DOI: 10.17587/prin.10.14-19

Approach to Development of the Analyzer of Source Texts of Programs on the Basis of LLVM

P. V. Zakalkin, ansmed82@mail.ru, P. V. Melnikov, ansmed82@mail.ru, M. N. Gorunov, brviktorov@mail.ru, R. V. Borzov, brviktorov@mail.ru, Academy of the Federal Guard Service of the Russian Federation, Orel, 302034, Russian Federation

Corresponding author: Zakalkin Pavel V., Employer, Academy of the Federal Guard Service of the Russian Federation, Orel, 302034, Russian Federation, E-mail: ansmed82@mail.ru

Despite the variety of decisions in the field of source code analysis, separate means do not allow to fully meet requirements to structure and content of checks of case studies. This circumstance forces experts of testing laboratories to use a set of various tools for the analysis and to be engaged in development of own automation equipment of technological process. The important part at the same time is assigned to the means of search of defects (shortcomings) and vulnerabilities of a program code bearing a threat to security of the processed information assets. In this work an approach to development of the analyzer of source texts of programs using the LLVM/Clang tools by means of Python binding is described. The proposed solution provides correct analysis of source text files on separate components (taking their structure and interrelations into account), allows one to avoid errors of sensors inserting and provides an effective implementation of algorithms for vulnerabilities search from the list of actual CWEs.

Keywords: source texts of programs, defects of a code, static analysis, dynamic analysis, symbolical execution of a code, LLVM, Clang, Python binding, search of vulnerabilities, undeclared opportunities, the analyzer of source texts

pp. 14–19

For citation:
Zakalkin P. V., Mel'nikov P. V., Gorunov M. N., Borzov R. V. Approach to Development of the Analyzer of Source Texts of Programs on the Basis of LLVM, Programmnaya Ingeneria, 2019, vol. 10, no. 1, pp. 14—19.