A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2011; you can also visit the original URL.
The file type is application/pdf.
Filters
Flow-insensitive type qualifiers
2006
ACM Transactions on Programming Languages and Systems
Preserved Fulltext
We describe flow-insensitive type qualifiers, a lightweight, practical mechanism for specifying and checking properties not captured by traditional type systems. ...
Our results suggest that inference and visualization make type qualifiers lightweight, that type qualifier inference scales to large programs, and that type qualifiers are applicable to a wide variety ...
Flow-Insensitive Type Qualifiers Specific examples of flow-insensitive type qualifiers have been proposed to solve a number of problems. ...
doi:10.1145/1186632.1186635
fatcat:tavwrllrfjbunk7bxp2kkvivwa
Flow-sensitive type qualifiers
2002
Proceedings of the ACM SIGPLAN 2002 Conference on Programming language design and implementation - PLDI '02
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2015; you can also visit the original URL.
The file type is application/pdf.
We present a system for extending standard type systems with flow-sensitive type qualifiers. Users annotate their programs with type qualifiers, and inference checks that the annotations are correct. ...
We demonstrate the usefulness of flow-sensitive type qualifiers by finding a number of new locking bugs in the Linux kernel. ...
Flow-insensitive analysis consists of the alias and effect inference of Figure 1 together with flow-insensitive qualifier inference [16] . ...
doi:10.1145/512529.512531
dblp:conf/pldi/FosterTA02
fatcat:bh3ig4tscbcpjdtpfbgaoeyoyy
Applying flow-sensitive CQUAL to verify MINIX authorization check placement
2006
Proceedings of the 2006 workshop on Programming languages and analysis for security - PLAS '06
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2019; you can also visit the original URL.
The file type is application/pdf.
Our analysis of MINIX 3 system servers and discovery of a non-exploitable Time-Of-Check/Time-Of-Use bug demonstrate the effectiveness of flowsensitive CQUAL and its advantage over earlier flow-insensitive ...
We present the first use of flow-sensitive CQUAL to verify the placement of operating system authorization checks. ...
Analysts state facts about a C program by annotating its types with CQUAL type qualifiers that are similar to C's const qualifier. ...
doi:10.1145/1134744.1134747
dblp:conf/pldi/FraserPA06
fatcat:ov6znkinhng6xc22iakcmamjgi
Implementing a Language with Flow-Sensitive and Structural Typing on the JVM
2011
Electronical Notes in Theoretical Computer Science
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2017; you can also visit the original URL.
The file type is application/pdf.
The Whiley language aims to hit a sweet spot between dynamic and static typing. This is achieved through structural subtyping and by typing variables in a flow-sensitive fashion. ...
However, static type systems traditionally require every variable to have one type, and that relationships between types (e.g. subclassing) be declared explicitly. ...
CQual is a flow-sensitive qualifier inference supporting numerous type qualifiers, including those for synchronisation and file I/O [21, 22] . ...
doi:10.1016/j.entcs.2011.11.005
fatcat:ld27j6corranxmcqg4k35na4xq
Context-sensitive auto-sanitization in web templating languages using type qualifiers
2011
Proceedings of the 18th ACM conference on Computer and communications security - CCS '11
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2017; you can also visit the original URL.
The file type is application/pdf.
We propose a novel and principled type-qualifier based mechanism that can be bolted onto existing web templating frameworks. ...
A standard flow-insensitive type inference algorithm would infer that such an untrusted input has no single precise context qualifier because of its ambiguous usage in multiple different contexts. ...
To handle such context ambiguity, we design our type system to be flow-sensitive-a flow-sensitive type system permits program variables to have varying type qualifiers at different program locations [ ...
doi:10.1145/2046707.2046775
dblp:conf/ccs/SamuelSS11
fatcat:z7pxkyberzboroqtvuvdrc4nrm
Scalable and precise taint analysis for Android
2015
Proceedings of the 2015 International Symposium on Software Testing and Analysis - ISSTA 2015
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2015; you can also visit the original URL.
The file type is application/pdf.
Concretely, we present DFlow, a context-sensitive information flow type system, and DroidInfer, the corresponding type inference analysis for detecting privacy leaks in Android apps. ...
We propose a type-based taint analysis for Android. ...
Type Qualifiers In our type-based approach, each variable is typed by a type qualifier. ...
doi:10.1145/2771783.2771803
dblp:conf/issta/HuangDMD15
fatcat:d47qvfdoffgfxehfrvuzwx2ley
Transparent proxies for java futures
2004
SIGPLAN notices
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2017; you can also visit the original URL.
The file type is application/pdf.
flow-sensitivity. ...
Second, we use a simple form of flow-sensitivity to avoid coercing the same expression more than once. ...
Once again, the flow-insensitive analysis had essentially the same running time as Spark points-to analysis (not shown), and the flow-insensitive version added some overhead. ...
doi:10.1145/1035292.1028994
fatcat:vc33ejj365hmnn6utyq4xyueqi
Transparent proxies for java futures
2004
Proceedings of the 19th annual ACM SIGPLAN Conference on Object-oriented programming, systems, languages, and applications - OOPSLA '04
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2017; you can also visit the original URL.
The file type is application/pdf.
flow-sensitivity. ...
Second, we use a simple form of flow-sensitivity to avoid coercing the same expression more than once. ...
Once again, the flow-insensitive analysis had essentially the same running time as Spark points-to analysis (not shown), and the flow-insensitive version added some overhead. ...
doi:10.1145/1028976.1028994
dblp:conf/oopsla/PratikakisSH04
fatcat:jlse37f5vbct7gguvlpidv4q5u
Type qualifier inference for java
2007
SIGPLAN notices
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2011; you can also visit the original URL.
The file type is application/pdf.
First, we introduce opaque and enum qualifiers to track C pointers and enumerations that flow through Java code via the JNI. ...
These results suggest that type qualifiers and type qualifier inference are a useful addition to Java. ...
Similarly, in type qualifier inference, our goal is to determine how qualifiers flow through the program, and then additionally to check that the flow is valid with respect to the programmer-supplied qualifier ...
doi:10.1145/1297105.1297051
fatcat:7tejhd6d3zfrpcspyesvlpzeqa
Type qualifier inference for java
2007
Proceedings of the 22nd annual ACM SIGPLAN conference on Object oriented programming systems and applications - OOPSLA '07
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2011; you can also visit the original URL.
The file type is application/pdf.
First, we introduce opaque and enum qualifiers to track C pointers and enumerations that flow through Java code via the JNI. ...
These results suggest that type qualifiers and type qualifier inference are a useful addition to Java. ...
Similarly, in type qualifier inference, our goal is to determine how qualifiers flow through the program, and then additionally to check that the flow is valid with respect to the programmer-supplied qualifier ...
doi:10.1145/1297027.1297051
dblp:conf/oopsla/GreenfieldboyceF07
fatcat:cwdungrvtjag7hhpbtth6apnoe
A Semantic Framework for Declassification and Endorsement
[chapter]
2010
Lecture Notes in Computer Science
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2011; you can also visit the original URL.
The file type is application/pdf.
The framework is flexible enough to recover and to improve on the previously introduced notions of robustness and qualified robustness. ...
Further, the new security conditions can be soundly enforced by a security type system. ...
This security condition, which has both progress-sensitive and progress-insensitive versions, expresses roughly the same idea as qualified robustness [13] , but in a more natural and direct way. ...
doi:10.1007/978-3-642-11957-6_5
fatcat:nd72zgaapnflbie4fiw2qgee2u
Mixing type checking and symbolic execution
2010
SIGPLAN notices
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2016; you can also visit the original URL.
The file type is application/pdf.
MIXY checks for potential null dereferences by mixing a null/non-null type qualifier inference system with a symbolic executor. ...
In this paper, we present MIX, a novel system that mixes type checking and symbolic execution. ...
MIXY mixes a (flow-insensitive) type qualifier inference system with a symbolic executor. ...
doi:10.1145/1809028.1806645
fatcat:pnb5pyusufbvzlun5lrhdxpzxe
Mixing type checking and symbolic execution
2010
Proceedings of the 2010 ACM SIGPLAN conference on Programming language design and implementation - PLDI '10
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2016; you can also visit the original URL.
The file type is application/pdf.
MIXY checks for potential null dereferences by mixing a null/non-null type qualifier inference system with a symbolic executor. ...
In this paper, we present MIX, a novel system that mixes type checking and symbolic execution. ...
MIXY mixes a (flow-insensitive) type qualifier inference system with a symbolic executor. ...
doi:10.1145/1806596.1806645
dblp:conf/pldi/KhooCF10
fatcat:26wxyru2grgehc3crnhyp6x4zq
Inference and checking of context-sensitive pluggable types
2012
Proceedings of the ACM SIGSOFT 20th International Symposium on the Foundations of Software Engineering - FSE '12
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2015; you can also visit the original URL.
The file type is application/pdf.
Unfortunately, pluggable types require annotations, which imposes a burden on programmers. We propose a framework for specifying, inferring and checking of context-sensitive pluggable types. ...
Pluggable types can help find bugs such as null-pointer dereference or unwanted mutation (or they can prove the absence of such bugs). ...
Although JQual's flow analysis has a field-sensitive/context-sensitive mode, it scales only in its field-insensitive/context-insensitive mode according to [1] . ...
doi:10.1145/2393596.2393626
dblp:conf/sigsoft/MilanovaH12
fatcat:3svnxrl6hvbmvoblq5wuylivjm
Type-Based Taint Analysis for Java Web Applications
[chapter]
2014
Lecture Notes in Computer Science
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2019; you can also visit the original URL.
The file type is application/pdf.
We present SFlow, a context-sensitive type system for secure information flow, and SFlow-Infer, a corresponding worst-case cubic inference analysis. ...
In this paper, we advocate type-based taint analysis. ...
Note that in the context-insensitive typing above, methods append and toString must be typed as follows (code throughout the paper makes parameter this explicit): The poly qualifiers must be interpreted ...
doi:10.1007/978-3-642-54804-8_10
fatcat:aydbrd7xtnd6zkbxf67kpy2azm
« Previous
Showing results 1 — 15 out of 17,925 results