| With the rapid development of computer technology, software is widely used in various walks of life, which has become indispensable in our daily lives. Software on average contains 10 to 20 defects per thousand lines of code after compiling and testing. Though, software companies typically spend more than 80% of their development budget on quality control. Software remains buggy, as evidenced by the continuous, mandatory patches. The increasingly large and complex of computer software, which makes the vulnerabilities in the software more and more difficult to detect. In the lifetime of software, software testing occupies an important position which is an important mean to verify the correctness and test defects of the software. How to improve the quality and security of software is an issue needing concern of researchers and software companies.Compared to the traditional use of test cases of dynamic software testing, static analysis techniques do not need to actually run the program, through analyzing the source code or intermediate code to inspect the potential errors. Static analysis, while having advantages, but there are also shortcomings. Current static analysis tools in detecting source codes have the problem of false alarm and omission, and the problem is serious. How to reduce the false alarm rate and omission rate of the static analysis tools need the concern of the researchers and software companies.This dissertation mainly studies vulnerability checks of C programs, such as array out of bounds, uninitialized variables and null pointer deference. Based on the technology of static analysis of software testing, by reading a large number of domestic and foreign documents, the dissertation provides the summary of traditional software testing techniques. Through comparative study of a variety of testing methods of static analysis, the dissertation points out the limitation of the existing static analysis tools. Based on the theoretical knowledge above, in Linux development environment, based on the open-source code tool CallTree, the dissertation develops a static analysis tool CT_Check, which supports user defined property rules. And we define a set of primitive operations to facilitate writing the property rule files. In the process of its development, we use strict generation algorithm of control flow graph and the function call graph to make CT_Check with low false alarm and low omission rate. Finally, through the classification tests include the use of uninitialized variables, array out of bounds, null pointer dereference errors in small programs, as well as the source code of larger systems, which show the effectiveness of the tool. |
PDF Full Text Request