Static defect detecting method and system thereof
暂无分享,去创建一个
The invention relates to static defect detecting method and system thereof. The method comprises the steps of S1, creating an abstract syntax tree and a control flow diagram of a program to be detected; S2, building a state machine instance of a defect mode according to the preset defect mode, and placing the state machine instance to a control flow inlet of the program to be detected; S3, traversing the control flow diagram according to the path, and calculating the block information of variable of each control flow joint during the traversing process; S4, updating the state of the state machine instance on real time according to the block value taking information of the variable of each control flow node until detecting the defect of the state machine instance or traversing the control flow nodes on all paths. The method is on the basis of symbolic block analyzing technology, and the infeasible path in the program can be comprehensively determined by the conflict variable value taking determining and conditional constraint verification method, so as to improve the defect detecting accuracy.