Source code repair method for malicious code detection
First Claim
1. A method, in a data processing system, for repairing infected source code prior to performing a code build, the infected source code including a first component and other components containing dependencies to the first component, the method comprising:
- detecting, by a processor, a virus pattern in the first component of the infected source code;
responsive to the detecting of the virus pattern, identifying the other components in the source code containing the dependencies to the first component;
only retracting the first component and the identified other components from a current code build;
replacing the first component and the identified other components with a prior version of the first component and prior versions of the identified other components from an archive of a previous code build; and
performing the current code build of the source code using the prior version of the first component and the prior versions of the identified other components, whereinthe identifying step is based on rules defined from relationships between the first component and the other components in the source code.
4 Assignments
0 Petitions
Accused Products
Abstract
A repair mechanism within a code management library system for repairing build code that is infected with malicious code. When a virus pattern is detected in a component of a source code, other components in the source code containing dependencies upon the first component are identified. This identification may be based on rules defined from relationships between the infected component and the other components in the source code. The component and the other components that are identified as having dependencies upon the infected component are retracted from the software product build. The infected component and the other identified components are then replaced with a previous archive of the code build. The software product build of the source code may then be performed.
113 Citations
17 Claims
-
1. A method, in a data processing system, for repairing infected source code prior to performing a code build, the infected source code including a first component and other components containing dependencies to the first component, the method comprising:
-
detecting, by a processor, a virus pattern in the first component of the infected source code; responsive to the detecting of the virus pattern, identifying the other components in the source code containing the dependencies to the first component; only retracting the first component and the identified other components from a current code build; replacing the first component and the identified other components with a prior version of the first component and prior versions of the identified other components from an archive of a previous code build; and performing the current code build of the source code using the prior version of the first component and the prior versions of the identified other components, wherein the identifying step is based on rules defined from relationships between the first component and the other components in the source code. - View Dependent Claims (2, 3, 4, 5, 6)
-
-
7. A data processing computer system for repairing infected source code prior to performing a code build, the infected source code including a first component and other components containing dependencies to the first component comprising:
-
code management library system including; a memory; a processor; a detection module for detecting a virus pattern in the first component of the source code; a identification module for identifying the other components in the source code containing the dependencies to the first component; a retraction module for only retracting the first component and the identified other components from a current code build; a replacement module for replacing the first component and the identified other components with a prior version of the first component and prior versions of the identified other components from an archive of a previous code build; and a build module for performing the current code build of the source code using the prior version of the first component and the prior versions of the identified other components, wherein the identification module includes rules defined from relationships between the first component and the other components in the source code. - View Dependent Claims (8, 9, 10, 11, 12)
-
-
13. A computer-readable tangible storage medium having stored thereon a computer program for repairing infected source code prior to performing a code build, the infected source code including a first component and other components containing dependencies to the first component, the computer program comprising a routine set of instructions for causing a data processing system to perform the steps of:
-
detecting a virus pattern in the first component of the infected source code; responsive to the detecting of the virus pattern, identifying the other components in the source code containing the dependencies to the first component; only retracting the first component and the identified other components from a current code build; replacing the first component and the identified other components with a prior version of the first component and prior versions of the identified other components from an archive of a previous code build; and performing the current code build of the source code using the prior version of the first component and the prior versions of the identified other components, wherein the identifying step is based on rules defined from relationships between the first component and the other components in the source code. - View Dependent Claims (14, 15, 16, 17)
-
Specification