Null Pointer Dereference Detection Based on Value Dependences Analysis

MA Sen; ZHAO Wen; XI Xiang-yu; WANG Dong-wei

doi:10.3969/j.issn.0372-2112.2015.04.004

您当前的位置：

首页 >

文章列表页 >

Null Pointer Dereference Detection Based on Value Dependences Analysis

更新时间：2025-07-16

- Null Pointer Dereference Detection Based on Value Dependences Analysis
- Acta Electronica Sinica Vol. 43, Issue 4, Pages: 647-651(2015)
- 作者机构：
  
  1. 北京大学信息科学技术学院,北京,100871
  2. 北京大学软件工程国家工程研究中心,北京,100871
  3. 北京大学信息科学技术学院软件研究所高可信软件技术教育部重点实验室,北京,100871
  4. 北京大学信息科学技术学院,北京,100871
  5. 北京大学软件工程国家工程研究中心,北京,100871
  6. 北京大学信息科学技术学院软件研究所高可信软件技术教育部重点实验室,北京,100871
- 作者简介：
- 基金信息：
- DOI：10.3969/j.issn.0372-2112.2015.04.004
  CLC： TP311
- Published：2015
- 稿件说明：
移动端阅览
MA Sen, ZHAO Wen, XI Xiang-yu, et al. Null Pointer Dereference Detection Based on Value Dependences Analysis[J]. Acta Electronica Sinica, 2015, 43(4): 647-651.
DOI：

MA Sen, ZHAO Wen, XI Xiang-yu, et al. Null Pointer Dereference Detection Based on Value Dependences Analysis[J]. Acta Electronica Sinica, 2015, 43(4): 647-651. DOI： 10.3969/j.issn.0372-2112.2015.04.004.

摘要

本文提出了一种基于程序值依赖分析的、路径敏感的空指针解引用检测方法.该方法通过结合数据流分析中的到达定值分析、区间分析及指向分析创建了值依赖分析图

该图刻画了可能产生空指针语句到其解引用语句的值依赖关系.该图中的边采用守卫标注

即描述了相邻点之间的到达条件.为了降低误报率

本文同时提出了一种需求驱动的必然别名算法.由本文所述方法实现的工具展示了良好的实验效果

在10个SPEC2000项目中发现了70余个空指针解引用缺陷

误报率仅为6%左右.

Abstract

This paper presents a context-sensitive and path-sensitive algorithm for detecting null pointer dereferences (NPD).Our algorithm tracks the flow of values from the points where a null pointer might be produced to dereference points via value dependence graph that captures def-use relations and combines interval analysis results.Edges in the graph are annotated with guards that describe branch conditions in the program.In the meantime

for reducing the false warnings we propose an innovative demand-driven must-alias algorithm using this graph.Our implemented tool detects more than 70 points which might produce null pointer dereferences in ten SPEC 2000 benchmarks while keeping the false positive rate around 6%

which is excellent experimental results.

关键词

Keywords

references

Views

下载量

CSCD

Alert me when the article has been cited

提交

Tools

Publicity Resources

Semantic Comparison Model for Binary Programs Based on Statistical Reasoning

Bayesian Program Analysis

Program Symbol Value Analysis Based on Dependent Condition Reconstruction

Related Author

WANG Pan

GUO Xi

WANG Guan-cheng

XIONG Ying-fei

ZHANG Yi-fan

LI Tian-chi

CHEN Yi-fan

WU Yi-qian

Related Institution

College of Informatics, Huazhong Agricultural University

Hubei Key Laboratory for High-Efficiency Utilization of Solar Energy and Operation Control of Energy Storage System, Hubei University of Technology

Key Laboratory of High Confidence Software Technologies （Peking University）， Ministry of Education

School of Computer Science， Peking University

⁰