System and method for facilitating static analysis of software applications
US9645800B2 · kind B2 · utility
Assignee
Inventor
Key dates
| Filing date | Dec 19, 2014 |
| Grant date | May 9, 2017 |
| Priority date | — |
| Expiry date | Dec 19, 2034 |
Classification
- Technology area (CPC G)Physics
- CPC primaryG06F2221/033
- WIPO fieldComputer technology
- WIPO sectorElectrical engineering
Abstract
In system for enabling static vulnerability analysis of a software/web application that includes an indirectly modeled language portion and a directly modeled language portion, an indirectly modeled language information extractor select nodes of certain types from a syntax tree corresponding to the indirectly modeled language source code. Generally, the types of nodes that are selected are relevant to taint propagation. For one or more of the selected nodes, one or more statements corresponding to one or more of a type of the node, an input to the node, and an object associated with the node are generated. A static analyzer configured for a directly modeled language may perform vulnerability analysis of the software/web application using the generated statements.
Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.