On the Construction of Automata from Linear Arithmetic Constraints
TACAS '00 Proceedings of the 6th International Conference on Tools and Algorithms for Construction and Analysis of Systems: Held as Part of the European Joint Conferences on the Theory and Practice of Software, ETAPS 2000
CSSV: towards a realistic tool for statically detecting all buffer overflows in C
PLDI '03 Proceedings of the ACM SIGPLAN 2003 conference on Programming language design and implementation
Buffer overrun detection using linear programming and static analysis
Proceedings of the 10th ACM conference on Computer and communications security
Static detection of security vulnerabilities in scripting languages
USENIX-SS'06 Proceedings of the 15th conference on USENIX Security Symposium - Volume 15
A Static Analysis Framework For Detecting SQL Injection Vulnerabilities
COMPSAC '07 Proceedings of the 31st Annual International Computer Software and Applications Conference - Volume 01
Abstracting Symbolic Execution with String Analysis
TAICPART-MUTATION '07 Proceedings of the Testing: Academic and Industrial Conference Practice and Research Techniques - MUTATION
A buffer overflow benchmark for software model checkers
Proceedings of the twenty-second IEEE/ACM international conference on Automated software engineering
Lifting abstract interpreters to quantified logical domains
Proceedings of the 35th annual ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Discovering properties about arrays in simple programs
Proceedings of the 2008 ACM SIGPLAN conference on Programming language design and implementation
Testing for buffer overflows with length abstraction
ISSTA '08 Proceedings of the 2008 international symposium on Software testing and analysis
Saner: Composing Static and Dynamic Analysis to Validate Sanitization in Web Applications
SP '08 Proceedings of the 2008 IEEE Symposium on Security and Privacy
Symbolic String Verification: An Automata-Based Approach
SPIN '08 Proceedings of the 15th international workshop on Model Checking Software
Precise analysis of string expressions
SAS'03 Proceedings of the 10th international conference on Static analysis
Solving string constraints lazily
Proceedings of the IEEE/ACM international conference on Automated software engineering
Symbolic automata constraint solving
LPAR'10 Proceedings of the 17th international conference on Logic for programming, artificial intelligence, and reasoning
An evaluation of automata algorithms for string analysis
VMCAI'11 Proceedings of the 12th international conference on Verification, model checking, and abstract interpretation
Relational string verification using multi-track automata
CIAA'10 Proceedings of the 15th international conference on Implementation and application of automata
On synchronized multitape and multihead automata
DCFS'11 Proceedings of the 13th international conference on Descriptional complexity of formal systems
String abstractions for string verification
Proceedings of the 18th international SPIN conference on Model checking software
A slice-based decision procedure for type-based partial orders
IJCAR'10 Proceedings of the 5th international conference on Automated Reasoning
Multitape NFA: weak synchronization of the input heads
SOFSEM'12 Proceedings of the 38th international conference on Current Trends in Theory and Practice of Computer Science
Weak synchronization and synchronizability of multitape pushdown automata and turing machines
LATA'12 Proceedings of the 6th international conference on Language and Automata Theory and Applications
On synchronized multi-tape and multi-head automata
Theoretical Computer Science
HAMPI: A solver for word equations over strings, regular expressions, and context-free grammars
ACM Transactions on Software Engineering and Methodology (TOSEM)
Symbolic execution of programs with strings
Proceedings of the South African Institute for Computer Scientists and Information Technologists Conference
JST: an automatic test generation tool for industrial Java applications with strings
Proceedings of the 2013 International Conference on Software Engineering
Z3-str: a z3-based string solver for web application analysis
Proceedings of the 2013 9th Joint Meeting on Foundations of Software Engineering
| Hi-index | 0.00 |
We present an automata-based approach for symbolic verification of systems with unbounded string and integer variables. Particularly, we are interested in automatically discovering the relationships among the string and integer variables. The lengths of the strings in a regular language form a semilinear set. We present a novel construction for length automata that accept the unary or binary representations of the lengths of the strings in a regular language. These length automata can be integrated with an arithmetic automaton that recognizes the valuations of the integer variables at a program point. We propose a static analysis technique that uses these automata in a forward fixpoint computation with widening and is able to catch relationships among the lengths of the string variables and the values of the integer variables. This composite string and integer analysis enables us to verify properties that cannot be verified using string analysis or size analysis alone.