax tree database.

其中,该语法树数据库用于存储各个源代码的语法树,因此可以从该语法树数据库中获取待分析源代码的语法树。The syntax tree database is used to store the syntax trees of each source code, so the syntax tree of the source code to be analyzed can be obtained from the syntax tree database.

比如,可以利用该待分析源代码的标识信息来查询语法树数据库,从而获取该待分析源代码的语法树。其中,该待分析源代码的标识信息可以是该待分析源代码对应的应用程序的名称、版本号,也可以是其他能够用于唯一标识该待分析源代码的字符或字符串等。For example, the identification information of the source code to be analyzed can be used to query the syntax tree database, so as to obtain the syntax tree of the source code to be analyzed. The identification information of the source code to be analyzed may be the name and version number of the application corresponding to the source code to be analyzed, or other characters or strings that can be used to uniquely identify the source code to be analyzed.

另外,对于语法树数据库中所存储的语法树,可以通过方式一进行生成,并在生成语法树之后,存储于该语法树数据库。In addition, the syntax tree stored in the syntax tree database can be generated through the first method, and after the syntax tree is generated, it can be stored in the syntax tree database.

在实际应用中,还可以通过其他方式来获取待分析源代码的语法树,比如还可以将上述方式一和方式二进行结合,从而获取待分析源代码的语法树。比如,先通过该待分析源代码的标识信息查询语法树数据库,若该语法树数据库中存储有该待分析源代码的语法树,则利用方式二,从语法树数据库中获取该语法树;若该语法树数据库中没有存储该待分析源代码的语法树,则利用方式一生成该待分析源代码的语法树。In practical applications, the syntax tree of the source code to be analyzed can also be obtained in other ways. For example, the above-mentioned method 1 and method 2 can also be combined to obtain the syntax tree of the source code to be analyzed. For example, first query the syntax tree database through the identification information of the source code to be analyzed, if the syntax tree of the source code to be analyzed is stored in the syntax tree database, then use method 2 to obtain the syntax tree from the syntax tree database; The syntax tree of the source code to be analyzed is not stored in the syntax tree database, and the syntax tree of the source code to be analyzed is generated using the first method.

当然,在生成该待分析源代码的语法树之后,还可以将该语法树存储于语法树数据库中,以便于后续的获取。Of course, after the syntax tree of the source code to be analyzed is generated, the syntax tree may also be stored in a syntax tree database for subsequent acquisition.

步骤S22:获取与目标缺陷类型对应的分析规则。Step S22: Obtain an analysis rule corresponding to the target defect type.

在实际应用中,当对源代码进行静态分析时,通常可以包括分析该源代码是否存在某个指定漏洞、是否不符合程序规范等。因此,该目标缺陷类型可以具体为如下缺陷类型中的任意一种或多种:存在某个指定漏洞、不符合程序规范等。In practical applications, when static analysis is performed on the source code, it may usually include analyzing whether the source code has a specified vulnerability, whether it does not conform to the program specification, and the like. Therefore, the target defect type may specifically be any one or more of the following defect types: there is a certain specified vulnerability, non-compliance with program specifications, and the like.

另外,根据作业标准流程,可以预先为上述每种缺陷类型分别设置对应的分析规则,并构建缺陷类型与分析规则的预设对应关系,其中,依照该分析规则能够确定源代码中是否存在相应缺陷类型的缺陷。这样,在获取与目标缺陷类型对应的分析规则时,可以利用缺陷类型与分析规则的预设对应关系,获取与目标缺陷类型对应的分析规则。In addition, according to the work standard process, a corresponding analysis rule can be set for each of the above defect types in advance, and a preset corresponding relationship between the defect type and the analysis rule can be established, wherein whether there is a corresponding defect in the source code can be determined according to the analysis rule. type of defect. In this way, when the analysis rule corresponding to the target defect type is obtained, the analysis rule corresponding to the target defect type can be obtained by using the preset correspondence between the defect type and the analysis rule.

比如,可以先获取该目标缺陷类型的标识信息,该标识信息可以是该目标缺陷类型的编号,或其他能够唯一标识该目标缺陷类型的字符或字符串;然后,结合缺陷类型与分析规则的预设对应关系,以及该目标缺陷类型的标识信息,从而获取与该目标缺陷类型对应的分析规则。For example, the identification information of the target defect type can be obtained first, and the identification information can be the serial number of the target defect type, or other characters or strings that can uniquely identify the target defect type; Set the corresponding relationship and the identification information of the target defect type, so as to obtain the analysis rule corresponding to the target defect type.

通常可以将各种缺陷类型所对应的分析规则均存储于规则数据库,在获取目标缺陷类型的标识信息之后,可以利用缺陷类型与分析规则的预设对应关系,以及目标缺陷类型的标识信息,从规则数据库中获取到与目标缺陷类型对应的分析规则。Usually, the analysis rules corresponding to various defect types can be stored in the rule database. After obtaining the identification information of the target defect type, the preset corresponding relationship between the defect type and the analysis rule, and the identification information of the target defect type can be used to obtain information from the target defect type. The analysis rules corresponding to the target defect types are obtained from the rule database.

在实际应用中,还可以采用其他的方式来获取与目标缺陷类型对应的分析规则,比如当规则数据库并没有存储与该目标缺陷类型对应的分析规则(比如,该目标缺陷类型为新出现的缺陷类型),此时可以先对该目标缺陷类型进行解析,从而确定该目标缺陷类型的多个特征信息,然后利用这些特征信息构建分析流程,包括所需要执行的分析步骤和各个分析步骤所执行的先后顺序等,然后利用该分析流程生成分析规则,从而能够利用该分析规则来确定源代码中是否存在该目标陷类型的缺陷。另外,在生成该分析规则之后,还可以为该分析规则分配对应的标识信息,并存储于规则数据库。In practical applications, other methods can also be used to obtain the analysis rules corresponding to the target defect type, for example, when the rule database does not store the analysis rules corresponding to the target defect type (for example, the target defect type is a new defect Type), at this time, the target defect type can be analyzed first, so as to determine multiple characteristic information of the target defect type, and then use these characteristic information to construct an analysis process, including the analysis steps to be performed and the steps performed by each analysis step. and then use the analysis process to generate analysis rules, so that the analysis rules can be used to determine whether there is a defect of the target trap type in the source code. In addition, after the analysis rule is generated, corresponding identification information may also be assigned to the analysis rule and stored in the rule database.

步骤S23:利用所获取的分析规则对所获取的语法树进行分析,以确定待分析源代码中目标缺陷类型的代码内容。Step S23: Analyze the acquired syntax tree by using the acquired analysis rule to determine the code content of the target defect type in the source code to be analyzed.

在上述的步骤S21和步骤S22分别获取到语法树和分析规则之后,可以利用该分析规则对该语法树进行分析,从而确定待分析源代码中目标缺陷类型的代码内容。其中,利用该分析规则对该语法树进行分析,以确定所述待分析源代码中所述目标缺陷类型的代码内容,的具体方式可以包括:利用该分析规则对该语法树进行类型分析、常量分析、语法树分析、控制流分析、数据流分析和/或污点分析等,以确定该待分析源代码中目标缺陷类型的代码内容。After the syntax tree and the analysis rule are obtained in the above steps S21 and S22 respectively, the syntax tree can be analyzed by using the analysis rule to determine the code content of the target defect type in the source code to be analyzed. Wherein, using the analysis rule to analyze the syntax tree to determine the code content of the target defect type in the source code to be analyzed may include: using the analysis rule to perform type analysis, constant Analysis, syntax tree analysis, control flow analysis, data flow analysis, and/or taint analysis, etc., to determine the code content of the target defect type in the source code to be analyzed.

比如,可以利用该分析规则对语法树进行数据流分析。其中,数据流分析可以是一组用来获取有关数据如何沿着程序执行路径(control-flow graph)流动的相关信息的技术。在所有的数据流分析应用中,我们都会把每个程序点和一个数据流(data-flow value)关联起来。这个值是在该点可能观察到的所有程序状态的集合的抽象表示。所有可能的数据流值的集合称为这个数据流应用的域(domain)。For example, the analysis rule can be used to perform data flow analysis on the syntax tree. Among others, data flow analysis can be a set of techniques used to obtain relevant information about how data flows along a program execution path (control-flow graph). In all data flow analysis applications, we associate each program point with a data-flow value. This value is an abstract representation of the set of all program states that may be observed at that point. The set of all possible data flow values is called the domain of this data flow application.

因此,利用该分析规则对语法树进行数据流分析时,可以将语法树中每个节点对应的语句s之前和之后的数据流值分别记为IN[s]和OUT[s],数据流问题(data-flowproblem)就是要对一组约束求解。这组约束对所有的语句s限定了IN[s]和OUT[s]之间的关系,约束分为两种:基于语句语义(传递函数)的约束和基于控制流的约束。Therefore, when using this analysis rule to analyze the data flow of the syntax tree, the data flow values before and after the statement s corresponding to each node in the syntax tree can be recorded as IN[s] and OUT[s] respectively. (data-flowproblem) is to solve a set of constraints. This set of constraints defines the relationship between IN[s] and OUT[s] for all statements s. There are two types of constraints: constraints based on statement semantics (transfer function) and constraints based on control flow.

比如,还可以利用该分析规则对语法树进行污点分析。其中,污点分析是数据流分析的一种具体应用,能够分析待分析源代码的代码内容中是否存在污点数据传播缺陷,污点分析通常利用如下3种分析规则:For example, the analysis rule can also be used to perform taint analysis on the syntax tree. Among them, taint analysis is a specific application of data flow analysis, which can analyze whether there is a taint data propagation defect in the code content of the source code to be analyzed. The taint analysis usually uses the following three analysis rules:

1、source,即污染源函数;source函数产生的数据是污染传播的起点,程序执行路径中所有source存在依赖关系的数据都标记为污点数据。1. source, that is, the pollution source function; the data generated by the source function is the starting point of pollution propagation, and all source-dependent data in the program execution path are marked as tainted data.

2、sink,即危险函数;‘如果有污点数据进入了sink函数就表示有潜在的安全漏洞。通过在对外开放的接口函数与内部敏感函数之间进行污染传递分析即可检测漏洞。2. Sink, that is, a dangerous function; 'If tainted data enters the sink function, it means there is a potential security vulnerability. Vulnerabilities can be detected by performing pollution transfer analysis between externally open interface functions and internal sensitive functions.

3、transformer,即污染传播函数;污点数据经过传播函数从一个变量传向另一个变量。污染传播函数transformer决定了污点信息怎么在程序中流动。3. Transformer, that is, the pollution propagation function; the tainted data is passed from one variable to another through the propagation function. The taint propagation function transformer determines how taint information flows in the program.

污点分析可以通过source标记外部输入点、并根据程序的数据流来分析数据是否能到达危险函数(sink如:SQL查询,命令执行等函数)来检测安全漏洞。如果在信息流中,变量x的来源是不可信任的,通常可以认为x是污染的(tainted)。被污染的变量x就称为污点数据。污染源就是程序的不可信输入,它可以是文件、网络数据、键盘鼠标的输入、未知来源的 API的返回值等。如果一个变量的值的计算依赖于某个污染源,则该变量就被污染了。同样的,污点传播过程是可以通过变量传递的。假设变量x是污染源,信息流从变量x流向变量y,再从变量y流向变量z,则变量y和变量z均被变量x污染。Taint analysis can detect security vulnerabilities by marking external input points by source, and analyzing whether the data can reach dangerous functions (sink functions such as SQL query, command execution, etc.) according to the data flow of the program. If in the information flow, the source of the variable x cannot be trusted, it can usually be considered that x is tainted. The tainted variable x is called tainted data. The source of pollution is the untrusted input of the program, which can be files, network data, keyboard and mouse input, API return values from unknown sources, etc. A variable is tainted if the computation of its value depends on a source of taint. Similarly, the taint propagation process can be passed through variables. Assuming that variable x is the source of pollution, and the information flow flows from variable x to variable y, and then from variable y to variable z, both variable y and variable z are polluted by variable x.

采用本申请实施例所提供的代码分析方法,包括获取待分析源代码的语法树,以及与目标缺陷类型对应的分析规则,然后利用该分析规则对该语法树进行分析,从而确定待分析源代码中目标缺陷类型的代码内容。因此,能够通过该方法确定代码库中源代码的缺陷。The code analysis method provided by the embodiment of the present application includes acquiring the syntax tree of the source code to be analyzed, and the analysis rule corresponding to the target defect type, and then analyzing the syntax tree by using the analysis rule to determine the source code to be analyzed. The code content of the target defect type in . Therefore, defects in the source code in the code base can be determined by this method.

需要进一步说明的是,在上述的代码分析方法中,并不需要对执行顺序进行限定,比如可以是先执行步骤S21,然后分别执行步骤S22和步骤 S23,也可以是先执行步骤S22,然后分别执行步骤S21和步骤S23,也可以是同时执行步骤S21和步骤S22,然后执行步骤S23,也可以是其他的执行顺序。It should be further noted that, in the above code analysis method, there is no need to limit the execution order. For example, step S21 may be executed first, and then step S22 and step S23 may be executed respectively, or step S22 may be executed first, and then step S22 may be executed separately. Steps S21 and S23 are executed, or steps S21 and S22 are executed simultaneously, and then step S23 is executed, or other execution sequences are also possible.

另外,在执行上述的步骤S23,从而确定出待分析源代码中目标缺陷类型的代码内容之后,该方法还可以包括:将该代码内容突出显示。比如,该目标缺陷类型具体为存在某个指定漏洞,则可以将该待分析源代码中,存在该指定漏洞的代码内容进行突出显示,从而便于后续对该代码内容进行修改,以修补该指定漏洞。其中,对于突出显示的具体方式,可以是将该代码内容标注为高亮色彩、文本线条加粗、加下划线等。当然,在确定出待分析源代码中目标缺陷类型的代码内容之后,还可以发送提示消息,以提示相关人员对该代码内容进行修改。In addition, after performing the above step S23 to determine the code content of the target defect type in the source code to be analyzed, the method may further include: highlighting the code content. For example, if the target defect type is a specified vulnerability, the code content with the specified vulnerability in the source code to be analyzed can be highlighted, so as to facilitate subsequent modification of the code content to patch the specified vulnerability . Wherein, as for the specific manner of highlighting, the code content may be marked with a highlighted color, the text line should be thickened, and the text line should be underlined. Of course, after the code content of the target defect type in the source code to be analyzed is determined, a prompt message may also be sent to prompt relevant personnel to modify the code content.

在实际应用中,通常还可以采用其他的方式对代码库中的源代码进行静态分析。比如,可以先从代码库中获取待分析源代码,然后在与该待分析源代码对应的编译构建环境下,对该待分析源代码进行分析,其中,该编译构建环境包括代码编辑器、编译器、调试器、图形用户界面等。然而,在该分析方法中,依赖于与该待分析源代码对应的编译构建环境,而不同应用程序的源代码所依赖的编译构建环境通常不同,甚至于同一应用程序的不同版本的源代码所依赖的编译构建环境也可能不同,这样当对代码库中不同应用程序的源代码和/或同一应用程序不同版本的源代码进行静态分析时,可能需要生成多个不同的编译构建环境,以支撑该静态分析。而生成编译构建环境通常分时费力,导致该静态分析也费时费力。In practical applications, other methods can usually be used to perform static analysis on the source code in the code base. For example, the source code to be analyzed can be obtained from the code base first, and then the source code to be analyzed can be analyzed in a compilation and construction environment corresponding to the source code to be analyzed, wherein the compilation and construction environment includes a code editor, Debugger, debugger, graphical user interface, etc. However, in this analysis method, the compilation and construction environment corresponding to the source code to be analyzed is relied on, while the compilation and construction environments on which the source codes of different applications depend are usually different, and even the source codes of different versions of the same application program depend on the compilation and construction environments. The dependent compilation and build environments may also be different, so that when static analysis is performed on the source code of different applications in the code base and/or the source code of different versions of the same application, multiple different compilation and build environments may need to be generated to support The static analysis. Generating a compilation and build environment is usually time-consuming and labor-intensive, resulting in the time-consuming and labor-intensive static analysis.

而通过本申请实施例所提供的代码分析方法,对待分析源代码进行分析时,通过分析规则对待分析源代码的语法树进行分析,而不是依赖编译构建环境对待分析源代码本身进行静态分析,因此本申请实施例所提供的代码分析方法并不需要生成相应的编译构建环境,降低了静态分析的成本。With the code analysis method provided by the embodiment of the present application, when analyzing the source code to be analyzed, the syntax tree of the source code to be analyzed is analyzed through the analysis rules, instead of relying on the compilation and construction environment to perform static analysis on the source code to be analyzed itself. Therefore, The code analysis method provided by the embodiment of the present application does not need to generate a corresponding compilation and construction environment, which reduces the cost of static analysis.

在实际应用中,在上述的步骤S21之前,该方法还可以包括获取代码分析请求,其中,该代码分析请求包括目标缺陷类型的标识信息以及待分析源代码的标识信息,然后通过该待分析源代码的标识信息,来获取待分析源代码的语法树,比如通过该标识信息查询语法树数据库,若该语法树数据库中存储有该待分析源代码的语法树,则从该语法树数据库中获取该语法树,或者若该语法树数据库中没有存储该待分析源代码的语法树,则先获取该待分析源代码,然后通过该待分析源代码来生成语法树。当然,也可以通过代码分析请求中的目标缺陷类型的标识信息,获取与该目标缺陷类型对应的分析规则。In practical applications, before the above step S21, the method may further include obtaining a code analysis request, wherein the code analysis request includes identification information of the target defect type and identification information of the source code to be analyzed, and then passes the source code to be analyzed through the source code to be analyzed. The identification information of the code is used to obtain the syntax tree of the source code to be analyzed. For example, the syntax tree database is queried through the identification information. If the syntax tree of the source code to be analyzed is stored in the syntax tree database, it is obtained from the syntax tree database. The syntax tree, or if the syntax tree of the source code to be analyzed is not stored in the syntax tree database, the source code to be analyzed is obtained first, and then the syntax tree is generated from the source code to be analyzed. Of course, the analysis rule corresponding to the target defect type can also be obtained through the identification information of the target defect type in the code analysis request.

其中,对于该代码分析请求,可以是代码分析任务被触发的情况下,所生成的代码分析请求。比如,代码库中所存储的源代码包括不同应用程序的源代码,和/或同一应用程序不同版本的源代码,为了对代码库中的源代码进行静态分析,可以先针对代码库中不同应用程序的源代码和/或同一应用程序不同版本的源代码,分别构建相应的代码分析任务;这样,在该代码分析任务被触发的情况下,能够生成相应的代码分析请求,因此可以获取到代码分析请求。比如,可以将这些代码分析任务按照执行时间或生成时间的先后顺序,生成任务列表,并按照任务列表中的顺序依次执行。The code analysis request may be a code analysis request generated when a code analysis task is triggered. For example, the source codes stored in the code base include the source codes of different applications, and/or the source codes of different versions of the same application. In order to perform static analysis on the source codes in the code base, different applications in the code base can be The source code of the program and/or the source code of different versions of the same application, respectively build the corresponding code analysis task; in this way, when the code analysis task is triggered, the corresponding code analysis request can be generated, so the code can be obtained. Analyze the request. For example, these code analysis tasks can be performed in the order of execution time or generation time to generate a task list, and execute them in sequence according to the order in the task list.

在上述图1所示的电子设备(称之为第一电子设备)可以连接其他电子设备(称之为第二电子设备),此时可以在第二电子设备中设置这些代码分析任务,并且当第二电子设备中的某个代码分析任务被触发时,生成代码分析请求,并向第一电子设备发送该代码分析请求,因此该第一电子设备能够获取到代码分析请求。比如,该第二电子设备可以为用户的手机、笔记本电脑等,该第一电子设备为服务器等。The electronic device shown in FIG. 1 (referred to as the first electronic device) can be connected to other electronic devices (referred to as the second electronic device), at this time, these code analysis tasks can be set in the second electronic device, and when When a code analysis task in the second electronic device is triggered, a code analysis request is generated, and the code analysis request is sent to the first electronic device, so the first electronic device can obtain the code analysis request. For example, the second electronic device may be a user's mobile phone, a notebook computer, etc., and the first electronic device may be a server or the like.

上述是对本申请实施例所提供的代码分析的具体说明,为了便于理解,本申请实施例还可以结合具体的应用场景对该方法进行进一步说明。在该应用场景下,代码库中存储有应用程序A多个版本的源代码,分别为A1、 A2、A3~An,需要对源代码A1~An进行静态分析,以确定是否存在某个指定漏洞。语法树数据库中存储有源代码A1~An分别对应的语法树。The above is a specific description of the code analysis provided by the embodiments of the present application. For ease of understanding, the embodiments of the present application may further describe the method in combination with specific application scenarios. In this application scenario, the source code of multiple versions of application A is stored in the code base, namely A1, A2, A3~An, and the source code A1~An needs to be statically analyzed to determine whether there is a specified vulnerability. . The syntax trees corresponding to the source codes A1 to An are stored in the syntax tree database.

此时,可以针对代码库中源代码A1~An分别构建相应的代码分析任务,其中,各个代码分析任务分别包括对应源代码的标识信息以及该指定漏洞的标识信息;然后,将这些代码分析任务按照执行时间的先后顺序,生成任务列表,从而按照任务列表中的顺序依次执行;同时,可以在电子设备中设置分析调度模块和缺陷分析模块,该分析调度模块可以监控任务列表中是否存在需要执行的代码分析任务,若存在,则按照任务列表的先后顺序获取相应的代码分析任务;若不存在,则可以不执行操作,或间隔一段时间(比如,5分钟或其他时间)后再次监控。可以结合图3所示,对该场景下的方式进行说明:At this time, corresponding code analysis tasks can be respectively constructed for the source codes A1 to An in the code base, wherein each code analysis task includes the identification information of the corresponding source code and the identification information of the specified vulnerability; then, these code analysis tasks are According to the order of execution time, a task list is generated, so as to be executed in sequence according to the order in the task list; at the same time, an analysis and scheduling module and a defect analysis module can be set in the electronic device, and the analysis and scheduling module can monitor whether there is any need to be executed in the task list. If the code analysis task exists, the corresponding code analysis task will be obtained in the order of the task list; if it does not exist, the operation may not be performed, or the monitoring will be performed again after a period of time (for example, 5 minutes or other time). The method in this scenario can be described with reference to Figure 3:

步骤S31:分析调度模块监控任务列表中是否存在需要执行的代码分析任务,若存在,则执行步骤S32。Step S31: The analysis and scheduling module monitors whether there is a code analysis task that needs to be executed in the task list, and if so, executes Step S32.

步骤S32:获取该代码分析任务。Step S32: Acquire the code analysis task.

步骤S33:利用该代码分析任务中源代码的标识信息,查询语法树数据库,并获取对应的语法树。Step S33: Using the identification information of the source code in the code analysis task, query the syntax tree database, and obtain the corresponding syntax tree.

当然,如果该语法树数据库中没有存储对应的语法树,则可以进一步利用该标识信息获取对应的源代码,进而利用该源代码生成语法树。Certainly, if the corresponding syntax tree is not stored in the syntax tree database, the corresponding source code can be further obtained by using the identification information, and then the syntax tree can be generated by using the source code.

步骤S34:利用该代码分析任务中指定漏洞的标识信息,以及缺陷类型与分析规则的预设对应关系,从规则数据库中获取到与指定漏洞对应的分析规则。Step S34: Using the identification information of the specified vulnerability in the code analysis task and the preset correspondence between the defect type and the analysis rule, obtain the analysis rule corresponding to the specified vulnerability from the rule database.

步骤S35:分析调度模块将该分析规则和语法树发送至缺陷分析模块。Step S35: The analysis scheduling module sends the analysis rule and the syntax tree to the defect analysis module.

步骤S36:缺陷分析模块利用该分析规则对该语法树进行分析,并输出分析结果,该分析结果中包括待分析源代码中指定漏洞的代码内容。Step S36: The defect analysis module analyzes the syntax tree by using the analysis rule, and outputs an analysis result, where the analysis result includes the code content of the specified vulnerability in the source code to be analyzed.

完成该代码分析任务后,可以返回步骤S31,分析调度模块继续循环执行直至任务列表为空。After completing the code analysis task, the process may return to step S31, and the analysis and scheduling module continues to execute cyclically until the task list is empty.

基于与本申请实施例所提供的代码分析方法相同的发明构思,本申请实施例还提供了一种代码分析装置,对于该装置实施例,如有不清楚之处,可以参考方法实施例的相应代码内容。如图4所示为该装置40的具体结构示意图,该装置40包括:获取单元401和分析单元402,其中:Based on the same inventive concept as the code analysis method provided by the embodiment of the present application, the embodiment of the present application also provides a code analysis device. For the device embodiment, if there is any unclear point, you can refer to the corresponding method embodiment. code content. 4 is a schematic diagram of the specific structure of the device 40, the device 40 includes: an acquisition unit 401 and an analysis unit 402, wherein:

获取单元401,用于获取待分析源代码的语法树,以及与目标缺陷类型对应的分析规则;Obtaining unit 401, for obtaining the syntax tree of the source code to be analyzed, and the analysis rule corresponding to the target defect type;

分析单元402,用于利用所述分析规则对所述语法树进行分析,以确定所述待分析源代码中所述目标缺陷类型的代码内容。The analyzing unit 402 is configured to analyze the syntax tree by using the analysis rule to determine the code content of the target defect type in the source code to be analyzed.

采用本申请实施例所提供的装置40,由于该装置40采用与本申请实施例所提供的代码分析方法相同的发明构思,在该代码分析方法能够解决技术问题的前提下,该装置40也能够解决技术问题,这里对此不再赘述。With the device 40 provided by the embodiment of the present application, since the device 40 adopts the same inventive concept as the code analysis method provided by the embodiment of the present application, on the premise that the code analysis method can solve the technical problem, the device 40 can also Solve technical problems, which will not be repeated here.

另外,在实际应用中,通过将该装置40与具体硬件设备、云技术等相结合所取得的技术效果,也在本申请的保护范围之内,比如采用分布式集群的方式将该装置40中的不同单元布设于分布式集群中的不同节点中,从而提高效率等。In addition, in practical applications, the technical effects obtained by combining the device 40 with specific hardware equipment, cloud technology, etc. are also within the scope of protection of the present application. The different units are arranged in different nodes in the distributed cluster, so as to improve the efficiency, etc.

在实际应用中,在获取单元401之前,该装置40还可以包括请求获取单元,用于获取代码分析请求,所述代码分析请求包括所述目标缺陷类型以及所述待分析源代码的标识信息;相应的,In practical applications, before the obtaining unit 401, the apparatus 40 may further include a request obtaining unit for obtaining a code analysis request, where the code analysis request includes the target defect type and the identification information of the source code to be analyzed; corresponding,

该获取单元401,用于通过所述待分析源代码的标识信息,获取所述待分析源代码的语法树;以及,通过所述目标缺陷类型,获取所述分析规则。The obtaining unit 401 is configured to obtain the syntax tree of the source code to be analyzed through the identification information of the source code to be analyzed; and obtain the analysis rule through the target defect type.

该装置40还可以进一步包括:任务构建单元,用于针对代码库中不同应用程序的源代码和/或同一应用程序不同版本的源代码,分别构建相应的代码分析任务;此时,该请求获取单元可以具体包括请求获取子单元,用于在所述代码分析任务被触发的情况下,获取所述代码分析请求。The apparatus 40 may further include: a task construction unit, configured to respectively construct corresponding code analysis tasks for the source codes of different application programs in the code base and/or the source codes of different versions of the same application program; at this time, the request obtains The unit may specifically include a request obtaining subunit, configured to obtain the code analysis request when the code analysis task is triggered.

在实际应用中,该获取单元401可以包括第一获取子单元,用于从语法树数据库中获取所述语法树。In practical applications, the obtaining unit 401 may include a first obtaining sub-unit for obtaining the syntax tree from the syntax tree database.

该获取单元401还可以包括第二获取子单元,用于生成该待分析源代码的语法树,比如,先根据所述待分析源代码的编程语言的语法规则,对所述待分析源代码进行词法分析,然后对词法分析的结果进行语法分析,以生成所述语法树。The obtaining unit 401 may further include a second obtaining sub-unit for generating the syntax tree of the source code to be analyzed. Lexical analysis, and then syntactically analyze the results of the lexical analysis to generate the syntax tree.

该获取单元401还可以包括第三获取子单元,用于利用缺陷类型与分析规则的预设对应关系,获取与目标缺陷类型对应的分析规则。The obtaining unit 401 may further include a third obtaining sub-unit, configured to obtain the analysis rule corresponding to the target defect type by using the preset correspondence between the defect type and the analysis rule.

该分析单元402还可以包括分析子单元,用于利用所述分析规则对所述语法树进行类型分析、常量分析、语法树分析、控制流分析、数据流分析和/或污点分析,以确定所述待分析源代码中所述目标缺陷类型的代码内容。The analysis unit 402 may further include an analysis sub-unit for performing type analysis, constant analysis, syntax tree analysis, control flow analysis, data flow analysis and/or taint analysis on the syntax tree by using the analysis rules to determine the Describe the code content of the target defect type in the source code to be analyzed.

在该分析单元402之后,该装置40还可以包括显示单元,用于将所确定出的待分析源代码中,目标缺陷类型的代码内容突出显示。After the analyzing unit 402, the apparatus 40 may further include a display unit, configured to highlight the code content of the target defect type in the determined source code to be analyzed.

本发明实施例还提供了一种存储介质,包括:程序,当其在电子设备上运行时,使得电子设备可执行上述实施例中方法的全部或部分流程。其中,存储介质可为磁盘、光盘、只读存储记忆体(Read-Only Memory,ROM)、随机存储记忆体(Random Access Memory,RAM)、快闪存储器(Flash Memory)、硬盘(Hard Disk Drive,缩写:HDD)或固态硬盘(Solid-State Drive, SSD)等。存储介质还可以包括上述种类的存储器的组合。Embodiments of the present invention also provide a storage medium, including: a program, when running on an electronic device, enables the electronic device to execute all or part of the processes of the methods in the foregoing embodiments. Wherein, the storage medium may be a magnetic disk, an optical disk, a read-only memory (Read-Only Memory, ROM), a random access memory (Random Access Memory, RAM), a flash memory (Flash Memory), a hard disk (Hard Disk Drive, Abbreviation: HDD) or solid-state drive (Solid-State Drive, SSD), etc. The storage medium may also include a combination of the aforementioned kinds of memories.

虽然结合附图描述了本发明的实施例,但是本领域技术人员可以在不脱离本发明的精神和范围的情况下作出各种修改和变型,这样的修改和变型均落入由所附权利要求所限定的范围之内。Although the embodiments of the present invention have been described in conjunction with the accompanying drawings, various modifications and variations can be made by those skilled in the art without departing from the spirit and scope of the present invention, such modifications and variations falling within the scope of the appended claims within the limited range.

Claims (11)

1. A method of code analysis, the method comprising:
acquiring a syntax tree of a source code to be analyzed and an analysis rule corresponding to a target defect type;
and analyzing the syntax tree by using the analysis rule to determine the code content of the target defect type in the source code to be analyzed.
2. The method of claim 1, further comprising:
acquiring a code analysis request, wherein the code analysis request comprises identification information of the target defect type and identification information of the source code to be analyzed; accordingly, the method can be used for solving the problems that,
obtaining a syntax tree of a source code to be analyzed and an analysis rule corresponding to a target defect type, specifically comprising:
acquiring a syntax tree of the source code to be analyzed according to the identification information of the source code to be analyzed; and acquiring the analysis rule through the identification information of the target defect type.
3. The method of claim 2, further comprising:
respectively constructing corresponding code analysis tasks aiming at source codes of different application programs in a code library and/or source codes of different versions of the same application program; and (c) a second step of,
acquiring a code analysis request, specifically comprising:
and acquiring the code analysis request under the condition that the code analysis task is triggered.
4. The method of claim 1, wherein obtaining the syntax tree of the source code to be analyzed specifically comprises: and acquiring the syntax tree from a syntax tree database.
5. The method of claim 1, wherein obtaining the syntax tree of the source code to be analyzed specifically comprises:
according to the grammatical rule of the programming language of the source code to be analyzed, performing lexical analysis on the source code to be analyzed;
and carrying out syntactic analysis on the result of the lexical analysis to generate the syntactic tree.
6. The method of claim 1, wherein the analysis rule corresponding to the target defect type is obtained by:
and acquiring the analysis rule corresponding to the target defect type by utilizing the preset corresponding relation between the defect type and the analysis rule.
7. The method according to claim 1, wherein analyzing the syntax tree using the analysis rule to determine the code content of the target defect type in the source code to be analyzed comprises:
and performing type analysis, constant analysis, syntax tree analysis, control flow analysis, data flow analysis and/or taint analysis on the syntax tree by using the analysis rule to determine the code content of the target defect type in the source code to be analyzed.
8. The method of claim 1, further comprising: highlighting the code content.
9. A code analysis apparatus, comprising:
the system comprises an acquisition unit, a processing unit and a processing unit, wherein the acquisition unit is used for acquiring a syntax tree of a source code to be analyzed and an analysis rule corresponding to a target defect type;
and the analysis unit is used for analyzing the syntax tree by using the analysis rule so as to determine the code content of the target defect type in the source code to be analyzed.
10. An electronic device, comprising:
a memory to store a computer program;
a processor to perform the method of any one of claims 1 to 8.
11. A storage medium, comprising: program which, when run on an electronic device, causes the electronic device to perform the method of any one of claims 1 to 8.
CN202210335613.5A 2022-03-31 2022-03-31 Code analysis method and device, electronic equipment and storage medium Pending CN114691197A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202210335613.5A CN114691197A (en) 2022-03-31 2022-03-31 Code analysis method and device, electronic equipment and storage medium

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202210335613.5A CN114691197A (en) 2022-03-31 2022-03-31 Code analysis method and device, electronic equipment and storage medium

Publications (1)

Publication Number Publication Date
CN114691197A true CN114691197A (en) 2022-07-01

Family

ID=82141412

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202210335613.5A Pending CN114691197A (en) 2022-03-31 2022-03-31 Code analysis method and device, electronic equipment and storage medium

Country Status (1)

Country Link
CN (1) CN114691197A (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN117150996A (en) * 2023-10-30 2023-12-01 北京云枢创新软件技术有限公司 Method for determining problem source code generating burr signal, electronic equipment and medium

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN117150996A (en) * 2023-10-30 2023-12-01 北京云枢创新软件技术有限公司 Method for determining problem source code generating burr signal, electronic equipment and medium
CN117150996B (en) * 2023-10-30 2024-01-19 北京云枢创新软件技术有限公司 Method for determining problem source code generating burr signal, electronic equipment and medium

Similar Documents

Publication Publication Date Title
US9715593B2 (en) Software vulnerabilities detection system and methods
CN111460450B (en) Source code vulnerability detection method based on graph convolution network
CN110383238B (en) System and method for model-based software analysis
US9824214B2 (en) High performance software vulnerabilities detection system and methods
US7849509B2 (en) Detection of security vulnerabilities in computer programs
US8819637B2 (en) Fixing security vulnerability in a source code
CN110532176B (en) Formal verification method of intelligent contract, electronic device and storage medium
US8656496B2 (en) Global variable security analysis
US10599852B2 (en) High performance software vulnerabilities detection system and methods
US9645800B2 (en) System and method for facilitating static analysis of software applications
WO2018161509A1 (en) Conditional compilation preprocessing method, terminal and storage medium
CN105389262A (en) Method and device for generating test suggestions in allusion to interface tests
CN115906086A (en) Method, system and storage medium for detecting webpage backdoor based on code attribute graph
KR101696694B1 (en) Method And Apparatus For Analysing Source Code Vulnerability By Using TraceBack
Piskachev et al. Secucheck: Engineering configurable taint analysis for software developers
CN114691197A (en) Code analysis method and device, electronic equipment and storage medium
CN113626823B (en) Method and device for detecting interaction threat among components based on reachability analysis
US20210318858A1 (en) Method, apparatus, and computer readable storage medium for monitoring a data chain
KR20150100586A (en) Appratus for detectiing similarity of software and method thereof
CN110321130A (en) The not reproducible compiling localization method of log is called based on system
CN113110947B (en) Program call chain generation method, system, electronic device and medium
Rodriguez Static File Path Analysis for Reliable Resource Locating
Landsberg et al. Should I Bother? Fast Patch Filtering for Statically-Configured Software Variants
CN118171250A (en) A code fingerprint tracing identification method, system, terminal and storage medium
CN119416214A (en) File detection method, device, equipment, medium and program product

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination