公开(公告)号：US09171150B2

公开(公告)日：2015-10-27

申请号：US14067131

申请日：2013-10-30

Applicant: salesforce.com, inc.

Inventor： Yoel Gluck ,  Xiaoran Wang

IPC: G06F11/00 ,  G06F21/54 ,  H04L29/06

CPC classification number: G06F21/54 ,  G06F2221/2101 ,  H04L63/1433

Abstract: Systems and methods are provided for dynamic analysis tracking objects for application dataflow. A system receives a data object from a data source, creates a source tracking object for the data object, and records information associated with the data source into the source tracking object. The system creates a copy of the data object for a tracking event in the application program, creates a flow tracking object for the tracking event, and records information associated with the tracking event into the flow tracking object as the tracking event processes the copy of the data object. The system outputs the copy of the data object to a data sink, creates a sink tracking object for the data sink, and records information associated with the data sink into the sink tracking object. The system outputs the source tracking object, the flow tracking object, and the sink tracking object as dynamic analysis of dataflow in the application program.

Abstract translation: 为应用数据流的动态分析跟踪对象提供了系统和方法。 系统从数据源接收数据对象，为数据对象创建源跟踪对象，并将与数据源相关联的信息记录到源跟踪对象中。 该系统为应用程序中的跟踪事件创建数据对象的副本，为跟踪事件创建一个流程跟踪对象，并将跟踪事件相关联的信息记录到流程跟踪对象中，因为跟踪事件处理 数据对象。 系统将数据对象的副本输出到数据接收器，为数据接收器创建接收器跟踪对象，并将与数据接收器相关联的信息记录到接收器跟踪对象中。 系统输出源跟踪对象，流跟踪对象和宿跟踪对象作为应用程序中数据流的动态分析。

公开(公告)号：US09170908B2

公开(公告)日：2015-10-27

申请号：US14067294

申请日：2013-10-30

Applicant: salesforce.com, inc.

Inventor： Yoel Gluck ,  Xiaoran Wang

IPC: G06F11/36 ,  G06F11/30 ,  G06F21/00

CPC classification number: G06F11/30 ,  G06F11/3636 ,  G06F11/3644 ,  G06F21/00 ,  G06F21/54 ,  G06F2221/2123

Abstract: Bytecode is injected to create a source tracking object for a data object received from a data source and to record information associated with the data source into the source tracking object. Bytecode is injected to create a copy of the data object for a tracking event in an application program, to create a flow tracking object for the tracking event, and to record information associated with the tracking event into the flow tracking object as the tracking event processes the copy of the data object. Bytecode is injected to create a sink tracking object for outputting the copy of the data object to a data sink and to record information associated with the data sink into the sink tracking object. Bytecode is injected to output the source tracking object, the flow tracking object, and the sink tracking object as dynamic analysis of dataflow in the application program.

Abstract translation: 注入字节码以为从数据源接收的数据对象创建源跟踪对象，并将与数据源相关联的信息记录到源跟踪对象中。 注入字节代码以在应用程序中创建用于跟踪事件的数据对象的副本，以创建用于跟踪事件的流跟踪对象，并且在跟踪事件处理时将与跟踪事件相关联的信息记录到流跟踪对象中 数据对象的副本。 注入字节代码以创建用于将数据对象的副本输出到数据宿的接收器跟踪对象，并且将与数据宿相关联的信息记录到宿跟踪对象中。 注入字节代码输出源跟踪对象，流跟踪对象和宿跟踪对象，作为应用程序中数据流的动态分析。