Premium
A suite of abstract domains for static analysis of string values
Author(s) -
Costantini Giulia,
Ferrara Pietro,
Cortesi Agostino
Publication year - 2015
Publication title -
software: practice and experience
Language(s) - English
Resource type - Journals
SCImago Journal Rank - 0.437
H-Index - 70
eISSN - 1097-024X
pISSN - 0038-0644
DOI - 10.1002/spe.2218
Subject(s) - computer science , abstract interpretation , suite , string (physics) , compiler , programming language , static analysis , sql , semantics (computer science) , compile time , theoretical computer science , domain (mathematical analysis) , domain specific language , mathematics , mathematical analysis , archaeology , mathematical physics , history
SUMMARY Strings are widely used in modern programming languages in various scenarios. For instance, strings are used to build up Structured Query Language (SQL) queries that are then executed. Malformed strings may lead to subtle bugs, as well as non‐sanitized strings may raise security issues in an application. For these reasons, the application of static analysis to compute safety properties over string values at compile time is particularly appealing. In this article, we propose a generic approach for the static analysis of string values based on abstract interpretation. In particular, we design a suite of abstract semantics for strings, where each abstract domain tracks a different kind of information. We discuss the trade‐off between efficiency and accuracy when using such domains to catch the properties of interest. In this way, the analysis can be tuned at different levels of precision and efficiency, and it can address specific properties.Copyright © 2013 John Wiley & Sons, Ltd.