C语言源代码静态检测工具及设计与实现毕业论文
C语言源代码静态检测工具设计与实现
学 院计算机学院专 业班 级学 号姓 名指导教师负责教师
沈阳航空2014年6月摘 要
关键词:C源代码;静态代码分析
Development of C language source code static analysis tool
Abstract
With the development of the information society, the problem of Internet insecurity is becoming more and more serious. Many of these problems are due to the flaw of the software itself and therefore cause huge economic losses.
On one hand, it is because of the programmer’s negligence on software producing, and on the other hand, it is also because the relative languages dose not provide a complete security mechanism. Among many languages, C language is believed as the most vulnerable one to be attacked. As a result, the code safety check seems very important. However, because the modern software engineering is becoming more and more complicated, the traditional check methods can not meet the requirement in accuracy and efficiency, so the static code analysis emerge as the times require.
This paper will first investigate the current situation and main trend of the static code analysis at home and abroad. And then put forward our ideas and design objectives. Discusses in detail about the system requirements analysis, preliminary design, detailed design and implementation, system testing and other related processes, integrating open source static detection tools Splint and Flawfinder through the use of the Python language, implement static security check code and generate analytic charts and other functions.
Keywords: Safety testing; C source code; static code analysis
目 录
1 绪论6
1.1 研究背景6
1.2 设计目标7
1.2.1 主要内容7
1.2.2 设计要求7
1.3 国内外现状7
1.3.1 模型检验8
1.3.2 携带源代码8
1.3.3 词法扫描8
1.3.4 简单语义分析8
1.4 软件代码风险介绍与原理9
1.4.1 内存访问错9
1.4.2 缓冲区溢出10
1.4.3 竞争条件11
1.4.4 随机数滥用12
1.4.5 异常处理12
1.4.6 空指针引用12
1.5 技术简介13
1.5.1 Python语言简介13
1.5.2 PyQt图形类库简介13
1.5.3 SQLite数据库简介13
2 需求分析15
2.1 用户需求15
2.2 系统需求15
2.2.1 实现代码静态安全分析需求15
2.2.2 代码检查工具基本控制需求15
2.2.3 待检测代码列表管理需求16
2.2.4 检测代码工具参数设置需求16
2.
扫一扫
576
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
