Control-flow analysis of higher-order languages of taming lambda
Control-flow analysis of higher-order languages of taming lambda
Context-sensitive interprocedural points-to analysis in the presence of function pointers
PLDI '94 Proceedings of the ACM SIGPLAN 1994 conference on Programming language design and implementation
Featherweight Java: a minimal core calculus for Java and GJ
Proceedings of the 14th ACM SIGPLAN conference on Object-oriented programming, systems, languages, and applications
Types and programming languages
Types and programming languages
Principles of Program Analysis
Principles of Program Analysis
Nordic Journal of Computing
Cloning-based context-sensitive pointer alias analysis using binary decision diagrams
Proceedings of the ACM SIGPLAN 2004 conference on Programming language design and implementation
The essence of command injection attacks in web applications
Conference record of the 33rd ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Pixy: A Static Analysis Tool for Detecting Web Application Vulnerabilities (Short Paper)
SP '06 Proceedings of the 2006 IEEE Symposium on Security and Privacy
Sound and precise analysis of web applications for injection vulnerabilities
Proceedings of the 2007 ACM SIGPLAN conference on Programming language design and implementation
Finding security vulnerabilities in java applications with static analysis
SSYM'05 Proceedings of the 14th conference on USENIX Security Symposium - Volume 14
Local policies for resource usage analysis
ACM Transactions on Programming Languages and Systems (TOPLAS)
Improving the Security of Downloadable Java Applications With Static Analysis
Electronic Notes in Theoretical Computer Science (ENTCS)
Precise analysis of string expressions
SAS'03 Proceedings of the 10th international conference on Static analysis
Verifying pointer and string analyses with region type systems
LPAR'10 Proceedings of the 16th international conference on Logic for programming, artificial intelligence, and reasoning
An interactive tool for analyzing embedded SQL queries
APLAS'10 Proceedings of the 8th Asian conference on Programming languages and systems
A systematic analysis of XSS sanitization in web application frameworks
ESORICS'11 Proceedings of the 16th European conference on Research in computer security
Type-Based amortised heap-space analysis
ESOP'06 Proceedings of the 15th European conference on Programming Languages and Systems
Verifying pointer and string analyses with region type systems
Computer Languages, Systems and Structures
| Hi-index | 0.00 |
Code injection and cross-site scripting belong to the most common security vulnerabilities in modern software, usually caused by incorrect string processing. These exploits are often addressed by formulating programming guidelines or "best practices". In this paper, we study the concrete example of a guideline used at SAP for the handling of untrusted, potentially executable strings that are embedded in the output of a Java servlet. To verify adherence to the guideline, we present a type system for a Java-like language that is extended with refined string types, output effects, and polymorphic method types. The practical suitability of the system is demonstrated by an implementation of a corresponding string type verifier and context-sensitive inference for real Java programs.