Typestate: A programming language concept for enhancing software reliability
IEEE Transactions on Software Engineering
Analysis of pointers and structures
PLDI '90 Proceedings of the ACM SIGPLAN 1990 conference on Programming language design and implementation
Soft typing: an approach to type checking for dynamically typed languages
Soft typing: an approach to type checking for dynamically typed languages
Soft typing with conditional types
POPL '94 Proceedings of the 21st ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Types as abstract interpretations
Proceedings of the 24th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Proceedings of the 1999 ACM SIGPLAN-SIGSOFT workshop on Program analysis for software tools and engineering
Securing web application code by static analysis and runtime protection
Proceedings of the 13th international conference on World Wide Web
Pixy: A Static Analysis Tool for Detecting Web Application Vulnerabilities (Short Paper)
SP '06 Proceedings of the 2006 IEEE Symposium on Security and Privacy
Testing, abstraction, theorem proving: better together!
Proceedings of the 2006 international symposium on Software testing and analysis
Sound and precise analysis of web applications for injection vulnerabilities
Proceedings of the 2007 ACM SIGPLAN conference on Programming language design and implementation
SAS '09 Proceedings of the 16th International Symposium on Static Analysis
Compositional may-must program analysis: unleashing the power of alternation
Proceedings of the 37th annual ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Predicting and preventing inconsistencies in deployed distributed systems
ACM Transactions on Computer Systems (TOCS)
State of the union: type inference via Craig interpolation
TACAS'07 Proceedings of the 13th international conference on Tools and algorithms for the construction and analysis of systems
Dependent types for program understanding
TACAS'05 Proceedings of the 11th international conference on Tools and Algorithms for the Construction and Analysis of Systems
Phantm: PHP analyzer for type mismatch
Proceedings of the eighteenth ACM SIGSOFT international symposium on Foundations of software engineering
Trustworthy numerical computation in Scala
Proceedings of the 2011 ACM international conference on Object oriented programming systems languages and applications
Proceedings of the 34th ACM SIGPLAN conference on Programming language design and implementation
Hi-index | 0.00 |
We describe a combination of runtime information and static analysis for checking properties of complex and configurable systems. The basic idea of our approach is to 1) let the program execute and thereby read the important dynamic configuration data, then 2) invoke static analysis from this runtime state to detect possible errors that can happen in the continued execution. This approach improves analysis precision, particularly with respect to types of global variables and nested data structures. It also enables the resolution of modules that are loaded based on dynamically computed information. We describe an implementation of this approach in a tool that statically computes possible types of variables in PHP applications, including detailed types of nested maps (arrays). PHP is a dynamically typed language; PHP programs extensively use nested value maps, as well as 'include' directives whose arguments are dynamically computed file names. We have applied our analysis tool to over 50'000 lines of PHP code, including the popular DokuWiki software, which has a plug-in architecture. The analysis identified 200 problems in the code and in the type hints of the original source code base. Some of these problems can cause exploits, infinite loops, and crashes. Our experiments show that dynamic information simplifies the development of the analysis and decreases the number of false alarms compared to a purely static analysis approach.