Intel yakaburitsa kodhi kodhi yeControlFlag muchina wekudzidza system kuona zvikanganiso mukodhi

Intel yakavhurwa kuburikidza neshambadziro zviitiko zvine chekuita neiyo ControlFlag research project, iyo inotarisirwa kugadzira muchina wekudzidza sisitimu yekuvandudza kunaka kwekodhi.

Chishandiso chakaburitswa pasi peMIT rezenisi uye inomira pachena nekubvumira, zvichibva pamuenzaniso wakadzidziswa pane yakakura kodhi iripo, kuona zvikanganiso zvakasiyana uye anomalies muzvinyorwa zvinyorwa zvakanyorwa mumitauro yepamusoro seC / C ++.

Iyo system inokodzera kuona marudzi akasiyana ematambudziko mukodhi yako, kubva pakuona zvikanganiso zve typographical uye isiriyo mhando musanganiswa, kusvika pakuona kushayikwa cheki yezvisina maturo mapoinzi uye matambudziko nendangariro.

Iyo sisitimu inodzidza yega nekuvaka chimiro chenhamba kubva kune iripo rondedzero yeakavhurika sosi kodhi yakaburitswa paGitHub uye yakafanana neruzhinji repositori. Muchikamu chekudzidzira, iyo system inosarudza matemplate chaiwo kuvaka zvimiro mukodhi uye inovaka muti we syntactic wekubatanidza pakati peaya matemplate, achiratidza kuyerera kwekodhi kuuraya muchirongwa. Nekuda kweizvozvo, muti wesarudzo wereferensi unoumbwa, uchibatanidza ruzivo rwekusimudzira rwese akaongororwa masosi zvinyorwa.

Kuita kuti ControlFlag iwanikwe kune yakakura software yekuvandudza nharaunda, Intel inofara kuzivisa kuti ControlFlag yave yakavhurika sosi uye inogona kuwanikwa pa https://github.com/IntelLabs/control-flag. Isu tinofara kupa vanogadzira mukana wekuvandudza pairi uye kuona zvimwe zvingaitwe neiyi yakakosha zvakanyanya uye yekuvandudza tekinoroji.

Kubva payakaunzwa, ControlFlag yakaedzwa mukugadzira-level software uye yakashandiswa zvakanyanya yakavhurika sosi software masisitimu. Semuenzaniso, gore rapfuura, ControlFlag yakaratidza kodhi inomaly muClient URL (cURL), chirongwa chekombuta software chinotamisa data uchishandisa akasiyana network protocol kanopfuura bhiriyoni imwe pazuva. Mushure mekutaura kusanzwisisika kuchikwata checURL, vakabvumirana nezvakawanikwa neControlFlag uye ndokuzoisa kodhi yavo.

Nzira yakafanana yekutsanangura mapatani inoitwa kwekodhi iri pasi pekuedzwa, iyo inofananidzwa nereferensi yekusarudza muti. Kusawirirana kukuru nemapazi ari pedyo kunoratidza kusanzwisisika patani iri kusimbiswa. Iyo sisitimu zvakare inobvumira kwete chete kuona chikanganiso mutemplate, asi zvakare kupa mhinduro. Semuyenzaniso, pakuparura chidimbu chekodhi "kana (x = 7) y = x;" sisitimu yaona kuti chivakwa "variable == number" chinowanzo shandiswa muchirevo chekuti "kana" kuenzanisa nhamba dzenhamba, saka chiratidzo chekuti "variable = nhamba" muchirevo chekuti "kana" chinogona kunge chiri kukonzerwa nekukanganisa kwekunyora .

Traditional static analyzers vaizoona kukanganisa kwakadaro, asi, kusiyana navo, ControlFlag haishandisi kunze-kwe-the-box mitemo, umo zvakaoma kufanoona zvose zvingasarudzwa, asi zvinotanga kubva kuhuwandu hwekushandiswa kwemarudzi ose. yezvivakwa.muhuwandu hwakawanda hwezvirongwa.

Sekuedza, paunenge uchishandisa ControlFlag mune kodhi kodhi ye cURL utility, kazhinji inodudzwa semuenzaniso yekodhi, yemhando yepamusoro kodhi, static analyzers yakaratidza bug isingaite kana uchishandisa chimiro che "s-> keepon", iyo yaive nenhamba yemhando, asi yakaenzaniswa neiyo boolean kukosha TRUE.

Mune kodhi yeOpenSSL, mukuwedzera kune dambudziko rataurwa pamusoro ne "(s1 == NULL) ∧ (s2 == NULL)", anomalies akaonekwawo muzvirevo "(-2 == rv)" izvo zvaive zvishoma. typo.

Zvinonziwo kushandiswa kweControlFlag kwakaita kuti zvikwanise kuona mazana emabhugi mune isiri-chaiyo proprietary software, zvichikonzera kuputsika uye matambudziko ekurangarira.

Finalmente kana iwe uchifarira kuziva zvakawanda nezvazvo, unogona kutarisa ruzivo Mune inotevera chinongedzo. Kana vari avo vanofarira kuona iyo kodhi kodhi, kuiwana kana kuigadzira munzvimbo inochengeterwa, vanogona kuzviita kubva. chinotevera chinongedzo.


Izvo zviri muchinyorwa zvinoomerera pamisimboti yedu ye tsika dzekunyora. Kuti utaure chikanganiso tinya pano.

Iva wekutanga kutaura

Siya yako yekutaura

Your kero e havazobvumirwi ichibudiswa.

*

*

  1. Inotarisira data: AB Internet Networks 2008 SL
  2. Chinangwa cheiyo data: Kudzora SPAM, manejimendi manejimendi.
  3. Legitimation: Kubvuma kwako
  4. Kutaurirana kwedata
  5. Dhata yekuchengetedza: Dhatabhesi inobatwa neOccentus Networks (EU)
  6. Kodzero: Panguva ipi neipi iwe unogona kudzora, kupora uye kudzima ruzivo rwako