%0 Generic %1 hauzar2014dataflow %A Hauzar, David %A Kofroň, Jan %A Baštecký, Pavel %D 2014 %K php %R 10.4204/EPTCS.150.6 %T Data-flow Analysis of Programs with Associative Arrays %U http://arxiv.org/abs/1405.1116 %X Dynamic programming languages, such as PHP, JavaScript, and Python, provide built-in data structures including associative arrays and objects with similar semantics-object properties can be created at run-time and accessed via arbitrary expressions. While a high level of security and safety of applications written in these languages can be of a particular importance (consider a web application storing sensitive data and providing its functionality worldwide), dynamic data structures pose significant challenges for data-flow analysis making traditional static verification methods both unsound and imprecise. In this paper, we propose a sound and precise approach for value and points-to analysis of programs with associative arrays-like data structures, upon which data-flow analyses can be built. We implemented our approach in a web-application domain-in an analyzer of PHP code.

@misc{hauzar2014dataflow, abstract = {Dynamic programming languages, such as PHP, JavaScript, and Python, provide built-in data structures including associative arrays and objects with similar semantics-object properties can be created at run-time and accessed via arbitrary expressions. While a high level of security and safety of applications written in these languages can be of a particular importance (consider a web application storing sensitive data and providing its functionality worldwide), dynamic data structures pose significant challenges for data-flow analysis making traditional static verification methods both unsound and imprecise. In this paper, we propose a sound and precise approach for value and points-to analysis of programs with associative arrays-like data structures, upon which data-flow analyses can be built. We implemented our approach in a web-application domain-in an analyzer of PHP code.}, added-at = {2017-12-30T11:19:53.000+0100}, author = {Hauzar, David and Kofroň, Jan and Baštecký, Pavel}, biburl = {https://www.bibsonomy.org/bibtex/2e032b9d5d89302de39624068390a39e6/s_bergmann}, description = {Data-flow Analysis of Programs with Associative Arrays}, doi = {10.4204/EPTCS.150.6}, interhash = {7f4497d4d35ca025a41472b113c3b557}, intrahash = {e032b9d5d89302de39624068390a39e6}, keywords = {php}, note = {cite arxiv:1405.1116Comment: In Proceedings ESSS 2014, arXiv:1405.0554}, timestamp = {2017-12-30T11:19:53.000+0100}, title = {Data-flow Analysis of Programs with Associative Arrays}, url = {http://arxiv.org/abs/1405.1116}, year = 2014 }