Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Integer overflow fault detection method based on metamorphic relation

A technology of integer overflow and metamorphic relationship, which is applied in the field of software testing, can solve the problems of difficult execution results of test cases, limit the application field of dynamic testing, etc., and achieve the effect of low false positive rate, low false positive rate and accurate detection

Active Publication Date: 2015-04-29
PLA UNIV OF SCI & TECH
View PDF2 Cites 6 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

However, there are difficulties in how to design effective test cases and how to judge whether the test case execution results are correct
These two problems greatly limit the application field of dynamic testing in integer overflow fault detection

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Integer overflow fault detection method based on metamorphic relation
  • Integer overflow fault detection method based on metamorphic relation
  • Integer overflow fault detection method based on metamorphic relation

Examples

Experimental program
Comparison scheme
Effect test

Embodiment approach

[0037] A kind of integer overflow fault detection method based on metamorphosis relation of the present invention, comprises the following steps:

[0038] The first step is to conduct a static test on the source code of the program under test, and identify the integers that may cause integer overflow as integer overflow checkpoints. Static detection is performed on the source code of the program under test by using the existing static testing tool in the prior art, and the source code statement of the program source code referring to an integer that may cause integer overflow in the source code of the program under test is marked as an integer overflow checkpoint. . For the detection and calibration of statements that refer to integers in the source code of the program under test, the existing static test method is used to detect whether there are statements that may cause integer overflow in the source code of the program under test using existing static test tools , and ide...

Embodiment

[0066] Such as figure 1 As shown, the flow chart of the integer overflow fault detection method based on metamorphosis test is given. In order to describe the implementation process of the present invention in detail and clearly, this example takes a section of code in the program OpenSSH3.3 as an example as the program under test for related description. The program under test is a free and open-source implementation of the SSH protocol, which can be used to remotely control or transfer files between computers. If an integer overflow fault occurs in the program under test, it is very likely to lead to unsafe access. Dynamically detects whether it will fail on integer overflow.

[0067] The source code segment of the program under test in this example is as follows:

[0068]

[0069] Next, the method of the present invention will be described step by step for the detection of whether the integer in the above-mentioned source code segment of the program under test will ov...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses an integer overflow fault detection method based on a metamorphic relation. The integer overflow fault detection method includes employing a static testing tool to perform static testing in a program to be detected, initially determining an integer variable might occurring of integer overflow and marking the integer variable as an integer overflow detection point; according to a 'definition-application' model containing an integer definition statement list and an integer application statement list, determining an integer identifier, referenced by the integer definition statement and integer application statement, of the integer overflow detection point as an overflow integer, and if the overflow integer contains integer dangerous application statement of an integer dangerous application statement list, the overflow integer is marked as a dangerous integer; finally, before the statement of the dangerous integer referenced by the source code of the program detected is executed, adopting the metamorphic relation method to detect whether or not the integer overflow fault occurs to the dangerous integer. The integer overflow fault is detected accurately and efficiently.

Description

technical field [0001] The invention relates to integer overflow fault detection in software, in particular to an integer overflow fault detection method based on metamorphic relations, which belongs to the field of software testing. Background technique [0002] Integer overflow faults are considered to be an important factor affecting the security of software systems. In order to detect the occurrence of such a failure, there are generally two methods. The first is static testing, also known as static review, through which some static review tools are used to review program source code or binary code according to set rules. The biggest advantage of this method is that it can be implemented automatically, avoiding manual participation, and improving the feasibility of the method. But its biggest disadvantage is the high rate of false alarms, that is, it will generate a large number of false failures. Because the defects or failures obtained through the static review tool...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Applications(China)
IPC IPC(8): G06F11/36
Inventor 惠战伟黄松李辉任正平胡斌余沛毅
Owner PLA UNIV OF SCI & TECH
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products