×

Automatic Inference Of Whitelist-Based Validation As Part Of Static Analysis For Security

  • US 20120266247A1
  • Filed: 04/18/2011
  • Published: 10/18/2012
  • Est. Priority Date: 04/18/2011
  • Status: Active Grant
First Claim
Patent Images

1. A method, comprising:

  • performing taint analysis of a computer program and determining an original set of paths from sources to sinks, wherein each path corresponds to a vulnerability because taint flows from a source in the path to a sink in the path;

    determining for each variable whose type is a collection and is accessed in one of the paths in the original set of paths whether the variable points to a concrete value whose internal state is not tainted according to the taint analysis;

    for each of the variables whose type is a collection found not to be tainted according to the taint analysis, determining all points in the computer program where a membership check against the collection is performed; and

    for each of the points, determining corresponding paths and removing those paths from the original set of paths to create a reduced set of paths.

View all claims
  • 1 Assignment
Timeline View
Assignment View
    ×
    ×