Netinfo Security ›› 2015, Vol. 15 ›› Issue (6): 47-54.doi: 10.3969/j.issn.1671-1122.2015.06.008

Previous Articles     Next Articles

Null Pointer Dereference Detect Based on Judgment Logical in Software Security

WANG Rui-qiang, JIN Da-hai()   

  1. Institute of Network Technology, Beijing University of Posts and Telecommunications, Beijing 100876, China
  • Received:2015-03-02 Online:2015-06-20 Published:2018-07-16

Abstract:

Software security problems caused by null pointer dereference continue to emerge and bring great distress and loss to all aspects. In this paper, we apply static testing method to analyze and detect a kind of null pointer dereference. This paper present a method to detect null pointer dereference using judgment logical information. First, give some definitions and fault classifications about based on logic judgment to detect null pointer dereference fault (BLJDNPDF). Then, using method summary technology to extract indirect null judgment point and indirect pointer dereference point, define method summary’s contents, which contain method feature and post condition, do research on how to generate and transform method summary. Finally, using finite state machine to build model of BLJDNPDF, describe fault model description, and use state machine’s state change and method summary to complete BLJDNPDF detection.

Key words: software security, static analysis, null pointer dereference, null check, method summary

CLC Number: