Custom API modeling for source code static analysis simulator

US 7,549,144 B2
Filed: 02/22/2005
Issued: 06/16/2009
Est. Priority Date: 02/22/2005
Status: Expired due to Fees

First Claim

Patent Images

1. A method for analyzing invocation of an external function for which function source code implementation is not available, comprising the steps of:

(a) identifying at least one potential error resulting from improper invocation of the external function by source code calling the external function;

(b) identifying at least one condition upon invocation of the external function that will result in the potential error;

(c) creating a model of the external function for which source code is not available to test for the at least one condition that results in the potential error;

(d) associating the model with a source code analyzer such that when the source code which calls the external function is analyzed by the source code analyzer, the model is applied to evaluate invocation of the external function;

(e) generating an error message upon finding the at least one condition upon invocation of the external function;

wherein the model is created using a plurality of primitives usable to test for the at least one condition that results in the potential error; and

wherein the source code analyzer includes a model repository configured to store the model created, such that the source code analyzer can access the model upon evaluating source code and identifying a reference to the external function.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

In processing an external function for which source code is not available, such as an application program interface (API), a model is used to evaluate whether the external function is properly invoked. An error potentially resulting from improper invocation of the external function and at least one condition that will result in the potential error are identified. The model is created to test for the condition that will result in the potential error. When the condition is found, generation of an error message is triggered. The model is associated with a source code analyzer such that when the source code is analyzed by the source code analyzer, the model is applied to evaluate invocation of the external function. The potential error and conditions that result in the error, such as input/output parameter errors and dependency errors, may be derived from documentation describing the operation of the external function or API.

Citations

9 Claims

1. A method for analyzing invocation of an external function for which function source code implementation is not available, comprising the steps of:
- (a) identifying at least one potential error resulting from improper invocation of the external function by source code calling the external function;
  
  (b) identifying at least one condition upon invocation of the external function that will result in the potential error;
  
  (c) creating a model of the external function for which source code is not available to test for the at least one condition that results in the potential error;
  
  (d) associating the model with a source code analyzer such that when the source code which calls the external function is analyzed by the source code analyzer, the model is applied to evaluate invocation of the external function;
  
  (e) generating an error message upon finding the at least one condition upon invocation of the external function;
  
  wherein the model is created using a plurality of primitives usable to test for the at least one condition that results in the potential error; and
  
  wherein the source code analyzer includes a model repository configured to store the model created, such that the source code analyzer can access the model upon evaluating source code and identifying a reference to the external function.
- View Dependent Claims (2, 3, 4, 5)
- - 2. The method of claim 1, wherein the external function includes an application program interface.
  - 3. The method of claim 1, further comprising the step of identifying the at least one condition that will result in the potential error based upon requirements for implementing the external function.
  - 4. The method of claim 1, wherein the at least one condition includes at least one of:
    - (a) an incorrect input type of an input parameter acceptable to the application program interface;
      
      (b) an incorrect input content range of the input parameter acceptable to the application program interface;
      
      (c) an incorrect output type for an output parameter generatable by the application program interface;
      
      (d) an incorrect output content range of the output parameter generatable by the application program interface;
      
      (e) a failure to invoke a prerequisite function that must be invoked prior to invocation of the external function; and
      
      (f) a failure to invoke a post-requisite function that must be invoked after the invocation of the external function.
  - 5. A memory medium having machine executable instructions stored for carrying out the steps of claim 1.

6. A system for analyzing invocation of an external function for which function source code implementation is not available, the system comprising:
- (a) at least one user input device;
  
  (b) a display;
  
  (c) a processor in communication with the input device and the display; and
  
  (d) a memory in communication with the processor, the memory storing data and machine instructions that cause the processor to carry out a plurality of functions, including;
  
  (i) deriving rules to evaluate the invocation and operation of any application programming interface (API) signatures;
  
  (ii) including the derived rules with source code which comprises at least one invocation of an external function for which function source code implementation is not available;
  
  (iii) identifying at least one potential error resulting from improper invocation of the external function by source code calling the external function;
  
  (iv) identifying at least one condition upon invocation of the external function that will result in the potential error;
  
  (v) creating a model of the external function to test for the at least one condition that results in the potential error;
  
  (vi) associating the model with a source code analyzer such that when the source code which calls the external function is analyzed by the source code analyzer, the model is applied to evaluate invocation of the external function; and
  
  (vii) generating an error message upon finding the at least one condition upon invocation of the external function;
  
  wherein the model is created using a plurality of primitives usable to test for the at least one condition that results in the potential error; and
  
  wherein the source code analyzer includes a model repository configured to store the model created, such that the source code analyzer can access the model upon evaluating source code and identifying a reference to the external function.
- View Dependent Claims (7, 8, 9)
- - 7. The system of claim 6, wherein the external function includes an application program interface.
  - 8. The system of claim 6, wherein the machine instructions further cause the processor to identify the at least one condition that will result in the potential error based upon requirements for implementing the external function.
  - 9. The system of claim 6, wherein the at least one condition includes at least one of:
    - (a) an incorrect input type of an input parameter acceptable to the application program interface;
      
      (b) an incorrect input content range of the input parameter acceptable to the application program interface;
      
      (c) an incorrect output type for an output parameter generatable by the application program interface;
      
      (d) an incorrect output content range of the output parameter generatable by the application program interface;
      
      (e) a failure to invoke a prerequisite function that must be invoked prior to invocation of the external function; and
      
      (f) a failure to invoke a post-requisite function that must be invoked after the invocation of the external function.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Microsoft Technology Licensing LLC (Microsoft Corporation)
Original Assignee
Microsoft Corporation
Inventors
Jubran, Marwan E.
Primary Examiner(s)
Zhen; Wei Y
Assistant Examiner(s)
Rampuria; Satish

Application Number

US11/063,303
Publication Number

US 20060190923A1
Time in Patent Office

1,575 Days
Field of Search

717139-161, 717/143, 717124-135
US Class Current

717/143
CPC Class Codes

G06F 8/20 Software design

G06F 9/44589 Program code verification, ...

Custom API modeling for source code static analysis simulator

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

Citations

9 Claims

Specification

Solutions

Use Cases

Quick Links

Custom API modeling for source code static analysis simulator

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

9 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links