Rigi-A system for programming-in-the-large
ICSE '88 Proceedings of the 10th international conference on Software engineering
Partial evaluation and automatic program generation
Partial evaluation and automatic program generation
Compositional analysis of modular logic programs
POPL '93 Proceedings of the 20th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Fast static analysis of C++ virtual function calls
Proceedings of the 11th ACM SIGPLAN conference on Object-oriented programming, systems, languages, and applications
Dynamic class loading in the Java virtual machine
Proceedings of the 13th ACM SIGPLAN conference on Object-oriented programming, systems, languages, and applications
Practical experience with an application extractor for Java
Proceedings of the 14th ACM SIGPLAN conference on Object-oriented programming, systems, languages, and applications
Towards partially evaluating reflection in Java
PEPM '00 Proceedings of the 2000 ACM SIGPLAN workshop on Partial evaluation and semantics-based program manipulation
How do program understanding tools affect how programmers understand programs?
Science of Computer Programming - Special issue on WCRE 97
Practical virtual method call resolution for Java
OOPSLA '00 Proceedings of the 15th ACM SIGPLAN conference on Object-oriented programming, systems, languages, and applications
Scalable propagation-based call graph construction algorithms
OOPSLA '00 Proceedings of the 15th ACM SIGPLAN conference on Object-oriented programming, systems, languages, and applications
Dynamic optimistic interprocedural analysis: a framework and an application
OOPSLA '01 Proceedings of the 16th ACM SIGPLAN conference on Object-oriented programming, systems, languages, and applications
Java Virtual Machine Specification
Java Virtual Machine Specification
Optimization of Object-Oriented Programs Using Static Class Hierarchy Analysis
ECOOP '95 Proceedings of the 9th European Conference on Object-Oriented Programming
Manipulating and documenting software structures using SHriMP views
ICSM '95 Proceedings of the International Conference on Software Maintenance
Extending Java for high-level Web service construction
ACM Transactions on Programming Languages and Systems (TOPLAS)
Static Analysis of XML Transformations in Java
IEEE Transactions on Software Engineering
Static Checking of Dynamically Generated Queries in Database Applications
Proceedings of the 26th International Conference on Software Engineering
JDBC Checker: A Static Analysis Tool for SQL/JDBC Applications
Proceedings of the 26th International Conference on Software Engineering
Grammar-based analysis of string expressions
TLDI '05 Proceedings of the 2005 ACM SIGPLAN international workshop on Types in languages design and implementation
Static approximation of dynamically generated Web pages
WWW '05 Proceedings of the 14th international conference on World Wide Web
AMNESIA: analysis and monitoring for NEutralizing SQL-injection attacks
Proceedings of the 20th IEEE/ACM international Conference on Automated software engineering
String analysis for x86 binaries
PASTE '05 Proceedings of the 6th ACM SIGPLAN-SIGSOFT workshop on Program analysis for software tools and engineering
Experiences with Multi-threading and Dynamic Class Loading in a Java Just-In-Time Compiler
Proceedings of the International Symposium on Code Generation and Optimization
Understanding software application interfaces via string analysis
Proceedings of the 28th international conference on Software engineering
ACM Transactions on Programming Languages and Systems (TOPLAS)
Sound and precise analysis of web applications for injection vulnerabilities
Proceedings of the 2007 ACM SIGPLAN conference on Programming language design and implementation
Towards dynamic interprocedural analysis in JVMs
VM'04 Proceedings of the 3rd conference on Virtual Machine Research And Technology Symposium - Volume 3
Precise analysis of string expressions
SAS'03 Proceedings of the 10th international conference on Static analysis
Scaling Java points-to analysis using SPARK
CC'03 Proceedings of the 12th international conference on Compiler construction
APLAS'05 Proceedings of the Third Asian conference on Programming Languages and Systems
A practical string analyzer by the widening approach
APLAS'06 Proceedings of the 4th Asian conference on Programming Languages and Systems
Higher-order multi-parameter tree transducers and recursion schemes for program verification
Proceedings of the 37th annual ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Static extraction of program configuration options
Proceedings of the 33rd International Conference on Software Engineering
Android permissions demystified
Proceedings of the 18th ACM conference on Computer and communications security
RefaFlex: safer refactorings for reflective Java programs
Proceedings of the 2012 International Symposium on Software Testing and Analysis
Hi-index | 0.00 |
In Java software, one important flexibility mechanism is dynamic class loading. Unfortunately, the vast majority of static analyses for Java treat dynamic class loading either unsoundly or too conservatively. We present a novel semi-static approach for resolving dynamic class loading by combining static string analysis with dynamically gathered information about the execution environment. The insight behind the approach is that dynamic class loading often depends on characteristics of the environment that are encoded in various environment variables. Such variables are not static elements; however, their run-time values typically remain the same across multiple executions of the application. Thus, the string values reported by our technique are tailored to the current installation of the system under analysis. Additionally, we propose extensions of string analysis to increase the number of sites that can be resolved purely statically, and to track the names of environment variables. An experimental evaluation on the Java 1.4 standard libraries shows that a state-of-the-art purely static approach resolves only 28% of non-trivial sites, while our approach resolves 74% of such sites. We also demonstrate how the information gained from resolved dynamic class loading can be used to determine the classes that can potentially be instantiated through the use of reflection. Our extensions of string analysis greatly increase the number of resolvable reflective instantiation sites. This work is a step towards making static analysis tools better equipped to handle the dynamic features of Java.