| 基于源代码分析的软件静态测试 |
| |
| 引用本文: | 孟云秀,赵正旭.基于源代码分析的软件静态测试[J].河北省科学院学报,2013,30(2):16-21. |
| |
| 作者姓名: | 孟云秀 赵正旭 |
| |
| 作者单位: | 石家庄铁道大学信息科学与技术学院,河北石家庄,050043 |
| |
| 基金项目: | 国家自然科学基金项目(60873208) |
| |
| 摘 要: | 介绍了现代源代码分析技术中使用的安全规则,并对此技术可以测试出的软件中存在的内存管理、变量未初始化、空指针引用、数组访问越界或异常四类主要代码缺陷和缓冲区溢出等安全漏洞类缺陷几大问题做了研究。通过介绍一个基于源代码分析的静态测试工具Klocwork,提出了基于源代码分析技术的静态测试过程的四个阶段并对其进行分析,总结了其应用到大型航天软件中存在的一些问题,并说明解决其相应难题还需要准备进一步的研究工作。
|
| 关 键 词: | 源代码分析技术 软件缺陷 Klocwork 静态测试 |
Static software testing based on the source code analysis |
| |
| MENG Yun-xiu
,
ZHAO Zheng-xu.Static software testing based on the source code analysis[J].Journal of The Hebei Academy of Sciences,2013,30(2):16-21. |
| |
| Authors: | MENG Yun-xiu ZHAO Zheng-xu |
| |
| Institution: | (School of Information Science and Technology,Shijiazhuang Tiedao University,Shijiazhuang Hebei 05004,China) |
| |
| Abstract: | This paper first introduces the safety rule which standardizes static software testings based on the source code analysis technology and lists a few big problems which can be tested by the technology.These problems can be categorized as memory management,uninitialized variables,null pointer exception,array access violation and exception and buffer overflow.Besides,this paper gives a static test tool,Klocwork,which analyses source code,and puts forward four stages of the static software testings based on the source code analysis technology.In the end,certain issues inside aerospace simulation applications are technically summarized with associated research plans. |
| |
| Keywords: | Technology of source code analysis Software defect Klocwork Static testing |
| 本文献已被 CNKI 维普 万方数据 等数据库收录! |
|
