The patent badge is an abbreviated version of the USPTO patent document. The patent badge does contain a link to the full patent document.
The patent badge is an abbreviated version of the USPTO patent document. The patent badge covers the following: Patent number, Date patent was issued, Date patent was filed, Title of the patent, Applicant, Inventor, Assignee, Attorney firm, Primary examiner, Assistant examiner, CPCs, and Abstract. The patent badge does contain a link to the full patent document (in Adobe Acrobat format, aka pdf). To download or print any patent click here.
Patent No.:
Date of Patent:
Sep. 30, 2014
Filed:
Feb. 23, 2011
Stephen Fink, Yorktown Heights, NY (US);
Yinnon A. Haviv, Beerotaim, IL;
Marco Pistoia, Amawalk, NY (US);
Omer Tripp, Har-Adar, IL;
Omri Weisman, Tel Aviv, IL;
Stephen Fink, Yorktown Heights, NY (US);
Yinnon A. Haviv, Beerotaim, IL;
Marco Pistoia, Amawalk, NY (US);
Omer Tripp, Har-Adar, IL;
Omri Weisman, Tel Aviv, IL;
International Business Machines Corporation, Armonk, NY (US);
Abstract
A method is disclosed that includes, using a static analysis, analyzing a software program to determine a number of paths from sources accepting information to sinks using that information or a modified version of that information and to determine multiple paths from the number of paths. The determined multiple paths have a same transition from an application portion of the software program to a library portion of the software program and require a same downgrading action to address a vulnerability associated with source-sink pairs in the multiple paths. The analyzing includes determining the multiple paths using a path-sensitive analysis. The method includes, for the determined multiple paths, grouping the determined multiple paths into a single representative indication of the determined multiple paths. The method includes outputting the single representative indication. Computer program products and apparatus are also disclosed.