Beruflich Dokumente
Kultur Dokumente
1,3
Network Information Center 2
Department of Computer Science
University of Science and and Software Engineering
Technology of China Concordia University
Hefei, Anhui, China Montreal, Quebec, Canada
Contents
FTSG = (s,L,N,C,F,OP,Result) ,
OP = {M, Slv},
k
T testsuite mi ( sampletree )
i 1
V1 =V2 ≠V3
where ai∈D(xi), as’∈D(xi), as≠as’
Heuristics are used to generate test cases more likely to trigger vulnerability in fe
in F.
TWO EXAMPLES:
1 strcpy( dst, src)
size(d )
, if len( s ) 0,
f (X ) len( s)
MAX _ DEFAULT _ FITNESS , if len( s ) = 0.
2 malloc(a)
A a , when a A,
f ( X ) 0, when a A and (a% A) B,
a % A B , when a A and ( a% A) B.
72 73 89
Figure 4. Relationships between inputs and insecure functions by static analysis
111 102 101 109
72 73 89
w width 111
d BitDepth 101
z Argument value of png_malloc 73
wuzhiyong0127@gmail.com
bill@cse.concordia.ca
zhuxy@ustc.edu.cn