SYSTEM AND METHOD OF DETECTING VULNERABILITIES USING INTERCEPTION OF FUNCTION CALLS Russian patent published in 2019 - IPC G06F21/54 G06F21/57 

FIELD: physics.

SUBSTANCE: invention relates to computer engineering. Disclosed is a system for detecting vulnerabilities of an application by intercepting function calls by changing an application code which contains: modification means for: detecting, in an analyzed application code, at least one function according to at least one function modification rule, wherein the rule comprises at least a function prototype and an agreement to call said function; adding an executable code when executing an application into application memory, which performs interception of a function call and takes control over itself, and upon completion of execution, returns control to a function; execution means for: executing an application after adding the executable code to the modification means; collecting data using the added executable code; transmitting said data to an analysis means; analysis means for: analyzing data received from the execution means using at least one safe execution requirement, wherein the requirement comprises at least a range of allowable argument values for functions for which an executable code has been added by the modification means to intercept their call; detecting at least one vulnerability in the application in case of discrepancy of data received from the means of execution, range of allowable values of at least one requirement.

EFFECT: technical result consists in detection of vulnerabilities in applications using interception of function calls.

14 cl, 3 dwg