Data processing: software development – installation – and managem – Software program development tool – Testing or debugging
Reexamination Certificate
2011-06-28
2011-06-28
Dam, Tuan Q (Department: 2192)
Data processing: software development, installation, and managem
Software program development tool
Testing or debugging
C717S129000
Reexamination Certificate
active
07971193
ABSTRACT:
A computer-implemented method for detecting program bugs in source code of a computer program that includes a plurality of source modules, each of the plurality of source modules including at least a set of subroutines, is provided. The method includes performing summary collection on subroutines of the plurality of source modules. Performing the summary collection includes collecting first data pertaining to at least untrusted data in each of the subroutines of the plurality of source modules. The method also includes storing the first data in a set of intermediate files. The method further includes performing interprocedural analysis on the set of intermediate files. The interprocedural analysis is configured to identify at least first untrusted data in a given subroutine of the subroutines of the plurality of source modules and to map a data flow tracking the first untrusted data across at least two of the plurality of source modules.
REFERENCES:
patent: 5671419 (1997-09-01), Carini et al.
patent: 6343376 (2002-01-01), Saxe et al.
patent: 6769114 (2004-07-01), Leung
patent: 7047394 (2006-05-01), Van Dyke et al.
patent: 7877737 (2011-01-01), Austin et al.
patent: 2007/0083933 (2007-04-01), Venkatapathy et al.
Vinod Ganapathy et. al.; Buffer Overrun Dectection using Linear Programming and Static Analysis; Oct. 27-31, 2003; ACM; pp. 345-354.
Gary McGraw, Static Analysis for Security, 2004, Published by the IEEE Computer Society, [online], retrieved on Feb. 4, 2011, pp. 32-35. Retrieved from the Internet <URL:http://www.cigital.com/papers/download/bsi5-static.pdf>.
Tzi-cker Chjueh and FU-Hau Hsu, RAD: A Compile-Time Solution to Buffer Overflow Attacks, 2001, Published by IEEE, [online], retrieved on Feb. 4, 2011, pp. 409-417. Retrieved from the Internet <URL:http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=918971>.
Jain Suneel
Li Xinliang David
Liu Shinming
Bui Hanh T
Dam Tuan Q
Hewlett--Packard Development Company, L.P.
LandOfFree
Methods for performining cross module context-sensitive... does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Methods for performining cross module context-sensitive..., we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Methods for performining cross module context-sensitive... will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-2743262