Patent attributes
A data-control-oriented program static analysis method includes: compiling and interpreting a code of a smart contract to generate a bytecode of the code of the smart contract; resolving a control-flow relation between instructions of the bytecode, and building and printing a control-flow graph according to the control-flow relation; adding a taint source in the smart contract to an analysis result of a starting block of the control-flow graph, traversing the control-flow graph, performing a data dependence analysis based on a taint analysis technique, continuously updating an analysis result of a basic block in the control-flow graph; predefining an expression form of an analysis result and a basic operation related to the analysis result for the static analysis, controlling an updating of the analysis result according to a definition, and returning a final analysis result; and according to the final analysis result, generating and returning an analysis report.
