作者:
Li, ZhilinMa, XutongHu, MengzeYan, Jun
State Key Lab. of Computer Science Ins. of Software CAS University of Chinese Academy of Sciences Beijing China
State Key Lab. of Computer Science Ins. of Software CAS Beijing China
State Key Lab. of Computer Science Ins. of Software CAS Tech. Center of Software Eng. Ins. of Software CAS University of Chinese Academy of Sciences Beijing China
Sequence Containers (SC) in the C++ Standard Template Library (STL), such as the vector, are widely used in large-scale projects for their maintainability and flexibility. However, accessing the elements in an SC is b...
详细信息
ISBN:
(数字)9798400712487
ISBN:
(纸本)9798400712487
Sequence Containers (SC) in the C++ Standard Template Library (STL), such as the vector, are widely used in large-scale projects for their maintainability and flexibility. However, accessing the elements in an SC is bug-prone, as such operations will not check their boundaries during compilation or execution, which can lead to memory errors, such as buffer overflow problems. And these bugs are difficult to detect with available static analyzers, since the size of SCs and the target of iterators cannot be precisely tracked without accurate analysis of the behavior of SCs and *** address this problem, we propose a combined model of SC sizes and iterator targets by tracking them simultaneously through a set of meta-operations extracted from corresponding method calls, and report improper operation usages according to three bug patterns. We implement the approach as a static analyzer, Scasa, on the top of the Clang Static Analyzer (CSA) framework, and evaluate its effectiveness and efficiency against CSA and other state-of-the-art static analyzers on a benchmark composed of 2,230 manually created code snippets and eight popular open-source C++ projects with a lot of SC usages. The experimental results reveal that Scasa effectively identifies nearly all inherent bugs within the manual code snippets and generates 125 reports for these projects (with a time loss of 5 - 85%) where 72 of them are marked as correct with a manual revision. And to further confirm these correct reports, we also select some important ones for developers. These results show that accessing elements of SCs is bug-prone, and cooperatively tracking SC sizes and iterator targets can accurately detect these bugs with acceptable overhead. Copyright held by the owner/author(s).
With the rapid development of the Internet, we have entered the era of information overload, and it becomes difficult to obtain the information of interest with the explosive growth of data. Fortunately, recommendatio...
详细信息
Unit testing is a crucial quality assurance activity within the computersoftware development process. The efficacy of unit testing significantly impacts the final quality of software products. However, given the rapi...
详细信息
The sorting system is the core of the tobacco logistics distribution center, the current distribution center cigarette sorting volume is large, and different order sorting orders have a greater impact on the total pro...
详细信息
GRC and IT-GRC are currently playing an essential role and receiving a lot of attention. GRC has a role to help companies ensure the attainment of business goals and prevent losses that can cause company losses. This ...
详细信息
It is pointed out that the healthcare industry faces big problems when it comes to keeping private patient data safe in software-defined networks (SDNs). Healthcare apps need to have strong security measures because o...
详细信息
A new parallel file system and multi-core processor-based dynamic multimedia encryption method is presented in this study. Multimedia encryption efficiency and security were the main goals, addressing massive data set...
详细信息
Creating accurate and insightful personas for automotive applications requires understanding the diverse driving styles that emerge from sensor data. This paper introduces initial results of our methodology for develo...
详细信息
Rock mass in nature often has joints, and many geotechnical projects need to be carried out in cracked rock masses. The presence of joints in rock mass has an significant consequence on the stability of geotechnical e...
详细信息
Speeding is an important risk factor for road traffic accidents, so the judgment of vehicle speed is particularly important in the scene investigation of traffic accidents. computer technology is used to simulate susp...
详细信息
暂无评论