计算机与现代化 ›› 2013, Vol. 1 ›› Issue (5): 95-98,1.doi: 10.3969/j.issn.1006-2475.2013.05.022
• 信息安全 • 上一篇 下一篇
王雅丽,李建良
收稿日期:
修回日期:
出版日期:
发布日期:
WANG Ya-li, LI Jian-liang
Received:
Revised:
Online:
Published:
摘要: C/C++语言在追求高效、灵活的同时也带来了诸如内存泄漏、指针非法使用等安全漏洞,极大地威胁着系统的安全。通过对计算机漏洞的分类研究,有助于增强人们对漏洞本质的理解以及针对性地检测、消除漏洞。本文在分析大量安全漏洞的基础上,对C/C++中的安全漏洞进行分类,为安全规则检查器的构造提供依据,为软件的安全开发提供指导。
关键词: 安全漏洞, 分类研究, 数组越界, 内存泄露
Abstract: C/C++ language aims to provide high efficiency and flexibility, however, it also brings some safe holes such as memory leak, invalid pointer reference and so on at the same time, which becomes a great threaten to the security of the system. The taxonomy of computer vulnerabilities can result in an increased understanding of the nature of software vulnerabilities, which contributes to detecting and eliminating them respectively. Based on the analysis of large numbers of security vulnerabilities, this paper gives a method about how to classify the security vulnerability in the C/C++ language, which provides the basis for the construction of safe rules checker and the guidance for the development of software security.
Key words: safe hole, classification research, array overflow, memory leak
中图分类号:
TP393.08
王雅丽;李建良. 安全视觉下C/C++程序漏洞的分类研究[J]. 计算机与现代化, 2013, 1(5): 95-98,1.
WANG Ya-li;LI Jian-liang. Classification Research on Vulnerablilities of C/C++ Programs in Visual of Safety[J]. Computer and Modernization, 2013, 1(5): 95-98,1.
0 / / 推荐
导出引用管理器 EndNote|Ris|BibTeX
链接本文: http://www.c-a-m.org.cn/CN/10.3969/j.issn.1006-2475.2013.05.022
http://www.c-a-m.org.cn/CN/Y2013/V1/I5/95
