CN112416395A - Hot repair updating method and device - Google Patents
Hot repair updating method and device Download PDFInfo
- Publication number
- CN112416395A CN112416395A CN202011306549.5A CN202011306549A CN112416395A CN 112416395 A CN112416395 A CN 112416395A CN 202011306549 A CN202011306549 A CN 202011306549A CN 112416395 A CN112416395 A CN 112416395A
- Authority
- CN
- China
- Prior art keywords
- terminal
- target
- patch package
- vulnerability
- patch
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000000034 method Methods 0.000 title claims abstract description 137
- 230000008439 repair process Effects 0.000 title claims abstract description 72
- 238000012360 testing method Methods 0.000 claims description 11
- 238000004590 computer program Methods 0.000 claims description 9
- 238000005067 remediation Methods 0.000 claims description 3
- 238000010586 diagram Methods 0.000 description 15
- 230000008569 process Effects 0.000 description 13
- 230000006870 function Effects 0.000 description 10
- 238000004891 communication Methods 0.000 description 7
- 230000005540 biological transmission Effects 0.000 description 5
- 238000011161 development Methods 0.000 description 5
- 230000003287 optical effect Effects 0.000 description 4
- 238000012545 processing Methods 0.000 description 4
- 238000012795 verification Methods 0.000 description 4
- 230000008901 benefit Effects 0.000 description 3
- 230000003993 interaction Effects 0.000 description 3
- 230000004048 modification Effects 0.000 description 3
- 238000012986 modification Methods 0.000 description 3
- 230000007547 defect Effects 0.000 description 2
- 239000000835 fiber Substances 0.000 description 2
- 230000000644 propagated effect Effects 0.000 description 2
- 239000004065 semiconductor Substances 0.000 description 2
- 230000015556 catabolic process Effects 0.000 description 1
- 238000010276 construction Methods 0.000 description 1
- 230000001186 cumulative effect Effects 0.000 description 1
- 238000013461 design Methods 0.000 description 1
- 238000011981 development test Methods 0.000 description 1
- 230000000694 effects Effects 0.000 description 1
- 238000013467 fragmentation Methods 0.000 description 1
- 238000006062 fragmentation reaction Methods 0.000 description 1
- 230000006872 improvement Effects 0.000 description 1
- 238000009434 installation Methods 0.000 description 1
- 239000004973 liquid crystal related substance Substances 0.000 description 1
- 238000012423 maintenance Methods 0.000 description 1
- 230000007246 mechanism Effects 0.000 description 1
- 239000013307 optical fiber Substances 0.000 description 1
- 238000003672 processing method Methods 0.000 description 1
- 238000009877 rendering Methods 0.000 description 1
- 238000006467 substitution reaction Methods 0.000 description 1
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F8/00—Arrangements for software engineering
- G06F8/60—Software deployment
- G06F8/65—Updates
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F8/00—Arrangements for software engineering
- G06F8/70—Software maintenance or management
Landscapes
- Engineering & Computer Science (AREA)
- Software Systems (AREA)
- General Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Computer Security & Cryptography (AREA)
- Stored Programmes (AREA)
Abstract
The invention discloses a hot repair updating method and device, and relates to the technical field of computers. One embodiment of the method comprises: receiving terminal information uploaded by a terminal; matching a target vulnerability in a vulnerability database according to the terminal information so as to match a target patch package corresponding to the target vulnerability in a patch database; and encrypting the target patch package, and issuing the encrypted target patch package to the terminal so that the terminal loads the target patch package, thereby performing thermal repair. The implementation method can solve the technical problem that the APP developed purely and originally has hot repair limitation or the main program cannot be modified directly in a third-party Framework loading mode.
Description
Technical Field
The invention relates to the technical field of computers, in particular to a thermal restoration updating method and device.
Background
On a mobile platform, due to fragmentation of a terminal model and complex and diversified online environments, after an application program (APP) is released, defects that a development test environment cannot test coverage are always met, such as breakdown, data errors, link jump failure, transaction failure, logic errors and the like. The conventional processing method is generally as follows: problems are located first, then repaired, and new versions are released last. In this way, on one hand, frequent updating of the APP is caused, and user experience is not good; on the other hand, due to the APP on-shelf auditing mechanism, the release period is generally more than two days, and the time cost for repairing the problem is too high.
At present, if the APP is developed in an H5 Hybrid mode, the APP framework realizes the interaction logic between the H5 page and the native system through bridging Webview, and a developer can call the native interface only by developing a standard mobile phone HTML5 page code. The development mode can realize dynamic repair of errors by updating the front-end H5 page resource code. H5 resources are generally stored in a Web server, once the Bug occurs, only the error code needs to be repaired and updated at the server, and the Bug can be repaired by a user without updating the APP again. The following steps are typically taken: and identifying the version range influenced by the bug, updating the web version code, and prompting the user to refresh the page.
In the process of implementing the invention, the inventor finds that at least the following problems exist in the prior art:
the hot repair of the H5 Hybrid development mode has great limitation, firstly, the development mode of APP must be H5+ Native Hybrid development, and the business functions are developed in an HTML mode. This limits the entry conditions for most purely natively developed APPs. In addition, Webview is used as a main presentation container, rendering performance of native APP is greatly restricted, and compared with APP developed purely by the native, APP of H5 Hybrid is poor in user experience.
For the originally developed APP, due to the particularity of the mobile platform architecture, the hot repair of the vulnerability of the APP is always an important link in the development, operation and maintenance process. In the iOS platform, if the published APP native main program needs to be modified, a dynamic library Framework manner is usually adopted to load updated repair code. However, due to apple's restrictions, iOS10 has prohibited the loading of the dynamic library Framework from elsewhere than in the APP installation package. Therefore, the iOS10 cannot modify the main program directly by loading a third-party Framework later.
Disclosure of Invention
In view of this, embodiments of the present invention provide a hot repair update method and apparatus, so as to solve the technical problem that a purely native developed APP has hot repair limitations or cannot directly modify a main program by loading a third-party Framework.
To achieve the above object, according to an aspect of an embodiment of the present invention, there is provided a hot repair update method including:
receiving terminal information uploaded by a target terminal;
matching a target vulnerability in a vulnerability database according to the terminal information so as to match a target patch package corresponding to the target vulnerability in a patch database;
and encrypting the target patch package, and issuing the encrypted target patch package to the target terminal so that the target terminal loads the target patch package, thereby performing thermal repair.
Optionally, before receiving the terminal information uploaded by the target terminal, the method further includes:
receiving terminal information and log information uploaded by each terminal;
analyzing the log information of each terminal, and respectively determining the loopholes corresponding to the information of each terminal;
respectively generating patch packages corresponding to the vulnerabilities;
and associating the terminal information of each terminal with the corresponding vulnerability, and associating each vulnerability with the corresponding patch package.
Optionally, after associating each piece of terminal information with its corresponding vulnerability and associating each vulnerability with its corresponding patch package, the method further includes:
and respectively storing each vulnerability and each patch package into a vulnerability library and a patch library.
Optionally, the terminal information includes at least one of:
application version number, terminal model number, and system version.
Optionally, the patch package is generated by the following method:
locating the name of the class and the name of the method with problems;
finding a corresponding method through an object-oriented programming language;
and rewriting the logic corresponding to the method by adopting JavaScript to repair the logic with errors.
Optionally, finding a corresponding method through an object-oriented programming language includes:
and finding a corresponding method by expanding the Runtime of the object-oriented programming language of the C.
Optionally, rewriting the logic corresponding to the method by using JavaScript to repair the error logic, further including:
executing the patch package through a test application program to obtain the operating parameters of the patch package;
and judging the effectiveness of the patch package according to the operation parameters of the patch package.
Optionally, encrypting the target patch package, and issuing the encrypted target patch package to the target terminal, includes:
carrying out asymmetric encryption on the target patch packet to obtain an encryption string;
and issuing the target patch package and the encryption string to the target terminal.
Optionally, the asymmetric encryption is an RSA encryption algorithm.
Optionally, the asymmetrically encrypting the target patch package to obtain an encryption string includes:
calculating the hash value of the patch package;
and encrypting the hash value by adopting an RSA private key to obtain an encryption string.
In addition, according to another aspect of the embodiments of the present invention, there is provided a thermal repair update apparatus including:
the receiving module is used for receiving the terminal information uploaded by the terminal;
the matching module is used for matching a target vulnerability in a vulnerability database according to the terminal information so as to match a target patch package corresponding to the target vulnerability in a patch database;
and the issuing module is used for encrypting the target patch package and issuing the encrypted target patch package to the terminal so that the terminal loads the target patch package and performs thermal repair.
Optionally, the system further comprises a configuration module, configured to:
receiving terminal information and log information uploaded by each terminal;
analyzing the log information to determine loopholes corresponding to each terminal information;
generating a patch package corresponding to each vulnerability;
and associating each terminal information with the corresponding vulnerability, and associating each vulnerability with the corresponding patch package.
Optionally, the configuration module is further configured to:
and associating each terminal information with the corresponding vulnerability, and storing each vulnerability and each patch package into a vulnerability library and a patch library respectively after associating each vulnerability with the corresponding patch package.
Optionally, the terminal information includes at least one of:
application version number, terminal model number, and system version.
Optionally, the patch package is generated by the following method:
locating the name of the class and the name of the method with problems;
finding a corresponding method through an object-oriented programming language;
and rewriting the logic corresponding to the method by adopting JavaScript to repair the logic with errors.
Optionally, finding a corresponding method through an object-oriented programming language includes:
and finding a corresponding method by expanding the Runtime of the object-oriented programming language of the C.
Optionally, rewriting the logic corresponding to the method by using JavaScript to repair the error logic, further including:
executing the patch package through a test application program to obtain the operating parameters of the patch package;
and judging the effectiveness of the patch package according to the operation parameters of the patch package.
Optionally, the issuing module is further configured to:
carrying out asymmetric encryption on the target patch packet to obtain an encryption string;
and issuing the target patch package and the encryption string to the target terminal.
Optionally, the asymmetric encryption is an RSA encryption algorithm.
Optionally, the issuing module is further configured to:
calculating the hash value of the patch package;
and encrypting the hash value by adopting an RSA private key to obtain an encryption string.
According to another aspect of the embodiments of the present invention, there is also provided an electronic device, including:
one or more processors;
a storage device for storing one or more programs,
when the one or more programs are executed by the one or more processors, the one or more processors implement the method of any of the embodiments described above.
According to another aspect of the embodiments of the present invention, there is also provided a computer readable medium, on which a computer program is stored, which when executed by a processor implements the method of any of the above embodiments.
One embodiment of the above invention has the following advantages or benefits: the technical means that the target vulnerability is matched in the vulnerability database according to the terminal information, so that the target patch package corresponding to the target vulnerability is matched in the patch database, the target patch package is encrypted, and the encrypted target patch package is issued to the target terminal, so that the target terminal is subjected to the hot repair is adopted, and therefore the technical problem that in the prior art, the APP developed purely originally has the hot repair limitation or the main program cannot be modified directly in a mode of loading a third-party Framework is solved. The method and the device for repairing the bugs adopt the JavaScript to rewrite the logic corresponding to the method with problems so as to generate the patch package, then the patch package is issued to the terminal, the terminal executes the patch package code when running and repairs the corresponding bugs, so that the terminal does not need to update the APP frequently, and the hot repair of the APP is realized.
Further effects of the above-mentioned non-conventional alternatives will be described below in connection with the embodiments.
Drawings
The drawings are included to provide a better understanding of the invention and are not to be construed as unduly limiting the invention. Wherein:
FIG. 1 is a schematic diagram of a main flow of a hot repair update method according to an embodiment of the present invention;
fig. 2 is a schematic diagram of an association relationship between terminal information and a vulnerability according to an embodiment of the present invention;
FIG. 3 is a schematic diagram illustrating an association relationship between terminal information, vulnerabilities, and patch packages according to an embodiment of the present invention;
FIG. 4 is a schematic diagram illustrating a main flow of a hot repair update method according to a reference embodiment of the present invention;
FIG. 5 is a schematic diagram of the main modules of a thermal remediation update apparatus according to an embodiment of the invention;
FIG. 6 is an exemplary system architecture diagram in which embodiments of the present invention may be employed;
fig. 7 is a schematic block diagram of a computer system suitable for use in implementing a terminal device or server of an embodiment of the invention.
Detailed Description
Exemplary embodiments of the present invention are described below with reference to the accompanying drawings, in which various details of embodiments of the invention are included to assist understanding, and which are to be considered as merely exemplary. Accordingly, those of ordinary skill in the art will recognize that various changes and modifications of the embodiments described herein can be made without departing from the scope and spirit of the invention. Also, descriptions of well-known functions and constructions are omitted in the following description for clarity and conciseness.
Fig. 1 is a schematic diagram of a main flow of a hot repair update method according to an embodiment of the present invention. As an embodiment of the present invention, as shown in fig. 1, the hot repair update method may include:
step 101, receiving terminal information uploaded by a target terminal.
The target terminal reports the terminal information of the target terminal to the server in the process of starting the application program or running the application program, and the server receives the terminal information reported by the target terminal. Optionally, the terminal information includes at least one of: application version number, terminal model number, and system version.
In order to accurately identify the target vulnerability according to the terminal information reported by the target terminal, before step 101, the method further includes: receiving terminal information and log information uploaded by each terminal; analyzing the log information of each terminal, and respectively determining the loopholes corresponding to the information of each terminal; respectively generating patch packages corresponding to the vulnerabilities; and associating the terminal information of each terminal with the corresponding vulnerability, and associating each vulnerability with the corresponding patch package. Generally speaking, a vulnerability is related to parameters such as an APP version number, a terminal model and a system version, a terminal continuously reports log information to a server in the process of running the APP, and operators find that the APP has the vulnerability by analyzing the log information and then associate the vulnerability with the information such as the corresponding APP version number, the terminal model and the system version so that when a target terminal uploads the terminal information, the server can identify the corresponding vulnerability through the terminal information uploaded by the target terminal. As shown in fig. 2, the APP version number is 1.5.3.0, the mobile phone model is iPhone X, the system version is IOS 13, and after analyzing log information corresponding to the terminal information, it is found that the APP has a vulnerability a, so that the terminal information is associated with the vulnerability a.
After the corresponding vulnerabilities are identified, a patch package corresponding to each vulnerability is further generated for each vulnerability, and as shown in fig. 3, a corresponding patch package 1 is generated for vulnerability a.
It should be noted that one terminal information may be associated with one or more vulnerabilities, and one vulnerability may be associated with one or more patch packages, which is not limited in this embodiment of the present invention.
Optionally, after associating each piece of terminal information with its corresponding vulnerability and associating each vulnerability with its corresponding patch package, the method further includes: and storing each vulnerability and each patch package into a vulnerability library and a patch library respectively, as shown in fig. 3.
Optionally, the patch package is generated by the following method: locating the name of the class and the name of the method with problems; finding a corresponding method through an object-oriented programming language; and rewriting the logic corresponding to the method by adopting JavaScript to repair the logic with errors. Optionally, finding a corresponding method through an object-oriented programming language includes: the corresponding method is found by extending Runtime of the object oriented programming language (OC) of C.
JavaScript: "JS" for short, is a lightweight, interpreted or just-in-time, high-level programming language with function priority. Although it is named as a scripting language for developing Web pages, it is also used in many non-browser environments, JavaScript is based on prototypical programming, multi-modal dynamic scripting languages, and supports object-oriented, imperative, and declarative (e.g., functional programming) styles.
Objective-c: abbreviated as "OC" is an object-oriented programming language that extends C. It is mainly used in two systems using the Openstep standard, Mac OS X and GNUstep, while NeXTSTEP and Openstep are more basic languages. The primary programming language for writing an iPhone application is Objective-C.
In the embodiment of the invention, the patch package rewrites the method of the native OC code by writing the JS code, so as to realize the purpose of dynamically repairing the vulnerability. Specifically, firstly, the class name and the method name of the problem are located, then the corresponding method is found through Runtime of the OC, the corresponding logic of the method is rewritten by JS codes, and the error logic is repaired. The patch package provides a general JS template to realize method replacement so as to simplify the difficulty of writing the patch package by developers.
Because the OC is a dynamic language and the calling/class generation of all methods on the OC is carried out at the running time through the Runtime of the OC, the embodiment of the invention obtains the corresponding class and method through the reflection of the class name/method name. After the corresponding class and method are obtained, it can be dynamically called; the methods of the classes can be dynamically replaced by the method provided by Runtime to realize the new implementation; likewise, these types of new methods can also be added by the method provided by Runtime.
When the terminal starts the hot repair engine, a JSCContext instance is created through JavaScriptCore. The JSSContext can be understood as the execution environment of the JS code, and the embodiment of the invention realizes that the method of the OC is exposed to the JS by adding the method to the JSSContext. JS transmits data to OC by calling the method defined by JSContext, and OC transmits the result back to JS by the return value. When the method is called in JavaScript core, the parameters/return values of the method can be automatically converted, for example, NSArray, NSDictionary, NSString, NSNumber and NSBlock in OC can be respectively converted into the array/object/character string/number/function type of JS end, thereby realizing the interaction between JS and OC through JavaScript core.
Optionally, rewriting the logic corresponding to the method by using JavaScript to repair the error logic, further including: executing the patch package through a test application program to obtain the operating parameters of the patch package; and judging the effectiveness of the patch package according to the operation parameters of the patch package. After the patch package is made, the patch package needs to be tested to determine whether the patch package is available. Specifically, the test APP provides an external interface for executing the test patch package, and the interface outputs the operating parameters of the corresponding patch package, so that a developer can monitor the validity of the patch package.
And 102, matching the target vulnerability in a vulnerability database according to the terminal information, so as to match a target patch package corresponding to the target vulnerability in a patch database.
The target vulnerability can be matched in the vulnerability library according to the terminal information uploaded by the target terminal, so that the target patch package corresponding to the target vulnerability is matched in the patch library. Optionally, the terminal information includes at least one of: application version number, terminal model number, and system version. If the target vulnerability corresponding to the terminal information of the target terminal can be matched in the vulnerability library, it is indicated that the APP running on the terminal has the vulnerability and needs to be thermally repaired.
103, encrypting the target patch package, and issuing the encrypted target patch package to the target terminal, so that the target terminal loads the target patch package, thereby performing thermal repair.
Hot fix, also known as hot patch, hot fix patch (hotfix) is a separate cumulative update package containing information, usually represented as one or more files. This is used to solve a problem (e.g., a program error) with the software product. Typically, thermal remediation is tailored to address specific issues of a particular user. The hot fix patch is not automatically updated with the system as a regular patch, typically by email or other means to notify the user of the hot patch message, and the user can download the patch program free of charge on the software provider's website. Compared with upgrading the software version, the main advantage of the hot patch is that the service currently running by the device is not interrupted, that is, the defect of the current software version of the device can be repaired without restarting the device.
In the step, the server encrypts the target patch package, issues the encrypted target patch package to the target terminal, receives and decrypts the encrypted target patch package to obtain the target patch package, and then loads the target patch package, thereby performing thermal repair on the APP. The execution authority of the patch package is high, and if the patch package is tampered by a man-in-the-middle in the transmission process, a great safety problem is caused.
Optionally, encrypting the target patch package, and issuing the encrypted target patch package to the target terminal, includes: carrying out asymmetric encryption on the target patch packet to obtain an encryption string; and issuing the target patch package and the encryption string to the target terminal. And the target patch is signed and encrypted by adopting an asymmetric encryption algorithm, so that the security of data transmission can be improved. Optionally, the asymmetric encryption is an RSA encryption algorithm.
Optionally, the asymmetrically encrypting the target patch package to obtain an encryption string includes: calculating the hash value of the patch package; and encrypting the hash value by adopting an RSA private key to obtain an encryption string, so that the security of data transmission can be further improved.
And after receiving the patch package issued by the server and the corresponding encryption string, the terminal stores the patch package to the local and then verifies the patch package. Specifically, the step of verifying the patch package includes: and acquiring the encrypted string of the patch package, decrypting the encrypted string by adopting an RSA public key, calculating the hash value of the patch package, and if the hash value of the patch package is consistent with the decryption result, passing the verification. After the APP is started, whether a patch package needing to be loaded exists locally (passes verification) is detected, and if the patch package exists, the patch package is loaded, so that hot repair is achieved.
The embodiment of the invention realizes the whole process from the identification of the bug version, the issuing of the patch package, the checking of the patch package to the hot repair. In the APP starting process, firstly, a terminal inquires whether the APP has a bug to be repaired or not from a server, if so, a patch package of a corresponding version is downloaded, then, the patch package is verified according to a secret key, the main program code is prevented from being tampered by an unauthorized patch package, and finally, the APP executes the patch package code during operation to repair the corresponding bug.
According to the various embodiments described above, it can be seen that the embodiments of the present invention match the target vulnerability in the vulnerability library according to the terminal information, thereby matching the target patch package corresponding to the target vulnerability in the patch library, encrypting the target patch package, and issuing the encrypted target patch package to the target terminal, so as to enable the target terminal to perform the hot repair technical means, thereby solving the technical problems that the pure native developed APP in the prior art has the hot repair limitation or the main program cannot be directly modified by loading the third party Framework. The method and the device for repairing the bugs adopt the JavaScript to rewrite the logic corresponding to the method with problems so as to generate the patch package, then the patch package is issued to the terminal, the terminal executes the patch package code when running and repairs the corresponding bugs, so that the terminal does not need to update the APP frequently, and the hot repair of the APP is realized.
FIG. 4 is a schematic diagram illustrating a main flow of a hot repair update method according to a reference embodiment of the present invention. As another embodiment of the present invention, as shown in fig. 4, the hot repair update method may include:
step 401, receiving terminal information and log information uploaded by each terminal.
Optionally, the terminal information includes at least one of: application version number, terminal model number, and system version. Generally speaking, a vulnerability is related to parameters such as APP version number, terminal model, system version, etc., and the terminal continuously reports log information to the server in the process of running the APP.
Step 402, analyzing the log information of each terminal, and respectively determining the loopholes corresponding to the information of each terminal.
After finding that the APP has the loophole by analyzing the log information, the operator associates the loophole with the information such as the corresponding APP version number, the terminal model and the system version, so that when the target terminal uploads the terminal information, the server can identify the corresponding loophole through the terminal information uploaded by the target terminal.
And step 403, respectively generating patch packages corresponding to the vulnerabilities.
And after the corresponding loopholes are identified, further generating a patch package corresponding to each loophole aiming at each loophole.
And 404, associating the terminal information of each terminal with the corresponding vulnerability, associating each vulnerability with the corresponding patch package, and respectively storing each vulnerability and each patch package to a vulnerability library and a patch library.
It should be noted that one terminal information may be associated with one or more vulnerabilities, and one vulnerability may be associated with one or more patch packages, which is not limited in this embodiment of the present invention.
Optionally, the patch package is generated by the following method: locating the name of the class and the name of the method with problems; finding a corresponding method through an object-oriented programming language; and rewriting the logic corresponding to the method by adopting JavaScript to repair the logic with errors. Optionally, finding a corresponding method through an object-oriented programming language includes: the corresponding method is found by extending Runtime of the object oriented programming language (OC) of C.
In the embodiment of the invention, the patch package rewrites the method of the native OC code by writing the JS code, so as to realize the purpose of dynamically repairing the vulnerability. Specifically, firstly, the class name and the method name of the problem are located, then the corresponding method is found through Runtime of the OC, the corresponding logic of the method is rewritten by JS codes, and the error logic is repaired. The patch package provides a general JS template to realize method replacement so as to simplify the difficulty of writing the patch package by developers.
Because the OC is a dynamic language and the calling/class generation of all methods on the OC is carried out at the running time through the Runtime of the OC, the embodiment of the invention obtains the corresponding class and method through the reflection of the class name/method name. After the corresponding class and method are obtained, it can be dynamically called; the methods of the classes can be dynamically replaced by the method provided by Runtime to realize the new implementation; likewise, these types of new methods can also be added by the method provided by Runtime.
When the terminal starts the hot repair engine, a JSCContext instance is created through JavaScriptCore. The JSSContext can be understood as the execution environment of the JS code, and the embodiment of the invention realizes that the method of the OC is exposed to the JS by adding the method to the JSSContext. JS transmits data to OC by calling the method defined by JSContext, and OC transmits the result back to JS by the return value. When the method is called in JavaScript core, the parameters/return values of the method can be automatically converted, for example, NSArray, NSDictionary, NSString, NSNumber and NSBlock in OC can be respectively converted into the array/object/character string/number/function type of JS end, thereby realizing the interaction between JS and OC through JavaScript core.
Step 405, executing the patch package through a test application program to obtain an operation parameter of the patch package, thereby judging the validity of the patch package according to the operation parameter of the patch package.
After the patch package is made, the patch package needs to be tested to determine whether the patch package is available. Specifically, the test APP provides an external interface for executing the test patch package, and the interface outputs the operating parameters of the corresponding patch package, so that a developer can monitor the validity of the patch package.
And step 406, receiving the terminal information uploaded by the target terminal.
The target terminal reports the terminal information of the target terminal to the server in the process of starting the application program or running the application program, and the server receives the terminal information reported by the target terminal. Optionally, the terminal information includes at least one of: application version number, terminal model number, and system version.
Step 407, matching the target vulnerability in the vulnerability database according to the terminal information, so as to match the target patch package corresponding to the target vulnerability in the patch database.
The target vulnerability can be matched in the vulnerability library according to the terminal information uploaded by the target terminal, so that the target patch package corresponding to the target vulnerability is matched in the patch library. If the target vulnerability corresponding to the terminal information of the target terminal can be matched in the vulnerability library, it is indicated that the APP running on the terminal has the vulnerability and needs to be thermally repaired.
And step 408, calculating the hash value of the patch package, and encrypting the hash value by adopting an RSA private key to obtain an encryption string.
The execution authority of the patch package is high, and if the patch package is tampered by a man-in-the-middle in the transmission process, a great safety problem is caused. The target patch is signed and encrypted by adopting an RSA private key, so that the safety of data transmission can be improved.
Step 409, the target patch package and the encryption string are issued to the target terminal, so that the target terminal loads the target patch package, and therefore the hot repair is performed.
And after receiving the patch package issued by the server and the corresponding encryption string, the terminal stores the patch package to the local and then verifies the patch package. Specifically, the step of verifying the patch package includes: and acquiring the encrypted string of the patch package, decrypting the encrypted string by adopting an RSA public key, calculating the hash value of the patch package, and if the hash value of the patch package is consistent with the decryption result, passing the verification. After the APP is started, whether a patch package needing to be loaded exists locally (passes verification) is detected, and if the patch package exists, the patch package is loaded, so that hot repair is achieved.
The embodiment of the invention realizes the whole process from the identification of the bug version, the issuing of the patch package, the checking of the patch package to the hot repair. In the APP starting process, firstly, a terminal inquires whether the APP has a bug to be repaired or not from a server, if so, a patch package of a corresponding version is downloaded, then, the patch package is verified according to a secret key, the main program code is prevented from being tampered by an unauthorized patch package, and finally, the APP executes the patch package code during operation to repair the corresponding bug.
In addition, in one embodiment of the present invention, the detailed implementation of the hot repair update method is described in detail above, and therefore the repeated content is not described herein.
Fig. 5 is a schematic diagram of the main modules of a thermal repair update apparatus according to an embodiment of the present invention, and as shown in fig. 5, the thermal repair update apparatus 500 includes a receiving module 501, a matching module 502, and a sending module 503; the receiving module 501 is configured to receive terminal information uploaded by a terminal; the matching module 502 is configured to match a target vulnerability in a vulnerability database according to the terminal information, so as to match a target patch package corresponding to the target vulnerability in a patch database; the issuing module 503 is configured to encrypt the target patch package, and issue the encrypted target patch package to the terminal, so that the terminal loads the target patch package, thereby performing thermal repair.
Optionally, the system further comprises a configuration module, configured to:
receiving terminal information and log information uploaded by each terminal;
analyzing the log information to determine loopholes corresponding to each terminal information;
generating a patch package corresponding to each vulnerability;
and associating each terminal information with the corresponding vulnerability, and associating each vulnerability with the corresponding patch package.
Optionally, the configuration module is further configured to:
and associating each terminal information with the corresponding vulnerability, and storing each vulnerability and each patch package into a vulnerability library and a patch library respectively after associating each vulnerability with the corresponding patch package.
Optionally, the terminal information includes at least one of:
application version number, terminal model number, and system version.
Optionally, the patch package is generated by the following method:
locating the name of the class and the name of the method with problems;
finding a corresponding method through an object-oriented programming language;
and rewriting the logic corresponding to the method by adopting JavaScript to repair the logic with errors.
Optionally, finding a corresponding method through an object-oriented programming language includes:
and finding a corresponding method by expanding the Runtime of the object-oriented programming language of the C.
Optionally, rewriting the logic corresponding to the method by using JavaScript to repair the error logic, further including:
executing the patch package through a test application program to obtain the operating parameters of the patch package;
and judging the effectiveness of the patch package according to the operation parameters of the patch package.
Optionally, the issuing module 503 is further configured to:
carrying out asymmetric encryption on the target patch packet to obtain an encryption string;
and issuing the target patch package and the encryption string to the target terminal.
Optionally, the asymmetric encryption is an RSA encryption algorithm.
Optionally, the issuing module 503 is further configured to:
calculating the hash value of the patch package;
and encrypting the hash value by adopting an RSA private key to obtain an encryption string.
According to the various embodiments described above, it can be seen that the embodiments of the present invention match the target vulnerability in the vulnerability library according to the terminal information, thereby matching the target patch package corresponding to the target vulnerability in the patch library, encrypting the target patch package, and issuing the encrypted target patch package to the target terminal, so as to enable the target terminal to perform the hot repair technical means, thereby solving the technical problems that the pure native developed APP in the prior art has the hot repair limitation or the main program cannot be directly modified by loading the third party Framework. The method and the device for repairing the bugs adopt the JavaScript to rewrite the logic corresponding to the method with problems so as to generate the patch package, then the patch package is issued to the terminal, the terminal executes the patch package code when running and repairs the corresponding bugs, so that the terminal does not need to update the APP frequently, and the hot repair of the APP is realized.
It should be noted that, in the embodiment of the thermal repair update apparatus of the present invention, the above thermal repair update method has been described in detail, and therefore, the repeated content is not described again.
Fig. 6 illustrates an exemplary system architecture 600 to which a thermal repair update method or a thermal repair update apparatus of an embodiment of the present invention may be applied.
As shown in fig. 6, the system architecture 600 may include terminal devices 601, 602, 603, a network 604, and a server 605. The network 604 serves to provide a medium for communication links between the terminal devices 601, 602, 603 and the server 605. Network 604 may include various types of connections, such as wire, wireless communication links, or fiber optic cables, to name a few.
A user may use the terminal devices 601, 602, 603 to interact with the server 605 via the network 604 to receive or send messages or the like. The terminal devices 601, 602, 603 may have installed thereon various communication client applications, such as shopping applications, web browser applications, search applications, instant messaging tools, mailbox clients, social platform software, etc. (by way of example only).
The terminal devices 601, 602, 603 may be various electronic devices having a display screen and supporting web browsing, including but not limited to smart phones, tablet computers, laptop portable computers, desktop computers, and the like.
The server 605 may be a server providing various services, such as a background management server (for example only) providing support for shopping websites browsed by users using the terminal devices 601, 602, 603. The background management server can analyze and process the received data such as the article information query request and feed back the processing result to the terminal equipment.
It should be noted that the hot repair update method provided by the embodiment of the present invention is generally executed by the server 605, and accordingly, the hot repair update apparatus is generally disposed in the server 605.
It should be understood that the number of terminal devices, networks, and servers in fig. 6 is merely illustrative. There may be any number of terminal devices, networks, and servers, as desired for implementation.
Referring now to FIG. 7, shown is a block diagram of a computer system 700 suitable for use with a terminal device implementing an embodiment of the present invention. The terminal device shown in fig. 7 is only an example, and should not bring any limitation to the functions and the scope of use of the embodiments of the present invention.
As shown in fig. 7, the computer system 700 includes a Central Processing Unit (CPU)701, which can perform various appropriate actions and processes in accordance with a program stored in a Read Only Memory (ROM)702 or a program loaded from a storage section 708 into a Random Access Memory (RAM) 703. In the RAM703, various programs and data necessary for the operation of the system 700 are also stored. The CPU 701, the ROM 702, and the RAM703 are connected to each other via a bus 704. An input/output (I/O) interface 705 is also connected to bus 704.
The following components are connected to the I/O interface 705: an input portion 706 including a keyboard, a mouse, and the like; an output section 707 including a display such as a Cathode Ray Tube (CRT), a Liquid Crystal Display (LCD), and the like, and a speaker; a storage section 708 including a hard disk and the like; and a communication section 709 including a network interface card such as a LAN card, a modem, or the like. The communication section 709 performs communication processing via a network such as the internet. A drive 710 is also connected to the I/O interface 705 as needed. A removable medium 711 such as a magnetic disk, an optical disk, a magneto-optical disk, a semiconductor memory, or the like is mounted on the drive 710 as necessary, so that a computer program read out therefrom is mounted into the storage section 708 as necessary.
In particular, according to the embodiments of the present disclosure, the processes described above with reference to the flowcharts may be implemented as computer software programs. For example, embodiments of the present disclosure include a computer program comprising a computer program embodied on a computer readable medium, the computer program comprising program code for performing the method illustrated in the flow chart. In such an embodiment, the computer program can be downloaded and installed from a network through the communication section 709, and/or installed from the removable medium 711. The computer program performs the above-described functions defined in the system of the present invention when executed by the Central Processing Unit (CPU) 701.
It should be noted that the computer readable medium shown in the present invention can be a computer readable signal medium or a computer readable storage medium or any combination of the two. A computer readable storage medium may be, for example, but not limited to, an electronic, magnetic, optical, electromagnetic, infrared, or semiconductor system, apparatus, or device, or any combination of the foregoing. More specific examples of the computer readable storage medium may include, but are not limited to: an electrical connection having one or more wires, a portable computer diskette, a hard disk, a Random Access Memory (RAM), a read-only memory (ROM), an erasable programmable read-only memory (EPROM or flash memory), an optical fiber, a portable compact disc read-only memory (CD-ROM), an optical storage device, a magnetic storage device, or any suitable combination of the foregoing. In the present invention, a computer readable storage medium may be any tangible medium that can contain, or store a program for use by or in connection with an instruction execution system, apparatus, or device. In the present invention, however, a computer readable signal medium may include a propagated data signal with computer readable program code embodied therein, for example, in baseband or as part of a carrier wave. Such a propagated data signal may take many forms, including, but not limited to, electro-magnetic, optical, or any suitable combination thereof. A computer readable signal medium may also be any computer readable medium that is not a computer readable storage medium and that can communicate, propagate, or transport a program for use by or in connection with an instruction execution system, apparatus, or device. Program code embodied on a computer readable medium may be transmitted using any appropriate medium, including but not limited to: wireless, wire, fiber optic cable, RF, etc., or any suitable combination of the foregoing.
The flowchart and block diagrams in the figures illustrate the architecture, functionality, and operation of possible implementations of systems, methods and computer programs according to various embodiments of the present invention. In this regard, each block in the flowchart or block diagrams may represent a module, segment, or portion of code, which comprises one or more executable instructions for implementing the specified logical function(s). It should also be noted that, in some alternative implementations, the functions noted in the block may occur out of the order noted in the figures. For example, two blocks shown in succession may, in fact, be executed substantially concurrently, or the blocks may sometimes be executed in the reverse order, depending upon the functionality involved. It will also be noted that each block of the block diagrams or flowchart illustration, and combinations of blocks in the block diagrams or flowchart illustration, can be implemented by special purpose hardware-based systems which perform the specified functions or acts, or combinations of special purpose hardware and computer instructions.
The modules described in the embodiments of the present invention may be implemented by software or hardware. The described modules may also be provided in a processor, which may be described as: a processor includes a receive module, a match module, and a send down module, where the names of the modules do not in some cases constitute a limitation on the modules themselves.
As another aspect, the present invention also provides a computer-readable medium that may be contained in the apparatus described in the above embodiments; or may be separate and not incorporated into the device. The computer readable medium carries one or more programs which, when executed by a device, implement the method of: receiving terminal information uploaded by a target terminal; matching a target vulnerability in a vulnerability database according to the terminal information so as to match a target patch package corresponding to the target vulnerability in a patch database; and encrypting the target patch package, and issuing the encrypted target patch package to the target terminal so that the target terminal loads the target patch package, thereby performing thermal repair.
According to the technical scheme of the embodiment of the invention, as the target vulnerability is matched in the vulnerability database according to the terminal information, the target patch package corresponding to the target vulnerability is matched in the patch database, the target patch package is encrypted, and the encrypted target patch package is issued to the target terminal so as to enable the target terminal to carry out hot repair, the technical problem that in the prior art, the APP developed purely originally has hot repair limitation or the main program cannot be modified directly by loading a third-party Framework is solved. The method and the device for repairing the bugs adopt the JavaScript to rewrite the logic corresponding to the method with problems so as to generate the patch package, then the patch package is issued to the terminal, the terminal executes the patch package code when running and repairs the corresponding bugs, so that the terminal does not need to update the APP frequently, and the hot repair of the APP is realized.
The above-described embodiments should not be construed as limiting the scope of the invention. Those skilled in the art will appreciate that various modifications, combinations, sub-combinations, and substitutions can occur, depending on design requirements and other factors. Any modification, equivalent replacement, and improvement made within the spirit and principle of the present invention should be included in the protection scope of the present invention.
Claims (15)
1. A method of hot fix update, comprising:
receiving terminal information uploaded by a target terminal;
matching a target vulnerability in a vulnerability database according to the terminal information so as to match a target patch package corresponding to the target vulnerability in a patch database;
and encrypting the target patch package, and issuing the encrypted target patch package to the target terminal so that the target terminal loads the target patch package, thereby performing thermal repair.
2. The method of claim 1, wherein before receiving the terminal information uploaded by the target terminal, the method further comprises:
receiving terminal information and log information uploaded by each terminal;
analyzing the log information of each terminal, and respectively determining the loopholes corresponding to the information of each terminal;
respectively generating patch packages corresponding to the vulnerabilities;
and associating the terminal information of each terminal with the corresponding vulnerability, and associating each vulnerability with the corresponding patch package.
3. The method of claim 2, wherein after associating each piece of terminal information with its corresponding vulnerability and associating each vulnerability with its corresponding patch package, further comprising:
and respectively storing each vulnerability and each patch package into a vulnerability library and a patch library.
4. The method of claim 1, wherein the terminal information comprises at least one of:
application version number, terminal model number, and system version.
5. The method of claim 2, wherein the patch package is generated by:
locating the name of the class and the name of the method with problems;
finding a corresponding method through an object-oriented programming language;
and rewriting the logic corresponding to the method by adopting JavaScript to repair the logic with errors.
6. The method of claim 5, wherein finding the corresponding method through an object-oriented programming language comprises:
and finding a corresponding method by expanding the Runtime of the object-oriented programming language of the C.
7. The method of claim 5, wherein after rewriting the logic corresponding to the method with JavaScript to repair the erroneous logic, further comprising:
executing the patch package through a test application program to obtain the operating parameters of the patch package;
and judging the effectiveness of the patch package according to the operation parameters of the patch package.
8. The method of claim 1, wherein encrypting the target patch package and issuing the encrypted target patch package to the target terminal comprises:
carrying out asymmetric encryption on the target patch packet to obtain an encryption string;
and issuing the target patch package and the encryption string to the target terminal.
9. The method of claim 8, wherein the asymmetric encryption is an RSA encryption algorithm.
10. The method of claim 9, wherein asymmetrically encrypting the target patch package to obtain an encrypted string comprises:
calculating the hash value of the patch package;
and encrypting the hash value by adopting an RSA private key to obtain an encryption string.
11. A thermal remediation update apparatus, comprising:
the receiving module is used for receiving the terminal information uploaded by the terminal;
the matching module is used for matching a target vulnerability in a vulnerability database according to the terminal information so as to match a target patch package corresponding to the target vulnerability in a patch database;
and the issuing module is used for encrypting the target patch package and issuing the encrypted target patch package to the terminal so that the terminal loads the target patch package and performs thermal repair.
12. The apparatus of claim 11, further comprising a configuration module to:
receiving terminal information and log information uploaded by each terminal;
analyzing the log information to determine loopholes corresponding to each terminal information;
generating a patch package corresponding to each vulnerability;
and associating each terminal information with the corresponding vulnerability, and associating each vulnerability with the corresponding patch package.
13. The apparatus of claim 11, wherein the configuration module is further configured to:
and associating each terminal information with the corresponding vulnerability, and storing each vulnerability and each patch package into a vulnerability library and a patch library respectively after associating each vulnerability with the corresponding patch package.
14. An electronic device, comprising:
one or more processors;
a storage device for storing one or more programs,
the one or more programs, when executed by the one or more processors, implement the method of any of claims 1-10.
15. A computer-readable medium, on which a computer program is stored, which, when being executed by a processor, carries out the method according to any one of claims 1-10.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202011306549.5A CN112416395A (en) | 2020-11-19 | 2020-11-19 | Hot repair updating method and device |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202011306549.5A CN112416395A (en) | 2020-11-19 | 2020-11-19 | Hot repair updating method and device |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN112416395A true CN112416395A (en) | 2021-02-26 |
Family
ID=74773883
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202011306549.5A Pending CN112416395A (en) | 2020-11-19 | 2020-11-19 | Hot repair updating method and device |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN112416395A (en) |
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN113342389A (en) * | 2021-05-31 | 2021-09-03 | 深圳市腾讯网络信息技术有限公司 | Service updating method and device and computer readable storage medium |
| CN114125915A (en) * | 2022-01-26 | 2022-03-01 | 舟谱数据技术南京有限公司 | Positioning thermal repair system and method for setting terminal APP |
Citations (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20140123285A1 (en) * | 2012-10-28 | 2014-05-01 | Google Inc. | Software exploit detection |
| CN104573525A (en) * | 2014-12-19 | 2015-04-29 | 中国航天科工集团第二研究院七〇六所 | Special information service software vulnerability fixing system based on white lists |
| CN107231490A (en) * | 2017-07-19 | 2017-10-03 | 中国银行股份有限公司 | Dynamic updates method, client and the server of IOS system applications |
| CN107315619A (en) * | 2017-07-12 | 2017-11-03 | 北京理工大学 | A kind of hot restorative procedure, mobile terminal and hot repair complex system for realizing patch safety |
| CN107608707A (en) * | 2017-07-31 | 2018-01-19 | 努比亚技术有限公司 | Application detection method, terminal and readable storage medium storing program for executing with hot repair function |
| CN109254864A (en) * | 2018-09-11 | 2019-01-22 | 北京奇艺世纪科技有限公司 | A kind of application failure restorative procedure, device and electronic equipment |
| CN109857583A (en) * | 2018-12-26 | 2019-06-07 | 联想(北京)有限公司 | A kind of processing method and processing device |
-
2020
- 2020-11-19 CN CN202011306549.5A patent/CN112416395A/en active Pending
Patent Citations (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20140123285A1 (en) * | 2012-10-28 | 2014-05-01 | Google Inc. | Software exploit detection |
| CN104573525A (en) * | 2014-12-19 | 2015-04-29 | 中国航天科工集团第二研究院七〇六所 | Special information service software vulnerability fixing system based on white lists |
| CN107315619A (en) * | 2017-07-12 | 2017-11-03 | 北京理工大学 | A kind of hot restorative procedure, mobile terminal and hot repair complex system for realizing patch safety |
| CN107231490A (en) * | 2017-07-19 | 2017-10-03 | 中国银行股份有限公司 | Dynamic updates method, client and the server of IOS system applications |
| CN107608707A (en) * | 2017-07-31 | 2018-01-19 | 努比亚技术有限公司 | Application detection method, terminal and readable storage medium storing program for executing with hot repair function |
| CN109254864A (en) * | 2018-09-11 | 2019-01-22 | 北京奇艺世纪科技有限公司 | A kind of application failure restorative procedure, device and electronic equipment |
| CN109857583A (en) * | 2018-12-26 | 2019-06-07 | 联想(北京)有限公司 | A kind of processing method and processing device |
Cited By (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN113342389A (en) * | 2021-05-31 | 2021-09-03 | 深圳市腾讯网络信息技术有限公司 | Service updating method and device and computer readable storage medium |
| CN114125915A (en) * | 2022-01-26 | 2022-03-01 | 舟谱数据技术南京有限公司 | Positioning thermal repair system and method for setting terminal APP |
| CN114125915B (en) * | 2022-01-26 | 2022-04-12 | 舟谱数据技术南京有限公司 | Positioning thermal repair system and method for setting terminal APP |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN109214168B (en) | Firmware upgrading method and device | |
| CN106295255B (en) | Application program reinforcing method and device | |
| CN111159614B (en) | Webpage resource acquisition method and device | |
| WO2020015562A1 (en) | Routing jump method and apparatus | |
| CN112039826B (en) | Login method and device applied to applet end, electronic equipment and readable medium | |
| CN111078262B (en) | Application thermal restoration method and device | |
| CN110928571A (en) | Business program development method and device | |
| CN113568680B (en) | Dynamic link library protection method, device, equipment and medium for application program | |
| CN106682491B (en) | Application downloading method and device | |
| CN112416395A (en) | Hot repair updating method and device | |
| CN106709281B (en) | Patch granting and acquisition methods, device | |
| JP2017146967A (en) | Method and system for improving loading speed of intermediate language file | |
| CN112836209A (en) | Application installation package processing method and device, electronic equipment, system and storage medium | |
| US9354849B2 (en) | Modification of compiled applications and application management using retrievable policies | |
| CN110334023B (en) | Test flow determining method and device applied to website | |
| CN111488169A (en) | Method and device for hot updating of application program, storage medium and electronic equipment | |
| CN109635558B (en) | Access control method, device and system | |
| CN114329535A (en) | File encryption method and device, electronic equipment and computer readable medium | |
| US11095684B2 (en) | Providing attributes of a network service | |
| CN114756833A (en) | Code obfuscation method, apparatus, device, medium, and program product | |
| CN115238249A (en) | Application code obfuscation method, apparatus, device and medium | |
| CN113553271A (en) | Method for generating and testing internal test program of application program | |
| CN109462604B (en) | Data transmission method, device, equipment and storage medium | |
| CN113515747A (en) | Equipment upgrading method, device, equipment and storage medium | |
| CN113220314A (en) | APP resource loading and APK generation method, device, equipment and medium |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| TA01 | Transfer of patent application right |
Effective date of registration: 20220923 Address after: 25 Financial Street, Xicheng District, Beijing 100033 Applicant after: CHINA CONSTRUCTION BANK Corp. Address before: 12 / F, 15 / F, No. 99, Yincheng Road, Shanghai pilot Free Trade Zone, 200120 Applicant before: Jianxin Financial Science and Technology Co.,Ltd. |
|
| TA01 | Transfer of patent application right |