检索规则说明:AND代表“并且”;OR代表“或者”;NOT代表“不包含”;(注意必须大写,运算符两边需空一格)
检 索 范 例 :范例一: (K=图书馆学 OR K=情报学) AND A=范并思 范例二:J=计算机应用与软件 AND (U=C++ OR U=Basic) NOT M=Visual
名 称:
注 释:
出 处:《计算机科学》2014年第1期220-224,共5页Computer Science
基 金:国家自然科学基金项目(61170240;61070192);核高基重大专项(2012ZX01039-004)资助
摘 要:通过静态检测发现源程序中的潜在缺陷,可以帮助程序员在软件发布之前发现并修补程序缺陷,提高软件的安全性。提出一种通过静态分析CIL代码来检测C#程序代码缺陷的方法。采用改进的深度优先搜索算法遍历目标程序的控制流程图,结合历史状态缓存机制,能够大幅度提高检测效率;另外,为便于实施别名分析,还提出一种基于内存区域的变量表示方法。基于所述分析方法,开发了一个C#源代码缺陷静态检测系统,并对实际开源项目进行了检测。实验结果表明,本系统能够高效、准确地检测C#程序中常见类型的缺陷。Finding potential defects by statically detecting source code can help programmers find and fix the defects be- fore the software is released, and thus can improve the security of the software. This paper provided a CIL static analy- sis method to detect defects in C# programs. We adopted an improved depth-first search algorithm to traverse the con- trol flow graph of the target program,and combining with the strategy of caching history states, the performance of the detection can be greatly improved. In addition, to be convenient for alias analysis, we proposed a method based on Mem- ory Region to represent variables. Based on the analysis method described in this paper, we developed a system for de- tecting defects in C# programs. We applied the system on real C# projects,and the detecting result shows that it can detect common kinds of defects in C# programs efficiently and accurately.
分 类 号:TP311[自动化与计算机技术—计算机软件与理论]
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在链接到云南高校图书馆文献保障联盟下载...
云南高校图书馆联盟文献共享服务平台 版权所有©
您的IP:3.148.210.23