Source code-based static analysis technology is one of an important means to detect software vulnerabilities.To cope with the problem of unsafe creation of temporary file on Linux platform leading to vulnerabilities in symbol link,a vulnerability detection method based on tainting analysis is proposed.The method recognises the trigger variable of bugs from source code by checking characteristic function of the file open or creation which lead to vulnerabilities,and uses backward tainting analysis method to analyse the variable transition path,and judge whether it comes from the taint data source,so as to find the symbol link vulnerability possibly existing.With this method 2 vulnerabilities have been found in the source code of XEN 3.03,including an unknown vulnerability.The results of experiment show that the method is an effective vulnerability analysis method.
