摘要： 针对数组访问越界这一类安全漏洞，以源程序的抽象语法树作为分析对象,提出了一种新的静态解决方案。该方案通过分析数组访问越界安全漏洞的表现，抽象出安全模式，然后根据安全模式以及遍历ast 过程中记录的节点属性构建安全规则，最后在安全规则的指导下实现对安全漏洞的检测。

关键词: 数组访问越界；抽象语法树(AST)；安全漏洞；安全模式；安全规则

Abstract: A new static solving method to array access violation is presented according to the abstract syntax tree of the program. The safety pattern is obtained by the analysis of the safety vulnerability of the array access violation. Then the safety rules are constructed according to the safety pattern and the attributes of the nodes computed during the traveling of the ast. Finally the check of the safety vulnerability is realized based on the safety rules.

Key words: Array access violation; Abstract syntax tree; Safety vulnerability; Safety pattern; Safety rule