基于圈復(fù)雜度的階段動(dòng)態(tài)符號(hào)執(zhí)行
2020年信息技術(shù)與網(wǎng)絡(luò)安全第4期
畢雪潔1,於家偉1,李世明1,2
(1.哈爾濱師范大學(xué) 計(jì)算機(jī)科學(xué)與信息工程學(xué)院,黑龍江 哈爾濱 150025; 2.上海市信息安全綜合管理技術(shù)研究重點(diǎn)實(shí)驗(yàn)室,上海 200240)
摘要: 為了緩解動(dòng)態(tài)符號(hào)執(zhí)行不可避免的路徑爆炸等問(wèn)題,提出了基于圈復(fù)雜度的階段動(dòng)態(tài)符號(hào)執(zhí)行CCSDSEM優(yōu)化算法。該算法通過(guò)計(jì)算約束判定條件為真的數(shù)量來(lái)衡量代碼的圈復(fù)雜度,然后依據(jù)圈復(fù)雜度的閾值進(jìn)行分階段動(dòng)態(tài)符號(hào)執(zhí)行,使動(dòng)態(tài)符號(hào)執(zhí)行梯度進(jìn)行,緩解路徑選擇指數(shù)爆炸,合理縮放符號(hào)執(zhí)行。最后在KLEE中實(shí)現(xiàn)CCSDSEM框架,并對(duì)測(cè)試程序做了檢測(cè)。CCSDSEM將符號(hào)執(zhí)行的運(yùn)行時(shí)間顯著縮短,提升了生成測(cè)試用例的數(shù)量。
中圖分類號(hào):TP393.08
文獻(xiàn)標(biāo)識(shí)碼:A
DOI: 10.19358/j.issn.2096-5133.2020.04.005
引用格式:畢雪潔,於家偉,李世明.基于圈復(fù)雜度的階段動(dòng)態(tài)符號(hào)執(zhí)行[J].信息技術(shù)與網(wǎng)絡(luò)安全,2020,39(4):24-29.
文獻(xiàn)標(biāo)識(shí)碼:A
DOI: 10.19358/j.issn.2096-5133.2020.04.005
引用格式:畢雪潔,於家偉,李世明.基于圈復(fù)雜度的階段動(dòng)態(tài)符號(hào)執(zhí)行[J].信息技術(shù)與網(wǎng)絡(luò)安全,2020,39(4):24-29.
Stage dynamic symbol execution based on cyclomatic complexity
Bi Xuejie1,Yu Jiawei1,Li Shiming1,2
(1.College of Computer Science and Information Engineering,Harbin Normal University,Harbin 150025,China; 2.Shanghai Key Laboratory of Integrated Administration Technologies for Information Security,Shanghai 200240,China)
Abstract: In order to alleviate problems such as the path explosion of dynamic symbol execution contraction,this paper proposes an optimization algorithm for stage dynamic symbol execution based on cyclomatic complexity(CCSDSEM).The algorithm realizes the cyclomatic complexity of the code by calculating the constraints to determine the exact number,and then executes the dynamic symbol execution in stages according to the threshold of cycle complexity,makes the dynamic symbol execution gradient,replaces the path selection index explosion,and scales the symbol execution reasonably.The above optimization framework was implemented in KLEE,and the test program was tested.CCSDSEM significantly changes the runtime of symbolic execution,increasing the number of test cases generated.
Key words : cyclomatic complexity;concolic execution;scaling symbolic execution;software testing
0 引言
路徑爆炸問(wèn)題降低了軟件測(cè)試的效率和質(zhì)量,也給軟件埋下隱患。如何緩解路徑爆炸問(wèn)題成為軟件安全測(cè)試中的一個(gè)研究熱點(diǎn),符號(hào)執(zhí)行成為緩解該問(wèn)題嚴(yán)重程度的重要技術(shù)之一。其主要算法思想為利用符號(hào)變量來(lái)取代測(cè)試過(guò)程的真實(shí)用例,從而在執(zhí)行過(guò)程中獲取對(duì)應(yīng)的執(zhí)行路徑,成為生成高覆蓋測(cè)試用例和在復(fù)雜軟件應(yīng)用程序中查找深度錯(cuò)誤的有效技術(shù)之一;因該技術(shù)能夠處理復(fù)雜結(jié)構(gòu)程序,開發(fā)人員也經(jīng)常用之于程序自動(dòng)測(cè)試、程序缺陷檢測(cè)、測(cè)試用例生成等。
本文詳細(xì)內(nèi)容請(qǐng)下載:http://www.viuna.cn/resource/share/2000003201
作者信息:
畢雪潔1,於家偉1,李世明1,2
(1.哈爾濱師范大學(xué) 計(jì)算機(jī)科學(xué)與信息工程學(xué)院,黑龍江 哈爾濱 150025;2.上海市信息安全綜合管理技術(shù)研究重點(diǎn)實(shí)驗(yàn)室,上海 200240)
此內(nèi)容為AET網(wǎng)站原創(chuàng),未經(jīng)授權(quán)禁止轉(zhuǎn)載。