计算机工程与应用2012,Vol.48Issue(33):1-4,33,5.DOI:10.3778/j.issn.1002-8331.1207-0463
基于最弱前置条件的静态分析误报消除技术
Weakest precondition based false alarms reducing for static analysis
摘要
Abstract
In view of suffering the problem of high false alarms rate, a false alarm reducing method based on weakest precondition propagation for static analysis is proposed. According to different software security property, the weakest precondition at the beginning of the procedure can be obtained from the target state in a demand-driven way. False alarms will be reduced by determining the satisfiability of the precondition formulae. The approach is instantiated to reduce false alarms for static detection of array bounds violation and null pointer dereference. The experiments show that the technique is successful and suitable for reducing false alarms for static analysis.关键词
静态分析/误报消除/最弱前置条件/数组访问越界/空指针解引用Key words
static analysis/ reduce false alarms/ weakest precondition/ array bounds violation/ null pointer dereference分类
信息技术与安全科学引用本文复制引用
陈杰..基于最弱前置条件的静态分析误报消除技术[J].计算机工程与应用,2012,48(33):1-4,33,5.基金项目
国家自然科学基金(No.61120106006,No.91118007). (No.61120106006,No.91118007)
