Localising unsafe software resource usage with typed code model

Abstract

The article presents a method for quality assurance on resource leakage by defect search automation using developed model of program code. Resources requested by the program are identified and assigned extended types storing state markers. Detection occurs by assignment of this markers to elements of code model according to resource management functions, evidencing resource availability. Further analysis is taken place by propagation of the markers according to the rules of a model. Rules are structured a in way that prevents unsafe use of resource handles. Inability to apply specific rule at analysis stage signifies that resource is used in unsafe way, creating potential security flaw in a program.