Research On Vulnerability Detection In Java Proyram Static Analysis

With the rapid development of big data,cloud computing,mobile payment,the internet technology is changing people's work and life in a subversive way.However,when the internet brings convenience to us,it also brings large-scale internet security incidents.There are many reasons for internet security vulnerabilities,of which the software's code errors and design flaws are the main reason.Program code's structure is more and more complicated which leads to the programmers difficultly to avoid the coding defects in the development process.But the commercial static analysis software is more versatile and does not accurately detect problems especially when it comes to enterprise-specific code there will often be fales positives and false negatives.Therefore,it is very important to establish the analysis model for different source code for code detection.This paper focuses on the vulnerability detection in java program static analysis.Taking the Struts2 framework as an example of java language,We study the Struts2's OGNL remote command execution vulnerability and base on the vulnerability features and the principle of stain analysis established the static analysis model.The main work includes:(1)In the source point of view,analyze why there are S2-045 and S2-046.Both of them are the same reason,which is about uploading files to trigger the vulnerability.The S2-045 does not do correct verification so that the hacker can modify the HTTP parameter which lead to the OGNL expression execution.Different from S2-045,S2-046 is to add malicious code in the Content-Disposition.(2)After doing a specific research on the principle of vulnerability,summarize the features of the defect function in the Struts2 framework and find the danger function in the source of Struts2.And there are two features of Struts2' danger function,one is the function which is parameter coming from external.Another is that Struts2 will take the parameter as an OGNL expression to parse.(3)Based on the theory of stain analysis,a static analysis model for OGNL remote command execution vulnerability in Struts2 source code is established by using coverity and its primitives.And through scanning and analyzing the code we verify the correctness of the model.We also do a summary about the problem of OGNL expression injection in Struts2 framework which will provides references for future to research on the similar problem.