摘要
SQL注入漏洞给Web程序的数据库系统带来巨大的风险,一旦此漏洞遭受攻击,其带来的损失不可估量。对此,提出一种基于污点分析的SQL注入漏洞的检测方法。该方法以三地址码为中间表示,根据SQL注入漏洞特征,设计了用于前向分析的污点数据流值和污点传播规则;在程序控制流图上进行数据流算法的迭代分析;在计算过程中同步进行安全性检查,进而得到所有包含污点数据的Sink点;通过遍历包含污点数据的Sink点集合,报出SQL注入漏洞位置。最后通过对比实验验证了该方法的有效性。
SQL injection vulnerability brings huge potential risks to the database system of Web program.The loss can be immeasurable once this vulnerability is attacked.Therefore,a detection approach of SQL injection vulnerability based on stain analysis is proposed.The approach takes the three-address code as the intermediate representation,and according to the characteristics of SQL injection vulnerability,the approach designs the taint data flow value and taint propagation rules for forward analysis,and then the data flow algorithm is analyzed iteratively on the control flow graph of program.Meanwhile,the security check is performed simultaneously during the calculation process,so as to obtain all sink points containing tainted data.Finally,the location of SQL injection vulnerability is reported by traversing the sink point set,and the effectiveness of the approach is verified by comparative experiments.
作者
王国峰
唐云善
徐立飞
WANG Guo-feng;TANG Yun-shan;XU Li-fei(State Grid Electric Power Research Institute(NARI Group Co.,Ltd.),Nanjing 210003,China;Nanjing NARI Information&Communication Technology Co.,Ltd.,Nanjing 210003,China)
出处
《信息技术》
2024年第2期185-190,共6页
Information Technology
关键词
SQL注入
静态漏洞检测
数据流分析
污点分析
SQL injection
static vulnerability detection
dataflow analysis
taint analysis
