|
|
中国科学院研究生院学报 2009
Lexical analysis in source code analysis
|
Abstract:
Source code analysis means detecting and correcting the security vulnerabilities of these software in time during the coding stage, and lexical analysis is one of the important techniques in it. In this paper, we manage to detailedly analyze the implement process of lexical analysis, improve dangerous function database, optimize the method of features analysis,and particularly introduce Bayesian theory to the lexical analysis. In addition, a lexical analysis tool SSCAN is designed and implemented successfully, which is proved to have higher integrity and accuracy than mainstream open-source lexical analysis software Flawfinder and Rats by several tests.
