Article

A practical string analyzer by the widening approach

Authors:

Tae-Hyoung Choi,

Oukseh Lee,

Hyunha Kim,

Kyung-Goo DohAuthors Info & Claims

APLAS'06: Proceedings of the 4th Asian conference on Programming Languages and Systems

Pages 374 - 388

https://doi.org/10.1007/11924661_23

Published: 08 November 2006 Publication History

Abstract

The static determination of approximated values of string expressions has many potential applications. For instance, approximated string values may be used to check the validity and security of generated strings, as well as to collect the useful string properties. Previous string analysis efforts have been focused primarily on the maxmization of the precision of regular approximations of strings. These methods have not been completely satisfactory due to the difficulties in dealing with heap variables and context sensitivity. In this paper, we present an abstract-interpretation-based solution that employs a heuristic widening method. The presented solution is implemented and compared to JSA. In most cases, our solution gives results as precise as those produced by previous methods, and it makes the additional contribution of easily dealing with heap variables and context sensitivity in a very natural way. We anticipate the employment of our method in practical applications.

References

[1]

David R. Chase, Mark Wegman, and F. Kenneth Zadeck. Analysis of pointers and structures. In Proceedings of the ACM SIGPLAN Conference on Programming Language Design and Implementation, pages 296-310. ACM Press, 1990.

Digital Library

Google Scholar

[2]

Aske Simon Christensen, Anders Møller, and Michael I. Schwartzbach. Precise analysis of string expressions. In Proceedings of the International Static Analysis Symposium, volume 2694 of Lecture Notes in Computer Science, pages 1-18. Springer-Verlag, June 2003.

Digital Library

Google Scholar

[3]

Patrick Cousot and Radhia Cousot. Abstract interpretation: a unified lattice model for static analysis of programs by construction or approximation of fixpoints. In Proceedings of the ACM Symposium on Principles of Programming Languages, pages 238-252, January 1977.

Digital Library

Google Scholar

[4]

Patrick Cousot and Radhia Cousot. Abstract interpretation frameworks. Journal of Logic and Computation, 2(4):511-547, 1992.

Crossref

Google Scholar

[5]

Carl Gould, Zhendong Su, and Premkumar Devanbu. Static checking of dynamically generated queries in database applications. In Proceedings of the International Conference on Software Engineering, pages 645-654, May 2004.

Digital Library

Google Scholar

[6]

Christian Kirkegaard and Anders Møller. Static analysis for Java servlets and JSP. In Proceedings of the International Static Analysis Symposium, August 2006.

Digital Library

Google Scholar

[7]

Yasuhiko Minamide. Static approximation of dynamically generated web pages. In Proceedings of the International World Wide Web Conference Committee, pages 432-441, 2005.

Digital Library

Google Scholar

[8]

M. Mohri and M.-J. Nederhof. Regular approximation of context-free grammars through transformation. In J.-C. Junqua and G. van Noord, editors, Robustness in Language and Speech Technology, pages 153-163. Kluwer Academic Publisher, 2001.

Google Scholar

[9]

Flemming Nielson and Hanne Riis Nielson. Infinitary control flow analysis: a collecting semantics for closure analysis. In Proceedings of the ACM Symposium on Principles of Programming Languages, pages 332-345. ACM Press, 1997.

Digital Library

Google Scholar

[10]

Olin Shivers. Control flow analysis in scheme. In Proceedings of the ACM SIGPLAN Conference on Programming Language Design and Implementation, June 1988.

Digital Library

Google Scholar

[11]

Naoshi Tabuchi, Eijiro Sumii, and Akinori Yonezawa. Regular expression types for strings in a text processing language. In Proceedings of Workshop on Types in Programming, pages 1-18, July 2002.

Google Scholar

[12]

Peter Thiemann. Grammar-based analysis string expressions. In Proceedings of the ACM Workshop on Types in Language Design and Implementation, pages 59-70, 2004.

Digital Library

Google Scholar

Cited By

View all

Miltenberger MArzt S(2024)Precisely Extracting Complex Variable Values from Android AppsACM Transactions on Software Engineering and Methodology10.1145/364959133:5(1-56)Online publication date: 4-Jun-2024
https://dl.acm.org/doi/10.1145/3649591
Bocchi LKing AMurgia M(2024)Asynchronous Subtyping by Trace RelaxationTools and Algorithms for the Construction and Analysis of Systems10.1007/978-3-031-57246-3_12(207-226)Online publication date: 6-Apr-2024
https://dl.acm.org/doi/10.1007/978-3-031-57246-3_12
Amadini R(2021)A Survey on String Constraint SolvingACM Computing Surveys10.1145/348419855:1(1-38)Online publication date: 23-Nov-2021
https://dl.acm.org/doi/10.1145/3484198
Show More Cited By

Recommendations

Practical pointer aliasing analysis
Shortest string containing all permutations

In this paper, we consider the problem of constructing a shortest string of {1,2,...,n} containing all permutations on n elements as subsequences. For example, the string 1 2 1 3 1 2 1 contains the 6 (=3!) permutations of {1,2,3} and no string with less ...
Precise widening operators for convex polyhedra
Special issue: Static analysis symposium (SAS 2003)

In the context of static analysis via abstract interpretation, convex polyhedra constitute the most used abstract domain among those capturing numerical relational information. Since the domain of convex polyhedra admits infinite ascending chains, it ...

Comments

Please enable JavaScript to view thecomments powered by Disqus.

Information & Contributors

Information

Published In

APLAS'06: Proceedings of the 4th Asian conference on Programming Languages and Systems

November 2006

422 pages

ISBN:3540489371

Editor:
Naoki Kobayashi
Tohoku University

Publisher

Springer-Verlag

Berlin, Heidelberg

Publication History

Published: 08 November 2006

Qualifiers

Article

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

24
Total Citations
View Citations
0
Total Downloads

Downloads (Last 12 months)0
Downloads (Last 6 weeks)0

Reflects downloads up to 13 Nov 2024

Other Metrics

View Author Metrics

Citations

Cited By

View all

Miltenberger MArzt S(2024)Precisely Extracting Complex Variable Values from Android AppsACM Transactions on Software Engineering and Methodology10.1145/364959133:5(1-56)Online publication date: 4-Jun-2024
https://dl.acm.org/doi/10.1145/3649591
Bocchi LKing AMurgia M(2024)Asynchronous Subtyping by Trace RelaxationTools and Algorithms for the Construction and Analysis of Systems10.1007/978-3-031-57246-3_12(207-226)Online publication date: 6-Apr-2024
https://dl.acm.org/doi/10.1007/978-3-031-57246-3_12
Amadini R(2021)A Survey on String Constraint SolvingACM Computing Surveys10.1145/348419855:1(1-38)Online publication date: 23-Nov-2021
https://dl.acm.org/doi/10.1145/3484198
Søndergaard H(2021)String Abstract Domains and Their CombinationLogic-Based Program Synthesis and Transformation10.1007/978-3-030-98869-2_1(1-15)Online publication date: 7-Sep-2021
https://dl.acm.org/doi/10.1007/978-3-030-98869-2_1
Negrini LArceri VFerrara PCortesi A(2021)Twinning Automata and Regular Expressions for String Static AnalysisVerification, Model Checking, and Abstract Interpretation10.1007/978-3-030-67067-2_13(267-290)Online publication date: 17-Jan-2021
https://dl.acm.org/doi/10.1007/978-3-030-67067-2_13
Almashfi NLu LPicker KMaldonado C(2019)Precise String Analysis for JavaScript Programs Using AutomataProceedings of the 2019 8th International Conference on Software and Computer Applications10.1145/3316615.3316662(159-166)Online publication date: 19-Feb-2019
https://dl.acm.org/doi/10.1145/3316615.3316662
Amadini RJordan AGange GGauthier FSchachte PSØndergaard HStuckey PZhang C(2017)Combining String Abstract Domains for JavaScript AnalysisProceedings, Part I, of the 23rd International Conference on Tools and Algorithms for the Construction and Analysis of Systems - Volume 1020510.1007/978-3-662-54577-5_3(41-57)Online publication date: 22-Apr-2017
https://dl.acm.org/doi/10.1007/978-3-662-54577-5_3
Park CIm HRyu S(2016)Precise and scalable static analysis of jQuery using a regular expression domainACM SIGPLAN Notices10.1145/3093334.298922852:2(25-36)Online publication date: 1-Nov-2016
https://dl.acm.org/doi/10.1145/3093334.2989228
Park CIm HRyu SIerusalimschy R(2016)Precise and scalable static analysis of jQuery using a regular expression domainProceedings of the 12th Symposium on Dynamic Languages10.1145/2989225.2989228(25-36)Online publication date: 1-Nov-2016
https://dl.acm.org/doi/10.1145/2989225.2989228
Li DLyu YWan MHalfond WDi Nitto EHarman MHeymans P(2015)String analysis for Java and Android applicationsProceedings of the 2015 10th Joint Meeting on Foundations of Software Engineering10.1145/2786805.2786879(661-672)Online publication date: 30-Aug-2015
https://dl.acm.org/doi/10.1145/2786805.2786879
Show More Cited By

View Options

View options

Get Access

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Cited By

Recommendations

Practical pointer aliasing analysis

Shortest string containing all permutations

Precise widening operators for convex polyhedra