基于Clang编译前端的Android源代码静态分析技术

Android手机在全球占有很大的市场份额，基于Android衍生的第三方系统也为数不少.针对Android系统重大安全问题频发的现状，提出一种使用Clang编译前端对Android源码进行静态分析的方法.该方法从已公布的CVE漏洞中提取规则和模型，通过改进的Clang编译前端，对Android源码进行静态分析，从而检测出有潜在安全风险的代码片段.在对Android源码进行污点分析时，调用新加入的stp约束求解器，通过符号执行，对敏感数据进行污点标记，并对敏感函数、敏感操作、敏感规则进行污点分析，如果存在潜在的安全隐患，则进行报告.经过实验分析，该方法可以找出Android源代码中存在的同类型有安全风险的代码片段，可以检出libstagefright模块5个高危CVE漏洞.

Android Source Code Static Analysis Technology Based on Clang Compiler Front-Ends

Android phones have a large market share in the world, and the third-party system based on Android-derived is also very popular. As the security issues appear in Android systems frequently, this paper uses Clang to compile Android source code for static analysis. This analysis extracts rules and models from published CVE vulnerabilities, and uses the improved Clang to statically analyze Android source code to detect potentially unsafe code snippets. During the analysis of the Android source code, the Clang static analyzer taints attack surface, and calls the new added STP constrained solver. Then it taints sensitive data through the symbolic execution, and makes taint analysis on the sensitive functions, sensitive operations, sensitive rules, finally reports unsafe code snippets if there are potential security risks. Through experimental analysis, this method can accurately identify unsafe source code snippets that exist in the Android source code with the same type of security risk, and this method can detect five high-risk CVE vulnerabilities in the libstagefright module.