1. Field
The invention relates to computer software testing in general, and more particularly to static analysis of computer software applications.
2. Description of the Related Art
Code injection refers to the exploitation of a computer software application by an attacker whereby code is introduced into the application to change the course of execution, typically in a manner that compromises the application's data security. While static analysis techniques have been developed for identifying vulnerabilities in computer software applications to attacks of this type, more sensitive techniques are required to reduce or eliminate false positive and false negative results produced during static analysis.