US20150095894A1 - Detecting race condition vulnerabilities in computer software applications - Google Patents
Detecting race condition vulnerabilities in computer software applications Download PDFInfo
- Publication number
- US20150095894A1 US20150095894A1 US14/040,884 US201314040884A US2015095894A1 US 20150095894 A1 US20150095894 A1 US 20150095894A1 US 201314040884 A US201314040884 A US 201314040884A US 2015095894 A1 US2015095894 A1 US 2015095894A1
- Authority
- US
- United States
- Prior art keywords
- computer software
- computer
- data resource
- software application
- executable
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Abandoned
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F11/00—Error detection; Error correction; Monitoring
- G06F11/36—Preventing errors by testing or debugging software
- G06F11/362—Software debugging
- G06F11/3644—Software debugging by instrumenting at runtime
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F11/00—Error detection; Error correction; Monitoring
- G06F11/36—Preventing errors by testing or debugging software
- G06F11/3604—Software analysis for verifying properties of programs
- G06F11/3612—Software analysis for verifying properties of programs by runtime analysis
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F11/00—Error detection; Error correction; Monitoring
- G06F11/36—Preventing errors by testing or debugging software
- G06F11/362—Software debugging
- G06F11/3632—Software debugging of specific synchronisation aspects
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F11/00—Error detection; Error correction; Monitoring
- G06F11/36—Preventing errors by testing or debugging software
- G06F11/3668—Software testing
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F11/00—Error detection; Error correction; Monitoring
- G06F11/36—Preventing errors by testing or debugging software
- G06F11/3668—Software testing
- G06F11/3672—Test management
- G06F11/3688—Test management for test execution, e.g. scheduling of test suites
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/57—Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
- G06F21/577—Assessing vulnerabilities and evaluating computer system security
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F9/00—Arrangements for program control, e.g. control units
- G06F9/06—Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
- G06F9/46—Multiprogramming arrangements
- G06F9/52—Program synchronisation; Mutual exclusion, e.g. by means of semaphores
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/03—Indexing scheme relating to G06F21/50, monitoring users, programs or devices to maintain the integrity of platforms
- G06F2221/033—Test or assess software
Definitions
- the present disclosure relates to testing computer software applications in general, and more particularly to detecting race condition vulnerabilities in computer software applications.
- Race conditions are often the cause of subtle functional bugs in multi-threaded software systems. Beyond functional problems, race conditions can also potentially lead to security vulnerabilities. For example, in one well-known race condition example an attacker may read and alter protected files in the UnixTM file system. In another well-known example, race conditions arise due to interaction between a web-based application and an underlying relational database, thereby exposing the database to unauthorized access.
- a method for testing computer software applications. The method includes identifying a first executable portion of a computer software application and a second executable portion of the computer software application, where the first and second executable portions are configured to access a data resource, and where at least one of the first and second executable portions is configured to write to the data resource, instrumenting the computer software application by inserting at least one instrumentation instruction into at least one of the first and second executable portions, where the instrumentation instruction is configured to cause execution of the portion being instrumented to be extended by a randomly-determined amount of time, and testing the computer software application in each of multiple iterations, where the computer software application is executed in multiple parallel execution threads, where the first and second executable portions are independently executed at least partially in parallel in different ones of the threads, and where the computer software application is differently instrumented in each of the iterations.
- FIG. 1 is a simplified conceptual illustration of a system for testing computer software applications, constructed and operative in accordance with an embodiment of the invention
- FIG. 2 is a simplified flowchart illustration of an exemplary method of operation of the system of FIG. 1 , operative in accordance with an embodiment of the invention
- FIG. 3 is a simplified source code example for illustrating the system of FIG. 1 and method of FIG. 2 ;
- FIG. 4 is a simplified block diagram illustration of an exemplary hardware implementation of a computing system, constructed and operative in accordance with an embodiment of the invention.
- aspects of the present invention may be embodied as a system, method or computer program product. Accordingly, aspects of the present invention may take the form of an entirely hardware embodiment, an entirely software embodiment (including firmware, resident software, micro-code, etc.) or an embodiment combining software and hardware aspects that may all generally be referred to herein as a “circuit,” “module” or “system.” Furthermore, aspects of the present invention may take the form of a computer program product embodied in one or more computer readable medium(s) having computer readable program code embodied thereon.
- the computer readable medium may be a computer readable signal medium or a computer readable storage medium.
- a computer readable storage medium may be, for example, but not limited to, an electronic, magnetic, optical, electromagnetic, infrared, or semiconductor system, apparatus, or device, or any suitable combination of the foregoing.
- a computer readable storage medium may be any tangible medium that can contain, or store a program for use by or in connection with an instruction execution system, apparatus, or device.
- a computer readable signal medium may include a propagated data signal with computer readable program code embodied therein, for example, in baseband or as part of a carrier wave. Such a propagated signal may take any of a variety of forms, including, but not limited to, electro-magnetic, optical, or any suitable combination thereof.
- a computer readable signal medium may be any computer readable medium that is not a computer readable storage medium and that can communicate, propagate, or transport a program for use by or in connection with an instruction execution system, apparatus, or device.
- Program code embodied on a computer readable medium may be transmitted using any appropriate medium, including but not limited to wireless, wireline, optical fiber cable, RF, etc., or any suitable combination of the foregoing.
- Computer program code for carrying out operations for aspects of the present invention may be written in any combination of one or more programming languages, including an object oriented programming language such as JavaTM, SmalltalkTM, C++ or the like and conventional procedural programming languages, such as the “C” programming language or similar programming languages.
- the program code may execute entirely on the user's computer, partly on the user's computer, as a stand-alone software package, partly on the user's computer and partly on a remote computer or entirely on the remote computer or server.
- the remote computer may be connected to the user's computer through any type of network, including a local area network (LAN) or a wide area network (WAN), or the connection may be made to an external computer (for example, through the Internet using an Internet Service Provider).
- LAN local area network
- WAN wide area network
- Internet Service Provider for example, AT&T, MCI, Sprint, EarthLinkTM, MSN, GTE, etc.
- These computer program instructions may also be stored in a computer readable medium that can direct a computer, other programmable data processing apparatus, or other devices to function in a particular manner, such that the instructions stored in the computer readable medium produce an article of manufacture including instructions which implement the function/act specified in the flowchart and/or block diagram block or blocks.
- the computer program instructions may also be loaded onto a computer, other programmable data processing apparatus, or other devices to cause a series of operational steps to be performed on the computer, other programmable apparatus or other devices to produce a computer implemented process such that the instructions which execute on the computer or other programmable apparatus provide processes for implementing the functions/acts specified in the flowchart and/or block diagram block or blocks.
- FIG. 1 is a simplified conceptual illustration of a system for testing computer software applications, constructed and operative in accordance with an embodiment of the present invention.
- a static analyzer 100 is configured to identify, using conventional static analysis techniques, a data interdependency between a first executable portion 102 of a computer software application 104 and a second executable portion 106 of computer software application 104 , where first and second executable portions 102 and 106 are each configured to access a data resource 108 , such as by reading and/or writing to the same program variable or database record, and where one or both of the first and second executable portions 102 and 106 are configured to write to data resource 108 .
- Computer software application 104 may be any type of software application, including those configured for use with mainframe and desktop computers and mobile computing devices.
- computer software application 104 may be a “web” application including Hypertext Markup Language (HTML)-encoded web pages that may be hosted by a computer server and accessed by one or more client computers via a computer network, such as the Internet.
- Such web applications may include client-side scripting.
- first and second executable portions 102 and 106 may be separate JavaScriptTM methods within the same HTML-encoded web page of a web application.
- An instrumentation manager 110 is configured to instrument computer software application 104 by inserting one or more instrumentation instructions into one or both of first and second executable portions 102 and 106 , where the instrumentation instructions are configured to cause execution of the portion being instrumented to be extended by a randomly-determined amount of time, e.g., on the order of tens or hundreds of milliseconds, such as where any of the instrumentation instructions causes an operation to be performed for the duration of a randomly-determined amount of time.
- instrumentation manager 110 inserts such instrumentation instruction just before and/or just after any, and every, location where data resource 108 is read or written to.
- a software tester 112 is configured to test computer software application 104 over multiple iterations using conventions techniques, such as black-box or glass-box testing, where computer software application 104 is instrumented differently in each of the iterations, such as where in different iterations computer software application 104 includes more or fewer instrumentation instructions, is instrumented in different locations, and/or where the randomly-determined amount of time associated with each of the instrumentation instructions varies from iteration to iteration.
- computer software application 104 is executed in two or more parallel execution threads, where first and second executable portions 102 and 106 are independently executed in parallel, or partly in parallel, in different ones of the threads.
- software tester 112 is also configured to identify a race condition vulnerability associated with computer software application 104 if different values of data resource 108 are detected after different ones of the iterations. Additionally, or alternatively, software tester 112 is configured to identify a race condition vulnerability associated with computer software application 104 if it determines that during one of the iterations first executable portion 102 writes to data resource 108 before second executable portion 106 accesses the data resource, and during a different one of the iterations second executable portion 106 accesses data resource 108 before first executable portion 102 writes to data resource 108 .
- FIG. 1 may be implemented by a computer, such as computer 114 , by implementing any of the elements in computer hardware and/or in computer software embodied in a non-transitory, computer-readable storage medium in accordance with conventional techniques.
- FIG. 2 is a simplified flowchart illustration of an exemplary method of operation of the system of FIG. 1 , operative in accordance with an embodiment of the invention.
- first and second executable portions of a computer software application are identified as being data interdependent, where each portion is configured to access a data resource, and where one or both of the portions are configured to write to the data resource (step 200 ).
- the computer software application is instrumented by inserting one or more instrumentation instructions into one or both of the first and second executable portions, in proximity to one or more locations where the data resource is accessed, where the instrumentation instructions are configured to cause execution of the portion being instrumented to be extended by a randomly-determined amount of time (step 202 ).
- the computer software application is executed in two or more parallel execution threads, where the first and second executable portions are independently executed in parallel, or partly in parallel, in different ones of the threads (step 204 ).
- the computer software application is tested over multiple iterations, where the computer software application is instrumented differently in each of the iterations (step 206 ).
- a race condition vulnerability associated with the computer software application if different values of the data resource are detected after different ones of the iterations (step 208 ), and/or if it is determined that during one of the iterations the first executable portion writes to the data resource before the second executable portion accesses the data resource, and during a different one of the iterations the second executable portion accesses the data resource before the first executable portion writes to the data resource (step 210 ).
- FIG. 1 and method of FIG. 2 may be illustrated in the context of the example shown in FIG. 3 , in which there are two servlets labeled servlet A and servlet B.
- servlet A manipulates the same session attribute, “uprefs”, this introduces a potential race condition vulnerability.
- servlet B neglects to sanitize the value it reads from a database and into variable userPrefs before inserting it into the session if it's not there already.
- servlet A finds that “uprefs” is not in the session; 2) servlet A then reads the value of “uprefs” from the database, sanitizes it, and adds it into the session object; 3) servlet B checks for “uprefs”, and also finds that it is not in the database; 4) servlet A inserts “uprefs” into the session object; 5) servlet B does the same, thereby overwriting servlet A's sanitized value with an unsanitized value; and 6) servlet A reads “uprefs” from the session and, assuming that it is sanitized, uses the read value in a security-sensitive operation. This is where a potential security vulnerability is manifested.
- the system of FIG. 1 and method of FIG. 2 may be employed to find which execution units in the computer software application access the same data.
- static analysis is applied to the subject application to identify accesses to shared state information by different execution units; 2) instrumentation instructions including random wait commands are inserted around those statements that access the same data (i.e., the ⁇ get/set ⁇ Attribute calls); 3) the application is executed in single-threaded mode; 4) dependence analysis is performed on the execution trace of the single-threaded run as provided by the instrumentation. This reveals that servlets A and B both access the attribute “uprefs”; 5) for each pair (A,B) of execution units that were found to access the same data in the previous step, let S a,1 .
- . . S a,m and S b,1 . . . S b,n be the statements through which they are data-interdependent (e.g., the ⁇ get/set ⁇ Attribute calls).
- the application is then instrumented such that a) there is a random wait (e.g., Thread.sleep call with a random value in JavaTM) in between every pair of consecutive statements in S a,1 . . . S a,m , as well as in S b,1 . . .
- servlets A and B would be identified as a candidate pair for testing by the end of step 4. Then, in step 6, a vulnerability attributable to a race condition would typically be identified by enforcing random waits between ⁇ set/get ⁇ Attribute calls and focusing testing on servlets A and B which allows multiple testing rounds, and thus high coverage.
- block diagram 400 illustrates an exemplary hardware implementation of a computing system in accordance with which one or more components/methodologies of the invention (e.g., components/methodologies described in the context of FIGS. 1-2 ) may be implemented, according to an embodiment of the invention.
- the techniques for controlling access to at least one resource may be implemented in accordance with a processor 410 , a memory 412 , I/O devices 414 , and a network interface 416 , coupled via a computer bus 418 or alternate connection arrangement.
- processor as used herein is intended to include any processing device, such as, for example, one that includes a CPU (central processing unit) and/or other processing circuitry. It is also to be understood that the term “processor” may refer to more than one processing device and that various elements associated with a processing device may be shared by other processing devices.
- memory as used herein is intended to include memory associated with a processor or CPU, such as, for example, RAM, ROM, a fixed memory device (e.g., hard drive), a removable memory device (e.g., diskette), flash memory, etc. Such memory may be considered a computer readable storage medium.
- input/output devices or “I/O devices” as used herein is intended to include, for example, one or more input devices (e.g., keyboard, mouse, scanner, etc.) for entering data to the processing unit, and/or one or more output devices (e.g., speaker, display, printer, etc.) for presenting results associated with the processing unit.
- input devices e.g., keyboard, mouse, scanner, etc.
- output devices e.g., speaker, display, printer, etc.
- each block in the flowchart or block diagrams may represent a module, segment, or portion of code, which comprises one or more executable instructions for implementing the specified logical function(s).
- the functions noted in the block may occur out of the order noted in the figures. For example, two blocks shown in succession may, in fact, be executed substantially concurrently, or the blocks may sometimes be executed in the reverse order, depending upon the functionality involved.
- any of the elements described hereinabove may be implemented as a computer program product embodied in a computer-readable medium, such as in the form of computer program instructions stored on magnetic or optical storage media or embedded within computer hardware, and may be executed by or otherwise accessible to a computer.
Abstract
Testing computer software applications is performed by identifying first and second executable portions of the computer software application, where the portions are configured to access a data resource, and where at least one of the portions is configured to write to the data resource, instrumenting the computer software application by inserting one or more instrumentation instructions into one or both of the portions, where the instrumentation instruction is configured to cause execution of the portion being instrumented to be extended by a randomly-determined amount of time, and testing the computer software application in multiple iterations, where the computer software application is executed in multiple parallel execution threads, where the portions are independently executed at least partially in parallel in different threads, and where the computer software application is differently instrumented in each of the iterations.
Description
- The present disclosure relates to testing computer software applications in general, and more particularly to detecting race condition vulnerabilities in computer software applications.
- Race conditions are often the cause of subtle functional bugs in multi-threaded software systems. Beyond functional problems, race conditions can also potentially lead to security vulnerabilities. For example, in one well-known race condition example an attacker may read and alter protected files in the Unix™ file system. In another well-known example, race conditions arise due to interaction between a web-based application and an underlying relational database, thereby exposing the database to unauthorized access.
- Discovering race conditions is challenging in that, by definition, they manifest only in specific thread interleavings. Static analysis suffers from inherent limitations in modeling thread interleavings in a sound and accurate manner, and thus typically yields highly inaccurate results in detecting race conditions in industry-scale applications where scalability is key. Dynamic testing, on the other hand, is challenged by the fact that most thread interleavings do not highlight a latent race condition, and thus running the subject application a small number of times is unlikely to yield satisfactory coverage. Checking all possible interleavings is also impractical for large applications, and thus effective testing for data races remains a challenge.
- In one embodiment of the present invention, a method is provided for testing computer software applications. The method includes identifying a first executable portion of a computer software application and a second executable portion of the computer software application, where the first and second executable portions are configured to access a data resource, and where at least one of the first and second executable portions is configured to write to the data resource, instrumenting the computer software application by inserting at least one instrumentation instruction into at least one of the first and second executable portions, where the instrumentation instruction is configured to cause execution of the portion being instrumented to be extended by a randomly-determined amount of time, and testing the computer software application in each of multiple iterations, where the computer software application is executed in multiple parallel execution threads, where the first and second executable portions are independently executed at least partially in parallel in different ones of the threads, and where the computer software application is differently instrumented in each of the iterations.
- In other aspects of the invention systems and computer program products embodying the invention are provided.
- The present invention will be understood and appreciated more fully from the following detailed description taken in conjunction with the appended drawings in which:
-
FIG. 1 is a simplified conceptual illustration of a system for testing computer software applications, constructed and operative in accordance with an embodiment of the invention; -
FIG. 2 is a simplified flowchart illustration of an exemplary method of operation of the system ofFIG. 1 , operative in accordance with an embodiment of the invention; -
FIG. 3 is a simplified source code example for illustrating the system ofFIG. 1 and method ofFIG. 2 ; and -
FIG. 4 is a simplified block diagram illustration of an exemplary hardware implementation of a computing system, constructed and operative in accordance with an embodiment of the invention. - The embodiments of the present invention will now be described, although the description is intended to be illustrative of the present invention as a whole, and is not to be construed as limiting to the embodiments shown. It is appreciated that various modifications may occur to those skilled in the art that, while not specifically shown herein, are nevertheless within the true spirit and scope of the present invention.
- As will be appreciated by one skilled in the art, aspects of the present invention may be embodied as a system, method or computer program product. Accordingly, aspects of the present invention may take the form of an entirely hardware embodiment, an entirely software embodiment (including firmware, resident software, micro-code, etc.) or an embodiment combining software and hardware aspects that may all generally be referred to herein as a “circuit,” “module” or “system.” Furthermore, aspects of the present invention may take the form of a computer program product embodied in one or more computer readable medium(s) having computer readable program code embodied thereon.
- Any combination of one or more computer readable medium(s) may be utilized. The computer readable medium may be a computer readable signal medium or a computer readable storage medium. A computer readable storage medium may be, for example, but not limited to, an electronic, magnetic, optical, electromagnetic, infrared, or semiconductor system, apparatus, or device, or any suitable combination of the foregoing. More specific examples (a non-exhaustive list) of the computer readable storage medium would include the following: an electrical connection having one or more wires, a portable computer diskette, a hard disk, a random access memory (RAM), a read-only memory (ROM), an erasable programmable read-only memory (EPROM or Flash memory), an optical fiber, a portable compact disc read-only memory (CD-ROM), an optical data storage device, a magnetic data storage device, or any suitable combination of the foregoing. In the context of this document, a computer readable storage medium may be any tangible medium that can contain, or store a program for use by or in connection with an instruction execution system, apparatus, or device.
- A computer readable signal medium may include a propagated data signal with computer readable program code embodied therein, for example, in baseband or as part of a carrier wave. Such a propagated signal may take any of a variety of forms, including, but not limited to, electro-magnetic, optical, or any suitable combination thereof. A computer readable signal medium may be any computer readable medium that is not a computer readable storage medium and that can communicate, propagate, or transport a program for use by or in connection with an instruction execution system, apparatus, or device.
- Program code embodied on a computer readable medium may be transmitted using any appropriate medium, including but not limited to wireless, wireline, optical fiber cable, RF, etc., or any suitable combination of the foregoing.
- Computer program code for carrying out operations for aspects of the present invention may be written in any combination of one or more programming languages, including an object oriented programming language such as Java™, Smalltalk™, C++ or the like and conventional procedural programming languages, such as the “C” programming language or similar programming languages. The program code may execute entirely on the user's computer, partly on the user's computer, as a stand-alone software package, partly on the user's computer and partly on a remote computer or entirely on the remote computer or server. In the latter scenario, the remote computer may be connected to the user's computer through any type of network, including a local area network (LAN) or a wide area network (WAN), or the connection may be made to an external computer (for example, through the Internet using an Internet Service Provider).
- Aspects of the present invention are described below with reference to flowchart illustrations and/or block diagrams of methods, apparatus (systems) and computer program products according to embodiments of the invention. It will be understood that each block of the flowchart illustrations and/or block diagrams, and combinations of blocks in the flowchart illustrations and/or block diagrams, can be implemented by computer program instructions. These computer program instructions may be provided to a processor of a general purpose computer, special purpose computer, or other programmable data processing apparatus to produce a machine, such that the instructions, which execute via the processor of the computer or other programmable data processing apparatus, create means for implementing the functions/acts specified in the flowchart and/or block diagram block or blocks.
- These computer program instructions may also be stored in a computer readable medium that can direct a computer, other programmable data processing apparatus, or other devices to function in a particular manner, such that the instructions stored in the computer readable medium produce an article of manufacture including instructions which implement the function/act specified in the flowchart and/or block diagram block or blocks.
- The computer program instructions may also be loaded onto a computer, other programmable data processing apparatus, or other devices to cause a series of operational steps to be performed on the computer, other programmable apparatus or other devices to produce a computer implemented process such that the instructions which execute on the computer or other programmable apparatus provide processes for implementing the functions/acts specified in the flowchart and/or block diagram block or blocks.
- Reference is now made to
FIG. 1 which is a simplified conceptual illustration of a system for testing computer software applications, constructed and operative in accordance with an embodiment of the present invention. In the system ofFIG. 1 , astatic analyzer 100 is configured to identify, using conventional static analysis techniques, a data interdependency between afirst executable portion 102 of acomputer software application 104 and asecond executable portion 106 ofcomputer software application 104, where first and secondexecutable portions data resource 108, such as by reading and/or writing to the same program variable or database record, and where one or both of the first and secondexecutable portions data resource 108.Computer software application 104 may be any type of software application, including those configured for use with mainframe and desktop computers and mobile computing devices. For example,computer software application 104 may be a “web” application including Hypertext Markup Language (HTML)-encoded web pages that may be hosted by a computer server and accessed by one or more client computers via a computer network, such as the Internet. Such web applications may include client-side scripting. Thus, for example, first and secondexecutable portions - An
instrumentation manager 110 is configured to instrumentcomputer software application 104 by inserting one or more instrumentation instructions into one or both of first and secondexecutable portions instrumentation manager 110 inserts such instrumentation instruction just before and/or just after any, and every, location wheredata resource 108 is read or written to. - A
software tester 112 is configured to testcomputer software application 104 over multiple iterations using conventions techniques, such as black-box or glass-box testing, wherecomputer software application 104 is instrumented differently in each of the iterations, such as where in different iterationscomputer software application 104 includes more or fewer instrumentation instructions, is instrumented in different locations, and/or where the randomly-determined amount of time associated with each of the instrumentation instructions varies from iteration to iteration. During each iteration,computer software application 104 is executed in two or more parallel execution threads, where first and secondexecutable portions software tester 112 is also configured to identify a race condition vulnerability associated withcomputer software application 104 if different values ofdata resource 108 are detected after different ones of the iterations. Additionally, or alternatively,software tester 112 is configured to identify a race condition vulnerability associated withcomputer software application 104 if it determines that during one of the iterationsfirst executable portion 102 writes todata resource 108 beforesecond executable portion 106 accesses the data resource, and during a different one of the iterationssecond executable portion 106accesses data resource 108 beforefirst executable portion 102 writes todata resource 108. - Any of the elements shown in
FIG. 1 may be implemented by a computer, such ascomputer 114, by implementing any of the elements in computer hardware and/or in computer software embodied in a non-transitory, computer-readable storage medium in accordance with conventional techniques. - Reference is now made to
FIG. 2 , which is a simplified flowchart illustration of an exemplary method of operation of the system ofFIG. 1 , operative in accordance with an embodiment of the invention. In the method ofFIG. 2 , first and second executable portions of a computer software application are identified as being data interdependent, where each portion is configured to access a data resource, and where one or both of the portions are configured to write to the data resource (step 200). The computer software application is instrumented by inserting one or more instrumentation instructions into one or both of the first and second executable portions, in proximity to one or more locations where the data resource is accessed, where the instrumentation instructions are configured to cause execution of the portion being instrumented to be extended by a randomly-determined amount of time (step 202). The computer software application is executed in two or more parallel execution threads, where the first and second executable portions are independently executed in parallel, or partly in parallel, in different ones of the threads (step 204). The computer software application is tested over multiple iterations, where the computer software application is instrumented differently in each of the iterations (step 206). A race condition vulnerability associated with the computer software application if different values of the data resource are detected after different ones of the iterations (step 208), and/or if it is determined that during one of the iterations the first executable portion writes to the data resource before the second executable portion accesses the data resource, and during a different one of the iterations the second executable portion accesses the data resource before the first executable portion writes to the data resource (step 210). - The system of
FIG. 1 and method ofFIG. 2 may be illustrated in the context of the example shown inFIG. 3 , in which there are two servlets labeled servlet A and servlet B. As both servlets manipulate the same session attribute, “uprefs”, this introduces a potential race condition vulnerability. Furthermore, servlet B neglects to sanitize the value it reads from a database and into variable userPrefs before inserting it into the session if it's not there already. This may introduce the following vulnerable interleaving: 1) servlet A finds that “uprefs” is not in the session; 2) servlet A then reads the value of “uprefs” from the database, sanitizes it, and adds it into the session object; 3) servlet B checks for “uprefs”, and also finds that it is not in the database; 4) servlet A inserts “uprefs” into the session object; 5) servlet B does the same, thereby overwriting servlet A's sanitized value with an unsanitized value; and 6) servlet A reads “uprefs” from the session and, assuming that it is sanitized, uses the read value in a security-sensitive operation. This is where a potential security vulnerability is manifested. - The system of
FIG. 1 and method ofFIG. 2 may be employed to find which execution units in the computer software application access the same data. Thus, for example: 1) static analysis is applied to the subject application to identify accesses to shared state information by different execution units; 2) instrumentation instructions including random wait commands are inserted around those statements that access the same data (i.e., the {get/set}Attribute calls); 3) the application is executed in single-threaded mode; 4) dependence analysis is performed on the execution trace of the single-threaded run as provided by the instrumentation. This reveals that servlets A and B both access the attribute “uprefs”; 5) for each pair (A,B) of execution units that were found to access the same data in the previous step, let Sa,1 . . . Sa,m and Sb,1 . . . Sb,n be the statements through which they are data-interdependent (e.g., the {get/set}Attribute calls). The application is then instrumented such that a) there is a random wait (e.g., Thread.sleep call with a random value in Java™) in between every pair of consecutive statements in Sa,1 . . . Sa,m, as well as in Sb,1 . . . Sb,n; and b) the arguments to sink statements (e.g., resp.getWriter( ).write) are checked to test whether a vulnerability has occurred; and 6) for each pair (A,B) of data-interdependent execution units, an instrumented version of the subject application is run (with the instrumentation from step 5) in a multi-threaded mode, within a testing environment (e.g., where the backend database includes test data payloads), and test data requests are sent in parallel to the application instances that invoke A and B. - Thus, in the example in
FIG. 3 , servlets A and B would be identified as a candidate pair for testing by the end of step 4. Then, in step 6, a vulnerability attributable to a race condition would typically be identified by enforcing random waits between {set/get}Attribute calls and focusing testing on servlets A and B which allows multiple testing rounds, and thus high coverage. - Referring now to
FIG. 4 , block diagram 400 illustrates an exemplary hardware implementation of a computing system in accordance with which one or more components/methodologies of the invention (e.g., components/methodologies described in the context ofFIGS. 1-2 ) may be implemented, according to an embodiment of the invention. - As shown, the techniques for controlling access to at least one resource may be implemented in accordance with a
processor 410, amemory 412, I/O devices 414, and anetwork interface 416, coupled via acomputer bus 418 or alternate connection arrangement. - It is to be appreciated that the term “processor” as used herein is intended to include any processing device, such as, for example, one that includes a CPU (central processing unit) and/or other processing circuitry. It is also to be understood that the term “processor” may refer to more than one processing device and that various elements associated with a processing device may be shared by other processing devices.
- The term “memory” as used herein is intended to include memory associated with a processor or CPU, such as, for example, RAM, ROM, a fixed memory device (e.g., hard drive), a removable memory device (e.g., diskette), flash memory, etc. Such memory may be considered a computer readable storage medium.
- In addition, the phrase “input/output devices” or “I/O devices” as used herein is intended to include, for example, one or more input devices (e.g., keyboard, mouse, scanner, etc.) for entering data to the processing unit, and/or one or more output devices (e.g., speaker, display, printer, etc.) for presenting results associated with the processing unit.
- The flowchart and block diagrams in the Figures illustrate the architecture, functionality, and operation of possible implementations of systems, methods and computer program products according to various embodiments of the invention. In this regard, each block in the flowchart or block diagrams may represent a module, segment, or portion of code, which comprises one or more executable instructions for implementing the specified logical function(s). It should also be noted that, in some alternative implementations, the functions noted in the block may occur out of the order noted in the figures. For example, two blocks shown in succession may, in fact, be executed substantially concurrently, or the blocks may sometimes be executed in the reverse order, depending upon the functionality involved. It will also be noted that each block of the block diagrams and/or flowchart illustration, and combinations of blocks in the block diagrams and/or flowchart illustration, can be implemented by special purpose hardware-based systems that perform the specified functions or acts, or combinations of special purpose hardware and computer instructions.
- It will be appreciated that any of the elements described hereinabove may be implemented as a computer program product embodied in a computer-readable medium, such as in the form of computer program instructions stored on magnetic or optical storage media or embedded within computer hardware, and may be executed by or otherwise accessible to a computer.
- While the methods and apparatus herein may or may not have been described with reference to specific computer hardware or software, it is appreciated that the methods and apparatus described herein may be readily implemented in computer hardware or software using conventional techniques.
- While the invention has been described with reference to one or more specific embodiments, the description is intended to be illustrative of the invention as a whole and is not to be construed as limiting the invention to the embodiments shown. It is appreciated that various modifications may occur to those skilled in the art that, while not specifically shown herein, are nevertheless within the true spirit and scope of the invention.
Claims (20)
1. A method for testing computer software applications, the method comprising:
identifying a first executable portion of a computer software application and a second executable portion of the computer software application,
wherein the first and second executable portions are configured to access a data resource, and
wherein at least one of the first and second executable portions is configured to write to the data resource;
instrumenting the computer software application, the instrumenting comprising inserting at least one instrumentation instruction into at least one of the first and second executable portions, wherein the instrumentation instruction is configured to cause execution of the portion being instrumented to be extended by a randomly-determined amount of time; and
testing the computer software application in each of a plurality of iterations,
wherein the computer software application is executed in multiple parallel execution threads,
wherein the first and second executable portions are independently executed at least partially in parallel in different ones of the threads, and
wherein the computer software application is differently instrumented in each of the iterations.
2. The method according to claim 1 wherein the identifying comprises identifying at least one of the first and second executable portions is configured to read the data resource.
3. The method according to claim 1 wherein the instrumenting comprises configuring the instrumentation instruction to perform an operation for the duration of the randomly-determined amount of time.
4. The method according to claim 1 wherein the instrumenting comprises inserting the instrumentation instruction proximate to a location where the data resource is accessed.
5. The method according to claim 1 and further comprising identifying a race condition vulnerability associated with the computer software application if different values of the data resource are detected after different ones of the iterations.
6. The method according to claim 1 and further comprising identifying a race condition vulnerability associated with the computer software application if during one of the iterations the first executable portion writes to the data resource before the second executable portion accesses the data resource, and during a different one of the iterations the second executable portion accesses the data resource before the first executable portion writes to the data resource.
7. The method according to claim 1 wherein the identifying, instrumenting, and testing steps are implemented in any of
computer hardware configured to perform the steps, and
computer software configured to perform the steps and embodied in a computer-readable storage medium.
8. A system for testing computer software applications, the system comprising:
a static analyzer configured to identify a first executable portion of a computer software application and a second executable portion of the computer software application,
wherein the first and second executable portions are configured to access a data resource, and
wherein at least one of the first and second executable portions is configured to write to the data resource;
an instrumentation manager configured to instrument the computer software application by inserting at least one instrumentation instruction into at least one of the first and second executable portions, wherein the instrumentation instruction is configured to cause execution of the portion being instrumented to be extended by a randomly-determined amount of time; and
a software tester configured to test the computer software application in each of a plurality of iterations,
wherein the computer software application is executed in multiple parallel execution threads,
wherein the first and second executable portions are independently executed at least partially in parallel in different ones of the threads, and
wherein the computer software application is differently instrumented in each of the iterations.
9. The system according to claim 8 wherein at least one of the first and second executable portions is configured to read the data resource.
10. The system according to claim 8 wherein the instrumentation instruction causes an operation to be performed for the duration of the randomly-determined amount of time.
11. The system according to claim 8 wherein the instrumentation manager is configured to insert the instrumentation instruction proximate to a location where the data resource is accessed.
12. The system according to claim 8 wherein the software tester is configured to identify a race condition vulnerability associated with the computer software application if different values of the data resource are detected after different ones of the iterations.
13. The system according to claim 8 wherein the software tester is configured to identify a race condition vulnerability associated with the computer software application if
during one of the iterations the first executable portion writes to the data resource before the second executable portion accesses the data resource, and
during a different one of the iterations the second executable portion accesses the data resource before the first executable portion writes to the data resource.
14. The system according to claim 8 wherein the static analyzer, instrumentation manager, and software tester are implemented in either of
computer hardware, and
computer software embodied in a non-transitory, computer-readable storage medium.
15. A computer program product for testing computer software applications, the computer program product comprising:
a non-transitory, computer-readable storage medium; and
computer-readable program code embodied in the computer-readable storage medium, wherein when executed by a computer, the computer-readable program code is configured to
identify a first executable portion of a computer software application and a second executable portion of the computer software application,
wherein the first and second executable portions are configured to access a data resource, and
wherein at least one of the first and second executable portions is configured to write to the data resource,
instrument the computer software application by inserting at least one instrumentation instruction into at least one of the first and second executable portions, wherein the instrumentation instruction is configured to cause execution of the portion being instrumented to be extended by a randomly-determined amount of time, and
test the computer software application in each of a plurality of iterations,
wherein the computer software application is executed in multiple parallel execution threads,
wherein the first and second executable portions are independently executed at least partially in parallel in different ones of the threads, and
wherein the computer software application is differently instrumented in each of the iterations.
16. The computer program product according to claim 15 wherein at least one of the first and second executable portions is configured to read the data resource.
17. The computer program product according to claim 15 wherein the instrumentation instruction causes an operation to be performed for the duration of the randomly-determined amount of time.
18. The computer program product according to claim 15 wherein the computer-readable program code is configured to insert the instrumentation instruction proximate to a location where the data resource is accessed.
19. The computer program product according to claim 15 wherein the computer-readable program code is configured to identify a race condition vulnerability associated with the computer software application if different values of the data resource are detected after different ones of the iterations.
20. The computer program product according to claim 15 wherein the computer-readable program code is configured to identify a race condition vulnerability associated with the computer software application if
during one of the iterations the first executable portion writes to the data resource before the second executable portion accesses the data resource, and
during a different one of the iterations the second executable portion accesses the data resource before the first executable portion writes to the data resource.
Priority Applications (4)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
US14/040,884 US20150095894A1 (en) | 2013-09-30 | 2013-09-30 | Detecting race condition vulnerabilities in computer software applications |
US15/073,810 US9529695B2 (en) | 2013-09-30 | 2016-03-18 | Detecting race condition vulnerabilities in computer software applications |
US15/288,193 US9916222B2 (en) | 2013-09-30 | 2016-10-07 | Detecting race condition vulnerabilities in computer software applications |
US15/797,128 US10061682B2 (en) | 2013-09-30 | 2017-10-30 | Detecting race condition vulnerabilities in computer software applications |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
US14/040,884 US20150095894A1 (en) | 2013-09-30 | 2013-09-30 | Detecting race condition vulnerabilities in computer software applications |
Related Child Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
US15/073,810 Continuation US9529695B2 (en) | 2013-09-30 | 2016-03-18 | Detecting race condition vulnerabilities in computer software applications |
Publications (1)
Publication Number | Publication Date |
---|---|
US20150095894A1 true US20150095894A1 (en) | 2015-04-02 |
Family
ID=52741485
Family Applications (4)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
US14/040,884 Abandoned US20150095894A1 (en) | 2013-09-30 | 2013-09-30 | Detecting race condition vulnerabilities in computer software applications |
US15/073,810 Expired - Fee Related US9529695B2 (en) | 2013-09-30 | 2016-03-18 | Detecting race condition vulnerabilities in computer software applications |
US15/288,193 Expired - Fee Related US9916222B2 (en) | 2013-09-30 | 2016-10-07 | Detecting race condition vulnerabilities in computer software applications |
US15/797,128 Expired - Fee Related US10061682B2 (en) | 2013-09-30 | 2017-10-30 | Detecting race condition vulnerabilities in computer software applications |
Family Applications After (3)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
US15/073,810 Expired - Fee Related US9529695B2 (en) | 2013-09-30 | 2016-03-18 | Detecting race condition vulnerabilities in computer software applications |
US15/288,193 Expired - Fee Related US9916222B2 (en) | 2013-09-30 | 2016-10-07 | Detecting race condition vulnerabilities in computer software applications |
US15/797,128 Expired - Fee Related US10061682B2 (en) | 2013-09-30 | 2017-10-30 | Detecting race condition vulnerabilities in computer software applications |
Country Status (1)
Country | Link |
---|---|
US (4) | US20150095894A1 (en) |
Cited By (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20160188444A1 (en) * | 2013-09-30 | 2016-06-30 | International Business Machines Corporation | Detecting race condition vulnerabilities in computer software applications |
US20180046810A1 (en) * | 2016-08-11 | 2018-02-15 | International Business Machines Corporation | Application integrity verification in multi-tier architectures |
EP3462319A1 (en) * | 2017-09-29 | 2019-04-03 | Siemens Aktiengesellschaft | Method, device and test program for recognizing a weak point in an original program |
CN112035839A (en) * | 2020-08-12 | 2020-12-04 | 绿盟科技集团股份有限公司 | Detection method and device for race condition vulnerability exploitation |
US11163675B1 (en) * | 2021-04-07 | 2021-11-02 | State Farm Mutual Automobile Insurance Company | Mutation testing in parallel threads |
US11237952B1 (en) | 2021-04-07 | 2022-02-01 | State Farm Mutual Automobile Insurance Company | Runtime class recompilation during mutation testing |
Families Citing this family (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US10533338B2 (en) * | 2017-05-11 | 2020-01-14 | Katerra, Inc. | Connector for use in inter-panel connection between shear wall elements |
US10733083B2 (en) | 2017-10-18 | 2020-08-04 | Salesforce.Com, Inc. | Concurrency testing |
Citations (14)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20040123185A1 (en) * | 2002-12-20 | 2004-06-24 | Microsoft Corporation | Tools and methods for discovering race condition errors |
US20080262841A1 (en) * | 2006-10-13 | 2008-10-23 | International Business Machines Corporation | Apparatus and method for rendering contents, containing sound data, moving image data and static image data, harmless |
US20090199162A1 (en) * | 2002-06-25 | 2009-08-06 | International Business Machines Corporation | Method and apparatus for efficient and precise datarace detection for multithreaded object-oriented programs |
US20090249489A1 (en) * | 2008-03-31 | 2009-10-01 | Microsoft Corporation | Security by construction for web applications |
US7673181B1 (en) * | 2006-06-07 | 2010-03-02 | Replay Solutions, Inc. | Detecting race conditions in computer programs |
US7685572B1 (en) * | 2005-08-19 | 2010-03-23 | Sun Microsystems, Inc. | Method of static analysis for race condition detection |
US20100083240A1 (en) * | 2006-10-19 | 2010-04-01 | Checkmarx Ltd | Locating security vulnerabilities in source code |
US7805415B1 (en) * | 2003-06-10 | 2010-09-28 | Lockheed Martin Corporation | Systems and methods for sharing data between entities |
US7958497B1 (en) * | 2006-06-07 | 2011-06-07 | Replay Solutions, Inc. | State synchronization in recording and replaying computer programs |
US20120117644A1 (en) * | 2010-11-04 | 2012-05-10 | Ridgeway Internet Security, Llc | System and Method for Internet Security |
US8185875B2 (en) * | 2007-01-24 | 2012-05-22 | Nec Laboratories America, Inc. | Fast and accurate static data-race detection for concurrent programs |
US20120167209A1 (en) * | 2010-12-28 | 2012-06-28 | Microsoft Corporation | Automatic context-sensitive sanitization |
US8510604B2 (en) * | 2011-03-02 | 2013-08-13 | Microsoft Corporation | Static data race detection and analysis |
US8813079B1 (en) * | 2006-06-07 | 2014-08-19 | Ca, Inc. | Thread management to prevent race conditions in computer programs |
Family Cites Families (9)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US7418734B2 (en) | 2003-04-18 | 2008-08-26 | Ounce Labs, Inc. | Method and system for detecting privilege escalation vulnerabilities in source code |
US7617489B2 (en) | 2006-09-15 | 2009-11-10 | Ounce Labs, Inc. | Method and system for detecting interprocedural vulnerability by analysis of source code |
US20080209436A1 (en) * | 2006-10-25 | 2008-08-28 | Gul Agha | Automated testing of programs using race-detection and flipping |
WO2012038780A1 (en) | 2010-09-23 | 2012-03-29 | Freescale Semiconductor, Inc. | Method and device for detecting a race condition |
US8813038B2 (en) | 2011-02-09 | 2014-08-19 | Microsoft Corporation | Data race detection |
US9135082B1 (en) | 2011-05-20 | 2015-09-15 | Google Inc. | Techniques and systems for data race detection |
US20150095894A1 (en) * | 2013-09-30 | 2015-04-02 | International Business Machines Corporation | Detecting race condition vulnerabilities in computer software applications |
US10241901B2 (en) * | 2014-10-06 | 2019-03-26 | Oracle International Corporation | Web application performance testing |
US9430357B1 (en) * | 2015-02-10 | 2016-08-30 | International Business Machines Corporation | Detecting uninitialized memory references |
-
2013
- 2013-09-30 US US14/040,884 patent/US20150095894A1/en not_active Abandoned
-
2016
- 2016-03-18 US US15/073,810 patent/US9529695B2/en not_active Expired - Fee Related
- 2016-10-07 US US15/288,193 patent/US9916222B2/en not_active Expired - Fee Related
-
2017
- 2017-10-30 US US15/797,128 patent/US10061682B2/en not_active Expired - Fee Related
Patent Citations (14)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20090199162A1 (en) * | 2002-06-25 | 2009-08-06 | International Business Machines Corporation | Method and apparatus for efficient and precise datarace detection for multithreaded object-oriented programs |
US20040123185A1 (en) * | 2002-12-20 | 2004-06-24 | Microsoft Corporation | Tools and methods for discovering race condition errors |
US7805415B1 (en) * | 2003-06-10 | 2010-09-28 | Lockheed Martin Corporation | Systems and methods for sharing data between entities |
US7685572B1 (en) * | 2005-08-19 | 2010-03-23 | Sun Microsystems, Inc. | Method of static analysis for race condition detection |
US7673181B1 (en) * | 2006-06-07 | 2010-03-02 | Replay Solutions, Inc. | Detecting race conditions in computer programs |
US7958497B1 (en) * | 2006-06-07 | 2011-06-07 | Replay Solutions, Inc. | State synchronization in recording and replaying computer programs |
US8813079B1 (en) * | 2006-06-07 | 2014-08-19 | Ca, Inc. | Thread management to prevent race conditions in computer programs |
US20080262841A1 (en) * | 2006-10-13 | 2008-10-23 | International Business Machines Corporation | Apparatus and method for rendering contents, containing sound data, moving image data and static image data, harmless |
US20100083240A1 (en) * | 2006-10-19 | 2010-04-01 | Checkmarx Ltd | Locating security vulnerabilities in source code |
US8185875B2 (en) * | 2007-01-24 | 2012-05-22 | Nec Laboratories America, Inc. | Fast and accurate static data-race detection for concurrent programs |
US20090249489A1 (en) * | 2008-03-31 | 2009-10-01 | Microsoft Corporation | Security by construction for web applications |
US20120117644A1 (en) * | 2010-11-04 | 2012-05-10 | Ridgeway Internet Security, Llc | System and Method for Internet Security |
US20120167209A1 (en) * | 2010-12-28 | 2012-06-28 | Microsoft Corporation | Automatic context-sensitive sanitization |
US8510604B2 (en) * | 2011-03-02 | 2013-08-13 | Microsoft Corporation | Static data race detection and analysis |
Non-Patent Citations (5)
Title |
---|
Edelstein et al.; "Framework for testing multi-threaded Java programs"; Concurrency and Computation; Wiley; Feb 2003; 14 pages, 485-499 * |
Edelstein, "Framework for testing multi-threaded Java programs", 2003, Concurrency Computation, Pages 485-499 * |
Eytani, Yaniv, et al.; "Heuristics for Finding Concurrent Bugs"; International Parallel and Distributed Processing Symposium (IPDPS'03), IEEE Computer Society; 2003; 9 pages. * |
Prvulovic, Milos, et al.; "ReEnact: Using Thread-Level Speculation Mechanisms to Debug Races in Multithreaded Codes"; Proceedings of the 30th Annual International Symposium on Computer Architecture (ISCA-30), Jun. 2003; 12 pages * |
Savage S. Eraser: A dynamic race detector for multithreaded programs. ACM Transactions on Computer Systems 1997; 15(4): 20 Pages * |
Cited By (13)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20160188444A1 (en) * | 2013-09-30 | 2016-06-30 | International Business Machines Corporation | Detecting race condition vulnerabilities in computer software applications |
US9529695B2 (en) * | 2013-09-30 | 2016-12-27 | International Business Machines Corporation | Detecting race condition vulnerabilities in computer software applications |
US20180046810A1 (en) * | 2016-08-11 | 2018-02-15 | International Business Machines Corporation | Application integrity verification in multi-tier architectures |
US10073975B2 (en) * | 2016-08-11 | 2018-09-11 | International Business Machines Corporation | Application integrity verification in multi-tier architectures |
CN111108483A (en) * | 2017-09-29 | 2020-05-05 | 西门子股份公司 | Method, device and test program for identifying vulnerabilities in an original program |
WO2019063801A1 (en) * | 2017-09-29 | 2019-04-04 | Siemens Aktiengesellschaft | Method, device and test program for recognizing a weak point in an original program |
EP3462319A1 (en) * | 2017-09-29 | 2019-04-03 | Siemens Aktiengesellschaft | Method, device and test program for recognizing a weak point in an original program |
US11422928B2 (en) | 2017-09-29 | 2022-08-23 | Siemens Aktiengesellschaft | Method, device and test program for recognizing a weak point in an original program |
CN112035839A (en) * | 2020-08-12 | 2020-12-04 | 绿盟科技集团股份有限公司 | Detection method and device for race condition vulnerability exploitation |
US11163675B1 (en) * | 2021-04-07 | 2021-11-02 | State Farm Mutual Automobile Insurance Company | Mutation testing in parallel threads |
US11237952B1 (en) | 2021-04-07 | 2022-02-01 | State Farm Mutual Automobile Insurance Company | Runtime class recompilation during mutation testing |
US11720483B2 (en) | 2021-04-07 | 2023-08-08 | State Farm Mutual Automobile Insurance Company | Runtime class recompilation during mutation testing |
US11797429B2 (en) | 2021-04-07 | 2023-10-24 | State Farm Mutual Automobile Insurance Company | Mutation testing in parallel threads |
Also Published As
Publication number | Publication date |
---|---|
US9916222B2 (en) | 2018-03-13 |
US20170017563A1 (en) | 2017-01-19 |
US10061682B2 (en) | 2018-08-28 |
US9529695B2 (en) | 2016-12-27 |
US20180046566A1 (en) | 2018-02-15 |
US20160188444A1 (en) | 2016-06-30 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US10061682B2 (en) | Detecting race condition vulnerabilities in computer software applications | |
US9838412B2 (en) | Computer software application self-testing | |
US8910291B2 (en) | Black-box testing of web applications with client-side code evaluation | |
US8510842B2 (en) | Pinpointing security vulnerabilities in computer software applications | |
US9678859B2 (en) | Detecting error states when interacting with web applications | |
US9201769B2 (en) | Progressive black-box testing of computer software applications | |
US9135153B2 (en) | Optimizing test data payload selection for testing computer software applications via computer networks | |
US20130179979A1 (en) | Detecting security vulnerabilities in web applications | |
US9785778B2 (en) | Directed execution of dynamic programs in isolated environments | |
US20120311714A1 (en) | Testing web applications for file upload vulnerabilities | |
US9904787B2 (en) | Identifying stored security vulnerabilities in computer software applications | |
US9262309B2 (en) | Optimizing test data payload selection for testing computer software applications that employ data sanitizers and data validators | |
US20150095305A1 (en) | Detecting multistep operations when interacting with web applications | |
US20120054724A1 (en) | Incremental static analysis | |
US20160149947A1 (en) | Persistent cross-site scripting vulnerability detection | |
US9830253B2 (en) | Eliminating redundant interactions when testing computer software applications | |
US20160179793A1 (en) | Crawling computer-based objects |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
AS | Assignment |
Owner name: INTERNATIONAL BUSINESS MACHINES CORPORATION, NEW Y Free format text: ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNOR:TRIPP, OMER;REEL/FRAME:031306/0790 Effective date: 20130918 |
|
STCB | Information on status: application discontinuation |
Free format text: ABANDONED -- FAILURE TO RESPOND TO AN OFFICE ACTION |