The Research And Implementation Of Source Code Vulnerability Analysis System For Military Application

As information technology continues to develop, the use of military applications more widely, and constantly improve software complexity, the importance of software security is particularly prominent. The current military enterprise application software mainly faces the confidentiality and security of reliable and secure two security risks, through census and survey data to software domestic defense and military industrial units of analysis, show that57%of the current kinds of application software using C/C++As written in the language, and in the operation has exposed a problem stability, integrity, security, signifies there are many software security vulnerabilities in the design, development and use. This article considers the application software for the industry in the common buffer overflow exploits, memory leak detection technology has been studied, analyzed the relevant research background and research for the current situation and development trend in the field at home and abroad It was analyzed on the basis of the research described in this topic.As in recent years, based on the detection of static analysis program has become an important research tool software testing, this article will focus on the detection of static methods of research and track the domestic and foreign research for static analysis software. First, the source code vulnerability analysis system modeling, followed from buffer overflow attacks and memory leaks principle start of vulnerability detection technology types associated with the memory-depth and systematic research. The project presents a prototype code that detection tool, source code control flowchart to be detected by the generated code structure abstract representations, reuse scoped pointers and recursion solving methods such as the implementation of vulnerability detection, complete detection in linear time, while avoiding the conventional path detection problems caused by the explosion.Finally, classification test comprising more than two loopholes in the source code, the test results show that the system can accurately detect security vulnerabilities that exist in the code, improve the efficiency of the detection system, reducing false positives and false negatives. Achieve the desired purpose system designed and made models of case analysis and conclusions are given.