Abstract
Static analysis can be classified into intra-procedural analysis and inter-procedural analysis-by-analysis objects. Inter-procedural analysis need to analyze the whole program adopting bottom-up parsing algorithms. Inter-procedural analysis can be converted to intra-procedural analysis by logging the context of follower’s function call in bottom-up analysis. However, the existence of recursive function calls in program increases the difficulty of inter-procedural analysis, which affects the detection accuracy of static analysis to some extent. An optimal method for analyzing the recursive function calls of program is presented in this paper. This method can lift the recursive function calls in function call graph of the program to be analyzed on the premise that vital function calls will be preserved. In this way, the false negative rate and false positive rate of program static analysis can be reduced and the accuracy of program security check can be improved.
Similar content being viewed by others
References
Baca, D., Carlsson, B., Petersen, K., et al., Improving software security with static automated code analysis in an industry setting, Software Pract. Exper., 2013, vol. 43, no. 3, pp. 259–279.
Aman, W., A framework for analysis and comparison of dynamic malware analysis tools, Eprint Arxiv, 2014, vol. 6, no. 5.
Goubault, E. and Putot, S.S., Static analysis of finite precision computations, in Verification, Model Checking, and Abstract Interpretation, Berlin–Heidelberg: Springer, 2011, pp. 232–247.
Cadar, C. and Sen, K., Symbolic execution for software testing: Three decades later, Commun. ACM, 2013, vol. 56, no. 1, pp. 82–90.
Zhao, Y., Wang, Y., Gong, Y., et al., STVL: Improve the precision of static defect detection with symbolic threevalued logic, Proc. 20th Asia-Pacific Software Engineering Conference (APSEC), Bangkok, 2013, pp. 179–186.
Brumley, D., Static analysis, in Encyclopedia of Cryptography and Security, New York: Springer US, 2011.
Arusoaie, A., Lucanu, D., and Rusu, V., A generic framework for symbolic execution, in Lecture Notes in Computer Science, 2013, pp. 281–301.
Zhang, L.Y., Liu, J., and Chen, P., Static analysis of C/C++ program for safety, Syst. Eng. Electron., 2008, vol. 30, no. 6, pp. 1155–1158.
Wang, S.E. and Education, M.O., A new method for profiling inter-procedural paths with loops, Chin. J. Comput., 2013, vol. 36, no. 11, pp. 2224–2235.
Wang, Y.W., Yao, X.H., Gong, Y.Z., et al., A method of buffer overflow detection based on static code analysis, J. Comput. Res. Dev., 2012, vol. 49, no. 4, pp. 839–845.
Author information
Authors and Affiliations
Corresponding author
Additional information
The article is published in the original.
About this article
Cite this article
Shan, C., Yu, Z., Hu, C. et al. Optimization of program recursive function calls analysis method. Aut. Control Comp. Sci. 50, 253–259 (2016). https://doi.org/10.3103/S0146411616040064
Received:
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.3103/S0146411616040064