[go: up one dir, main page]

CN101916340A - A static detection method for untrusted variables in PHP language Web applications - Google Patents

A static detection method for untrusted variables in PHP language Web applications Download PDF

Info

Publication number
CN101916340A
CN101916340A CN2010102264608A CN201010226460A CN101916340A CN 101916340 A CN101916340 A CN 101916340A CN 2010102264608 A CN2010102264608 A CN 2010102264608A CN 201010226460 A CN201010226460 A CN 201010226460A CN 101916340 A CN101916340 A CN 101916340A
Authority
CN
China
Prior art keywords
variable
file
php
variables
web application
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN2010102264608A
Other languages
Chinese (zh)
Inventor
顾庆
彭树深
陈晓安
陈道蓄
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Nanjing University
Original Assignee
Nanjing University
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Nanjing University filed Critical Nanjing University
Priority to CN2010102264608A priority Critical patent/CN101916340A/en
Publication of CN101916340A publication Critical patent/CN101916340A/en
Pending legal-status Critical Current

Links

Images

Landscapes

  • Stored Programmes (AREA)

Abstract

The invention discloses a static detection method of incredible variables in a PHP (Professional Hypertext Preprocessor) language Web application, which comprises the following steps of: (1) recognizing all entry files of PHP Web application; (2) extracting PHP codes starting from the entry files, avoiding the interference of HTML codes, and integrating all related PHP files and codes by using an iterative method; (3) based on the unit of integrated functional modules, recognizing the incredible variables by using a static analysis method; and (4) summarizing the extraction results of all the modules, generating reports, and recording the PHP files and the specific position of each incredible variable. Compared with the prior art, the static detection method has simple realization, high recognition rate and good expandability; the problem that the incredible variables are difficult to be detected in the Web application programmed in weak type language and typeless language in the prior art.

Description

Static detection method of incredible variables during a kind of PHP language Web is used
Technical field
The present invention relates to cause in the Web application Static Detection of the incredible variables of safety problem, special in the PHP language that is widely used in the Web application programming, by the PHP code structure of extracting, adopt the method for static analysis to locate the incredible variables that may exist in the Web application fast, the problem that incredible variables was difficult to detect during the Web that type and typeless language are write a little less than effectively solving used.
Background technology
Now, the increasing social activities of people is used by Web and is finished, and as shopping, financing, office and instant messaging etc., this requires the Web application to have high reliability and security.Web uses reliability and the security that the input data that receive will directly have influence on system.Compare with the input data that derive from local data base and file, especially be difficult to control by the data that the user is input in the Web application system, cause safety issue and Web application and trouble easily by user interaction process.This class user input data is called insincere data, and can receive and carry the variable of insincere data, is exactly incredible variables.
The method that is used to detect incredible variables at present mainly comprises two big classes: based on the detection of dynamic (being called for short the HTTP method) of http protocol, and based on the Static Detection (being called for short the PF method) of parametric function PF (ParameterFunction).The HTTP method can load a module in Web uses, dynamically recording is sent to the variable<name of server end, value〉right.The realization that HTTP method and Web use is irrelevant; Its shortcoming is: this method can only limit to the variable that the tester has access to by detected variable, if some hiding incredible variables do not use in test process, will stay potential safety hazard to system; And hiding incredible variables can occur in casual design and programming process, also might be the back door that system reserves.
During Web uses, the PF function be used to obtain variable<name, value〉right.The PF method is searched the incredible variables that exists in the Web application by all PF functions of Static Detection.The PF method is not easy to omit the incredible variables of explicit definition, if the Web application programming is followed the mode that all variablees adopt explicit definition, the PF method is effective.Ubiquity some " skills " can continue the new variable of definition by the value of existing variable during but at present a large amount of Web used, and it is very common that the Web of PHP language compilation uses this situation; Processing can make program small and exquisite and powerful like this, but problem is so to handle new variables to equal to have walked around the PF function, thereby makes the PF method lose the detection effect.
Summary of the invention
Fundamental purpose of the present invention is at the easy incredible variables that causes safety problem in the Web application of PHP language compilation, a kind of modular structure by the PHP code of extracting is proposed, the method that adopts static program analysis to come incredible variables in the recognition function module, auxiliary Web application and development and maintainer's fast detecting security breaches, the relative existing techniques in realizing of this method is simple, discrimination is higher, and be with good expansibility, can effectively solve existing method is difficult to effectively detect incredible variables in the Web that weak type and typeless language are write uses problem.
For achieving the above object, the present invention adopts following step:
1) all inlet files of identification PHPWeb application;
2) set out by the inlet file, the PHP code of each functional module that the PHP Web that extracts uses is avoided the interference of HTML code simultaneously, integrates all relevant PHP file and codes by (include/require) statement employing comprising in code alternative manner;
3) functional module of using with each PHPWeb after integrating is a unit, adopts the method identification incredible variables wherein of static analysis;
4) gather the analysis result of all modules, the analysis result of each module all is the set of an incredible variables, get each union of sets collection when gathering and generate report, in the report each incredible variables is all write down PHP file under it and the particular location in the file.
Above-mentioned steps 1) inlet file identification process is: use master catalogue from Web, the All Files item constitutes set W under the traversal catalogue; At each file item among the W,, then travel through under this catalogue the All Files item and add among the set W if file item is catalogue (file); If file item is a file, and be the PHP file, judge then whether this document has the inlet file characteristic: if the inlet file then adds it in the inlet file set; Otherwise ignore this document.Traversal and identification All Files item are empty up to set W, obtain the inlet file set that Web uses at last.
Above-mentioned steps 2) functional module integration process is: at an inlet file f, the PHP code that at first obtains wherein constitutes code set C fInitialization files set I is used to write down the file that has comprised then; Next obtain code set C fIn all comprise statement and form S set; Comprise statement s at each bar in the S set, at first determine the file i that quotes among the statement s sIf the file i that quotes sDo not appear among the initialization files set I, perhaps comprising instruction is not once to comprise, and then reads in file i s, wherein the PHP code of extracting is in order to replace code set C fIn comprise the appearance position of statement s; Next with file i sBe recorded into set initialization files I, and add to the statement that comprises that may occur in its PHP code in the S set again; If statement s once comprises, and file i sIn initialization files set I, then statement s is left in the basket, code set C fMiddle correspondence position replaces with empty string; All processed and no longer include the new statement that comprises and add by this circulation all statements that comprise in S set; Code set C after obtaining after disposing integrating fRepresent a complete functional module.
The identifying of the incredible variables of above-mentioned steps 3 is: at first all variablees are classified as three types: class variable (class_var), defined variable (defined_var) and incredible variables (untrusted_var), based on the functional module of each the PHP Web application after integrating, code set C extracts at every turn then fIn three speech, according to the semanteme of speech identification determine incredible variables in this code set (functional module).The semanteme identification of speech is divided into 5 kinds of situations, to determine incredible variables, comprising:
The variable name that situation 1. " v " indicates, explanation is a variable;
Situation 2. " new " operational symbol, the speech of closelying follow thereafter is a class variable (class_var);
Situation 3. by " function name of (" symbology, explanation are function calls, then enter function body and obtain all variablees of overall importance;
The character string that situation 4. has been drawn together by quotation marks is then obtained all variablees of overall importance in character string;
Situation 5. " list " key word is considered as defined variable with all variablees that wherein occur;
Wherein: for situation 1,3 and 4, determine whether to the step of incredible variables to be: if this variable is to occur for the first time, and be the appearance of definition property, then variable is defined variable (defined_var), insert the defined variable set, and the scope of a variable of storage of variables; If usability occurs, then this variable is incredible variables (untrusted_var);
And whether for the first time decision variable step occurs and is: with this variable coupling defined variable set, if can mate and in action scope, then ignore this variable; If can not mate or outside action scope, then this variable is to occur for the first time.
The inventive method is used at the Web of the PHP language compilation of weak type, proposes from the inlet file identification, obtains the Web applied function module based on each inlet file; Be that unit adopts the method for static code analysis to resolve incredible variables then with the module.The inventive method is compared with existing method, has to realize simply, and superior performance does not disturb Web to use advantages such as actual operation performance.The experimental result comparison of using based on large-scale PHP Web shows, the incredible variables during the inventive method can efficient detection Web be used.This method can also be extended to other weak type easily or not have type Web application programming language, is with good expansibility.
Description of drawings
Fig. 1 is the overall framework that Web uses static detection method of incredible variables,
Fig. 2 is the corresponding relation figure of user's HTTP request with inlet file (webpage),
Fig. 3 is the processing flow chart of inlet file identification,
Fig. 4 is the organization chart of functional module during PHPWeb uses,
Fig. 5 is a processing flow chart of integrating the Web applied function module,
Fig. 6 is the processing flow chart that detects incredible variables in the individual module.
Embodiment
Figure 1 shows that the technological frame of static detection method of incredible variables in the application of PHP language Web.The input of framework is a PHP Web Application Server end file; Output is the incredible variables summary report.Technological frame is divided into four main modular: the inlet file that identification PHP Web uses; Integrate the functional module that PHP Web uses; The incredible variables of analytical capabilities module; Gather the incredible variables testing result.
At first discern all inlet files that PHP Web uses.Consider the PHP Web application file of server end, a Web uses a group of file set, the i.e. W={f that can be considered under the master catalogue (file) 1, f 2..., f n.Wherein a part of PHP file is the inlet file that Web uses, as " index.php " file commonly used.The inlet file is directly corresponding with user's HTTP request usually, is the inlet that calls one group/class Web application function.Figure 2 shows that the corresponding relation figure of user's HTTP request with the inlet file.The corresponding same inlet file of a plurality of HTTP request possibilities calls different Web application functions by different parameter settings.
The feature of inlet file is relevant with concrete Web application programming, generally can first cited system common file, promptly comprise the PHP file of general utility functions or (as configuration) of overall importance variable; But not the inlet file generally has the disable access sign.Figure 3 shows that the processing flow chart of identification inlet file.The inlet file must be the PHP file; And the file that Web uses is under the different catalogues usually, needs all sub-directories under the visit master catalogue of recurrence, and is all accessed up to All Files.
The identifying of inlet file was during Web used: use master catalogue from Web, the All Files item constitutes set W under the traversal catalogue; At each file item among the W,, then travel through under this catalogue the All Files item and add among the set W if file item is catalogue (file); If file item is a file, and be the PHP file, judge then whether this document has the inlet file characteristic: if the inlet file then adds it in the inlet file set; Otherwise ignore this document.Traversal and identification All Files item are empty up to set W, obtain the inlet file set that Web uses at last.
Next integrates the functional module that PHP Web uses.Consider that from the functions of use angle PHP Web uses the set that can be considered one group of functional module, i.e. W={m 1, m 2..., m t.The present invention defines a functional module and is set out by an inlet file, is the closure collection of all PHP files of related layer by layer (quoting), and the PHP code of extracting in the integration process is avoided the interference of HTML code.Integrate all relevant PHP file and codes by (include/require) statement employing comprising in code alternative manner; Need distinguish when processing comprises statement and disposablely comprise and repeatedly comprise.Figure 4 shows that the organization chart of functional module in the PHP Web application.As shown in the figure, a functional module is set out by an inlet file, comprises and quotes layer by layer and one group of related PHP file.A public or shared PHP file may belong to a plurality of functional modules simultaneously.
Figure 5 shows that the processing flow chart of integrating the Web applied function module.Only consider the PHP code in the integration process, avoid the interference of HTML code.Integrate all relevant PHP file and codes by (include/require) statement employing comprising in code alternative manner.Wherein need to distinguish and once comprise instruction (include_once ()/require_once ()) and repeatedly comprise instruction (include ()/require ()).
Press Fig. 5, at an inlet file f, the PHP code that at first obtains wherein constitutes c fInitialization files set I is used to write down the file that has comprised then; Next obtain C fIn all comprise statement and form set (formation) S.Comprise statement s at each bar in the S set, at first determine the file i that quotes among the statement s sIf i sDo not appear among the set I, perhaps comprising instruction is not once to comprise, and then reads in file i s, wherein the PHP code of extracting is in order to replace C fIn comprise the appearance position of statement s; Next with i sBe recorded into set I, and the statement that comprises that may occur in its PHP code is added in the S set again.If s once comprises, and i sIn set I, then statement s is left in the basket, C fMiddle correspondence position replaces with empty string.All processed and no longer include the new statement that comprises and add by this circulation all statements that comprise in S set.The integration code C that obtains after disposing fRepresent a complete functional module.
Resolve the incredible variables in each functional module once more.The definition of variable and initialization are generally carried out simultaneously in the PHP code, and the initialization of variable can be thought the definition appearance of variable.If when a variable occurs, directly being to use property appearance, system can determine this type of variables dynamically, and composes and give a corresponding initial value.It is exactly that usability occurs that a variable with overall effect occurs first, can think that so this variable is an incredible variables.Could be definite fully after the scope whether variable has overall effect and effect thereof need be integrated code.Incredible variables just directly is not used before having initialization, and its initial value is uncertain; Exist under the situation of attacking, can bring security threat for Web uses.
Resolve incredible variables with each PHP functional module after integrating (the one group/class function that corresponding Web uses) C fBe unit, adopt the method for static analysis to discern the incredible variables that wherein may exist.Figure 6 shows that the processing flow chart that detects incredible variables in the individual module, input is the integration code C of individual module f, output is to resolve incredible variables set U in the module that obtains.The present invention is classified as three types with the PHP variable: class variable (class_var), defined variable (defined_var) and incredible variables (untrusted_var).Read three speech (word) in the code during analysis, the semanteme of identification speech divides following 5 kinds of situations at every turn:
The variable name that situation 1. " $ " indicates, explanation is a variable.Need judge whether it is to occur for the first time, and be that definition property occurs or usability occurs.Under the situation that occurs for the first time, if the appearance of definition property, then variable is defined variable (defined_var), is added into the defined variable set, and the effective range of storage of variables (being action scope) information.If usability occurs, then this variable is incredible variables (untrusted_var).
Judge whether to be needing to occur the set of coupling defined variable for the first time, if can mate and in action scope, then ignore this variable; If can not mate or outside action scope, then this variable is to occur for the first time.
Situation 2. " new " operational symbol, the speech of closelying follow thereafter is a class variable (class_var);
Situation 3. is by " function name of (" symbology, explanation are function calls.Function or generic function, or the member function of class variable.Need enter function body and check incredible variables this moment;
The character string that situation 4. has been drawn together by quotation marks, need check incredible variables this moment in character string;
For situation 3 and situation 4, only need identification variable of overall importance wherein, and determine incredible variables or defined variable.
Situation 5. " list " key word is considered as defined variable with all variablees that wherein occur, and is added into defined variable set and memory action domain information.
The analysis result that gathers all modules at last generates Web and uses the incredible variables examining report.The analysis result of each functional module all is the set of an incredible variables, simply gets each union of sets collection when gathering.Even wherein note having incredible variables of the same name, they still represent different variablees.Each incredible variables is write down PHP file under it and the particular location in the file.
6.0.0 as experimental subjects. System is invalid substantially.Compare with the inventive method and dynamic HTTP method in the experiment. The comparison data of 10 the most frequently used functional modules (inlet file) testing result in the system, wherein the HTTP method is the detection data that operation continuously obtained in 12 days.
Functional module The inventive method The HTTP method Improve ratio
register.php 91 86 5(6%)
post.php 159 109 50(46%)
logging.php 55 60 -5(-8%)
viewthread.php 79 65 14(22%)
forumdisplay.php 61 68 -7(-10%)
redirect.php 82 36 46(128%)
index.php 54 37 17(46%)
tag.php 44 44 0(0%)
space.php 53 32 21(66%)
attachment.php 45 13 32(246%)
Can find that by data in the table in most of the cases the testing result of the inventive method is better than the HTTP method. System has 36 functional modules, and HTTP method operation was continuously only found the wherein incredible variables of 29 modules in 12 days, and wherein 26 module the inventive method testing results are more excellent; The inventive method also detects the incredible variables of 7 modules of residue in addition.The HTTP method need load detection module in Web uses, therefore can produce certain influence to the Web application performance; The HTTP method needs longer a period of time of continuous service can find abundant incredible variables in addition.There are not these problems in the inventive method.In addition, the inventive method also can be extended to other weak type easily or not have type Web application programming language, is with good expansibility.

Claims (6)

1.一种PHP语言Web应用中不可信变量的静态检测方法,其特征在于包括以下步骤:1. a static detection method of untrustworthy variable in PHP language Web application, it is characterized in that comprising the following steps: 1)识别PHP Web应用的所有入口文件;1) Identify all entry files of PHP Web applications; 2)由入口文件出发,析取PHP Web应用的每个功能模块的PHP代码,同时避开HTML代码的干扰,通过代码中的包含(include/require)语句采用迭代方法整合所有相关的PHP文件和代码;2) Starting from the entry file, extract the PHP code of each functional module of the PHP Web application, while avoiding the interference of the HTML code, and use an iterative method to integrate all related PHP files and code; 3)以整合后的每一个PHP Web应用的功能模块为单位,采用静态分析的方法识别其中的不可信变量;3) Taking the functional module of each PHP Web application after integration as a unit, adopt the method of static analysis to identify the untrustworthy variables; 4)汇总所有模块的解析结果,每个模块的解析结果都是一个不可信变量的集合,汇总时取各集合的并集并生成报告,报告中对每一个不可信变量都记录其所属的PHP文件和文件中的具体位置。4) Summarize the analysis results of all modules. The analysis results of each module are a set of untrusted variables. When summarizing, take the union of each set and generate a report. In the report, record the PHP to which each untrusted variable belongs. Files and specific locations within files. 2.根据权利要求1所述的PHP语言Web应用中不可信变量的静态检测方法,其特征在于步骤1)的入口文件识别过程为:从Web应用主目录开始,遍历目录下所有文件项构成集合W;针对W中的每一个文件项,如果文件项是目录,则遍历该目录下所有文件项并添加到集合W中;如果文件项是一个文件,且是PHP文件,则判定该文件是否具有入口文件特征:如果是入口文件则将其添加到入口文件集合中;否则忽略该文件。遍历和识别所有文件项直到集合W为空,最后得到Web应用的入口文件集合。2. the static detection method of untrustworthy variable in the PHP language Web application according to claim 1, it is characterized in that the entry file recognition process of step 1) is: start from the Web application main directory, traverse all file items under the directory to form a set W; for each file item in W, if the file item is a directory, traverse all file items in the directory and add to the collection W; if the file item is a file and is a PHP file, then determine whether the file has Entry file characteristics: If it is an entry file, it is added to the entry file collection; otherwise, the file is ignored. Traverse and identify all file items until the set W is empty, and finally get the entry file set of the Web application. 3.根据权利要求1或2所述的PHP语言Web应用中不可信变量的静态检测方法,其特征在于步骤2)的功能模块整合过程为:针对一个入口文件f,首先获取其中的PHP代码构成代码集Cf;然后初始化文件集合I,用于记录已包含的文件;接下来获取代码集Cf中的所有包含语句并组成集合S;针对集合S中的每一条包含语句s,首先确定语句s中引用的文件is;如果引用的文件is没有出现在初始化文件集合I中,或者包含指令不是一次包含,则读入文件is,析取其中的PHP代码,用以替换代码集Cf中包含语句s的出现位置;接下来将文件is记录入集合初始化文件I,并将其PHP代码中可能出现的包含语句再添加到集合S中;如果语句s是一次包含,且文件is已在初始化文件集合I中,则语句s被忽略,代码集Cf中对应位置替换为空串;按此循环直到集合S中所有的包含语句都被处理且不再有新的包含语句加入;处理完毕后得到整合后的代码集Cf代表一个完整的功能模块。3. according to the static detection method of untrustworthy variable in the PHP language Web application described in claim 1 or 2, it is characterized in that the function module integration process of step 2) is: for an entry file f, at first obtain wherein the PHP code constitutes Code set C f ; then initialize the file set I to record the included files; then obtain all the include statements in the code set C f and form a set S; for each include statement s in the set S, first determine the statement The file i s referenced in s; if the referenced file i s does not appear in the initialization file set I, or the include instruction is not included at one time, read the file i s , extract the PHP code in it, and use it to replace the code set C f includes the occurrence position of the statement s; next, record the file i s into the set initialization file I, and add the include statement that may appear in the PHP code to the set S; if the statement s is included once, and the file i s is already in the initialization file set I, then the statement s is ignored, and the corresponding position in the code set C f is replaced with an empty string; press this cycle until all the include statements in the set S are processed and no new include statements are added ; After processing, the integrated code set C f represents a complete functional module. 4.根据权利要求3所述的PHP语言Web应用中不可信变量的静态检测方法,其特征在于步骤3)的不可信变量的识别过程为:首先将所有变量归为三种类型:类变量(class_var)、已定义变量(defined_var)、以及不可信变量(untrusted_var),然后基于整合后的每一个PHP Web应用的功能模块,每次析取代码集Cf中的三个词,根据对词的语义识别确定该代码集(功能模块)中的不可信变量。4. the static detection method of untrustworthy variable in PHP language Web application according to claim 3, it is characterized in that the recognition process of the untrustworthy variable of step 3) is: at first all variables are classified into three types: class variable ( class_var), defined variables (defined_var), and untrusted variables (untrusted_var), and then based on the integrated functional modules of each PHP Web application, each time extract three words in the code set C f , according to the words Semantic recognition determines untrusted variables in this code set (functional module). 5.根据权利要求4所述的PHP语言Web应用中不可信变量的静态检测方法,其特征在于词的语义识别及不可信变量的确定分成5种情况,包括:5. the static detection method of untrustworthy variable in the PHP language Web application according to claim 4, it is characterized in that the semantic recognition of word and the determination of untrustworthy variable are divided into 5 kinds of situations, comprise: 情况1.“$”标示的变量名,说明是一个变量;Case 1. The variable name marked with "$" indicates that it is a variable; 情况2.“new”运算符,紧跟其后的词是一个类变量(class_var);Case 2. The "new" operator, followed by a word that is a class variable (class_var); 情况3.由“(”符号标示的函数名,说明是一个函数调用,则进入函数体获取所有全局性变量;Case 3. The function name marked by the "(" sign indicates that it is a function call, then enter the function body to obtain all global variables; 情况4.由引号括起的字符串,则在字符串中获取所有全局性变量;Case 4. If the string is enclosed in quotation marks, all global variables are obtained in the string; 情况5.“list”关键字,将其中出现的所有变量视为已定义变量;Case 5. "list" keyword, all variables appearing in it are regarded as defined variables; 其中,对于情况1、3和4,确定是否为不可信变量的步骤是:如果该变量是第一次出现,且为定义性出现,则变量是已定义变量(defined_var),置入已定义变量集合,并存储变量的变量作用域;如果第一次出现是使用性出现,则该变量是不可信变量(untrusted_var)。Among them, for cases 1, 3 and 4, the steps to determine whether it is an untrusted variable are: if the variable appears for the first time and is defined, then the variable is a defined variable (defined_var), and the defined variable is placed collection, and stores the variable scope of the variable; if the first occurrence is a usage occurrence, the variable is an untrusted variable (untrusted_var). 6.根据权利要求5的PHP语言Web应用中不可信变量的静态检测方法,其特征在于判定变量是否第一次出现步骤是:将该变量匹配已定义变量集合,如果能够匹配且在作用域内,则忽略该变量;如果不能匹配或已在作用域之外,则该变量是第一次出现。6. according to the static detection method of the untrustworthy variable in the PHP language Web application of claim 5, it is characterized in that the step of judging whether the variable appears for the first time is: match the variable with the defined variable set, if it can be matched and in the scope, The variable is ignored; if it cannot be matched or is already out of scope, it is the first occurrence of the variable.
CN2010102264608A 2010-07-14 2010-07-14 A static detection method for untrusted variables in PHP language Web applications Pending CN101916340A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN2010102264608A CN101916340A (en) 2010-07-14 2010-07-14 A static detection method for untrusted variables in PHP language Web applications

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN2010102264608A CN101916340A (en) 2010-07-14 2010-07-14 A static detection method for untrusted variables in PHP language Web applications

Publications (1)

Publication Number Publication Date
CN101916340A true CN101916340A (en) 2010-12-15

Family

ID=43323850

Family Applications (1)

Application Number Title Priority Date Filing Date
CN2010102264608A Pending CN101916340A (en) 2010-07-14 2010-07-14 A static detection method for untrusted variables in PHP language Web applications

Country Status (1)

Country Link
CN (1) CN101916340A (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104899016A (en) * 2014-03-07 2015-09-09 腾讯科技(深圳)有限公司 Call stack relationship obtaining method and call stack relationship obtaining device

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20040181677A1 (en) * 2003-03-14 2004-09-16 Daewoo Educational Foundation Method for detecting malicious scripts using static analysis
WO2006081459A2 (en) * 2005-01-25 2006-08-03 Whitehat Security, Inc. System for detecting vulnerabilities in web applications using client-side application interfaces
CN101661543A (en) * 2008-08-28 2010-03-03 西门子(中国)有限公司 Method and device for detecting security flaws of software source codes

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20040181677A1 (en) * 2003-03-14 2004-09-16 Daewoo Educational Foundation Method for detecting malicious scripts using static analysis
WO2006081459A2 (en) * 2005-01-25 2006-08-03 Whitehat Security, Inc. System for detecting vulnerabilities in web applications using client-side application interfaces
CN101661543A (en) * 2008-08-28 2010-03-03 西门子(中国)有限公司 Method and device for detecting security flaws of software source codes

Non-Patent Citations (2)

* Cited by examiner, † Cited by third party
Title
《E-Business and Information System Security》 20090524 Peng Shushen等 Static Detection of Un-Trusted Variables in PHP Web Applications , *
《计算机应用》 20041031 王洪 PHP网站建设的安全性研究 第24卷, 第10期 2 *

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104899016A (en) * 2014-03-07 2015-09-09 腾讯科技(深圳)有限公司 Call stack relationship obtaining method and call stack relationship obtaining device
CN104899016B (en) * 2014-03-07 2018-10-09 腾讯科技(深圳)有限公司 Allocating stack Relation acquisition method and device

Similar Documents

Publication Publication Date Title
CN104966031B (en) The recognition methods of non-authority associated privacy data in Android application program
CN102831345B (en) Injection point extracting method in SQL (Structured Query Language) injection vulnerability detection
CN101593200B (en) Method for classifying Chinese webpages based on keyword frequency analysis
WO2021017735A1 (en) Smart contract formal verification method, electronic apparatus and storage medium
CN109753800A (en) Android malicious application detection method and system integrating frequent itemsets and random forest algorithm
CN109582861A (en) A kind of data-privacy information detecting system
JP5558997B2 (en) Method, information processing system, and computer program for mutual search and alert (mutual search and alert between structured and unstructured data sources)
CN107169351A (en) With reference to the Android unknown malware detection methods of dynamic behaviour feature
CN106572117A (en) Method and apparatus for detecting WebShell file
US11263062B2 (en) API mashup exploration and recommendation
CN104063450A (en) Hot spot information analyzing method and equipment
US20070239653A1 (en) User interface morph based on permissions
CN107341399A (en) Assess the method and device of code file security
CN107786537A (en) A kind of lonely page implantation attack detection method based on internet intersection search
CN101895517B (en) Method and device for extracting script semantics
CN106934705A (en) A kind of special ticket doubtful point taxpayer's monitoring method of value-added tax based on SVMs
Becce et al. Extracting widget descriptions from guis
CN105653949A (en) Malicious program detection method and device
CN107368500A (en) Data pick-up method and system
US20170068819A1 (en) Systems and methods for sql type evaluation to detect evaluation flaws
CN111552792A (en) Information query method and device, electronic equipment and storage medium
Wang et al. TMF-Net: Multimodal smart contract vulnerability detection based on multiscale transformer fusion
Tang et al. Identifying personal data processing for code review
CN110851346B (en) Query statement boundary problem detection method, device, equipment and storage medium
US10025936B2 (en) Systems and methods for SQL value evaluation to detect evaluation flaws

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
C02 Deemed withdrawal of patent application after publication (patent law 2001)
WD01 Invention patent application deemed withdrawn after publication

Application publication date: 20101215