Method and system for detecting interprocedural vulnerability by analysis of source code
US7617489B2 · kind B2 · utility
Assignee
Inventors
Key dates
| Filing date | Sep 15, 2006 |
| Grant date | Nov 10, 2009 |
| Priority date | — |
| Expiry date | Sep 15, 2026 |
Classification
- Technology area (CPC G)Physics
- CPC primaryG06F21/577
- WIPO fieldComputer technology
- WIPO sectorElectrical engineering
Abstract
Methods and systems of detecting vulnerabilities in source code using inter-procedural analysis of source code. Vulnerabilities in a pre-existing source code listing are detected. The variables in the source code listing are modeled in the context of at least one of the inherent control flow and inherent data flow. The variable models are used to create models of arguments to routine calls in the source code listing. The source code listing is modeled with a call graph to represent routine call interactions expressed in the source code listing. The arguments to routine calls are modeled to account for inter-procedural effects and dependencies on the arguments as expressed in the source code listing.
Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.