| The software security checking tool discussed in this paper is capable of checking security holes of C/C++and Java programs, which is composed of a front end and a back end. It uses independent front ends and a shared back end for C/C++and Java to improve code reusability and inspection accuracy.This paper studies and constructs the Java front end for this special need. First of all, this paper discusses the relative merits of some current security checking tools and the framework of the related one. Based on this, the whole design of Java front end which is divided into preprocessor and generation of intermediate representation is given. Secondly, the key technology of preprocessor on basis of Java Compiler Tree API is discussed, which includes the design of file format for preprocessing results and the exportation of information of symbol table and abstract syntax tree. Meanwhile, the core thought of generating intermediate representation based on ANTLR is explored, which is extension of the existing symbol table and abstract syntax tree, by using the result of which, symbol table is built and abstract syntax tree is created through adding semantic actions and flags in productions of syntax rules.Finally, the illustrations for checking security holes related to programming standard and file by using the front end of Java is provided, and the correctness of the methods for checking security holes in this paper is verified by demonstrations. |
PDF Full Text Request