A Theory for Control-Flow Graph Exploration

Arlt, Stephan; Rümmer, Philipp; Schäf, Martin

doi:10.1007/978-3-319-02444-8_44

Cited by 4 publications

(2 citation statements)

References 16 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Most procedures still can be analyzed within few seconds. We believe that, by further improving the reuse of theorem prover results as suggested in [3], we can reduce these extra costs even further.…”

Section: Discussionmentioning

confidence: 99%

The Gradual Verifier

Arlt

Rubio-González

Rümmer

et al. 2014

Lecture Notes in Computer Science

Self Cite

View full text Add to dashboard Cite

Abstract. Static verification traditionally produces yes/no answers. It either provides a proof that a piece of code meets a property, or a counterexample showing that the property can be violated. Hence, the progress of static verification is hard to measure. Unlike in testing, where coverage metrics can be used to track progress, static verification does not provide any intermediate result until the proof of correctness can be computed. This is in particular problematic because of the inevitable incompleteness of static verifiers. To overcome this, we propose a gradual verification approach, GraVy. For a given piece of Java code, GraVy partitions the statements into those that are unreachable, or from which exceptional termination is impossible, inevitable, or possible. Further analysis can then focus on the latter case. That is, even though some statements still may terminate exceptionally, GraVy still computes a partial result. This allows us to measure the progress of static verification. We present an implementation of GraVy and evaluate it on several open source projects.

show abstract

Section: Discussionmentioning

confidence: 99%

The Gradual Verifier

Arlt

Rubio-González

Rümmer

et al. 2014

Lecture Notes in Computer Science

Self Cite

View full text Add to dashboard Cite

show abstract

“…The lacking of alias analysis may lead to false positives or false negatives in static detection. Our system is based on control ow graph [9] of web applications' source codes.First of all, system converts PHP source codes of web application into parse trees[10] using Java lexical analyzer generator JFlex. Then, it constructs a divided control ow graph for each function.…”

Section: Introductionmentioning

confidence: 99%

Interprocedural and Intraprocedural Alias Analysis Algorithms

Li¹,

Cai²

2016

Proceedings of the 2016 5th International Conference on Advanced Materials and Computer Science

View full text Add to dashboard Cite

Abstract. The quantity and significance of web application increases quickly. Meanwhile, the influence of vulnerabilities in web application grows as well. Automated tools are urgently needed because manual code reviews are inefficient and fallible. However, previous static code detection tools lack of alias analysis between variables in codes, leading to possible false positives or false negatives. To solve this problem, we propose a set of sound and precise alias analysis algorithms which can conduct intraprocedural and interprocedural alias analysis. Then we apply them to a previous static detection system. Experiments on practical open source web applications and manually written test cases show that system with alias analysis can handle complex alias relationship accurately and detect vulnerabilities related to alias with greater precision. Moreover, alias analysis's impact on scanning speed of the system is negligible.

show abstract