Abstract
We combine LR(k)-parsing technology and data-flow analysis to analyze, in advance of execution, the documents generated dynamically by a program. Based on the document language’s context-free reference grammar and the program’s control structure, the analysis predicts how the documents will be generated and parses the predicted documents. Our strategy remembers context-free structure by computing abstract LR-parse stacks. The technique is implemented in Objective Caml and has statically validated a suite of PHP programs that dynamically generate HTML documents.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Agrawal, G.: Simultaneous demand-driven data-flow and call graph analysis. In: Proc. Int’l. Conf. Software Maintenance, Oxford (1999)
Aho, A., Ullman, J.: Principles of Compiler Design. Addison-Wesley, Reading (1977)
Brabrand, C., Møller, A., Schwartzbach, M.I.: The <bigwig> project. ACM Trans. Internet Technology 2 (2002)
Choi, T.-H., Lee, O., Kim, H., Doh, K.-G.: A practical string analyzer by the widening approach. In: Kobayashi, N. (ed.) APLAS 2006. LNCS, vol. 4279, pp. 374–388. Springer, Heidelberg (2006)
Christensen, A.S., Møller, A., Schwartzbach, M.I.: Static analysis for dynamic XML. In: Proc. PLAN-X 2002 (2002)
Christensen, A.S., Møller, A., Schwartzbach, M.I.: Extending Java for high-level web service construction. ACM TOPLAS 25 (2003)
Duesterwald, E., Gupta, R., Soffa, M.L.: A practical framework for demand-driven interprocedural data flow analysis. ACM TOPLAS 19, 992–1030 (1997)
Horwitz, S., Reps, T., Sagiv, M.: Demand interprocedural dataflow analysis. In: Proc. 3rd ACM SIGSOFT Symp. Foundations of Software Engg. (1995)
Hosoya, H.: XDuce: A typed XML processing language. Technical Report (2008), http://xduce.sourceforge.net/
Hosoya, H., Vouillon, J., Pierce, B.C.: Regular expression types for XML. ACM TOPLAS 27, 46–90 (2005)
Jones, N.D., Mycroft, A.: Data flow analysis of applicative programs using minimal function graphs. In: Proc. 13th Symp. POPL, pp. 296–306. ACM Press, New York (1986)
Jovanovich, N., Kruegel, C., Kirda, E.: Pixy: A static analysis tool for detecting web application vulnerabilities. In: Proc. IEEE Symp. on Security and Privacy, pp. 258–263 (2006)
Kirkegaard, C., Møller, A.: Static analysis for Java Servlets and JSP. In: Yi, K. (ed.) SAS 2006. LNCS, vol. 4134, pp. 336–352. Springer, Heidelberg (2006)
Minamide, Y.: Static approximation of dynamically generated web pages. In: Proc. 14th ACM Int’l Conf. on the World Wide Web, pp. 432–441 (2005)
Minimide, Y., Tozawa, A.: XML validation for context-free grammars. In: Kobayashi, N. (ed.) APLAS 2006. LNCS, vol. 4279, pp. 357–373. Springer, Heidelberg (2006)
Nielson, F., Nielson, H.R., Hankin, C.: Principles of Program Analysis. Springer, Heidelberg (1999)
Nishiyama, T., Minimide, Y.: A translation from the HTML DTD into a regular hedge grammar. In: Ibarra, O.H., Ravikumar, B. (eds.) CIAA 2008. LNCS, vol. 5148, pp. 122–131. Springer, Heidelberg (2008)
Thiemann, P.: Grammar-based analysis of string expressions. In: Proc. ACM workshop Types in languages design and implementation, pp. 59–70 (2005)
Wassermann, G., Gould, C., Su, Z., Devanbu, P.: Static checking of dymanically generated queries in database applications. ACM Trans. Software Engineering and Methodology 16(4), 1–27 (2007)
Wassermann, G., Su, Z.: The essence of command injection attacks in web applications. In: Proc. 33d ACM POPL, pp. 372–382 (2006)
Wassermann, G., Su, Z.: Sound and precise analysis of web applications for injection vulnerabilities. In: Proc. ACM PLDI, pp. 32–41 (2007)
Xie, Y., Aiken, A.: Static detection of security vulnerabilities in scripting languages. In: Proc. 15th USENIX Security Symp. (2006)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2009 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Doh, KG., Kim, H., Schmidt, D.A. (2009). Abstract Parsing: Static Analysis of Dynamically Generated String Output Using LR-Parsing Technology. In: Palsberg, J., Su, Z. (eds) Static Analysis. SAS 2009. Lecture Notes in Computer Science, vol 5673. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-03237-0_18
Download citation
DOI: https://doi.org/10.1007/978-3-642-03237-0_18
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-03236-3
Online ISBN: 978-3-642-03237-0
eBook Packages: Computer ScienceComputer Science (R0)