Framework for Static Analysis of PHP Applications (Artifact)

Authors David Hauzar, Jan Kofron



PDF
Thumbnail PDF

Artifact Description

DARTS.1.1.11.pdf
  • Filesize: 354 kB
  • 2 pages

Document Identifiers

Author Details

David Hauzar
Jan Kofron

Cite As Get BibTex

David Hauzar and Jan Kofron. Framework for Static Analysis of PHP Applications (Artifact). In Special Issue of the 29th European Conference on Object-Oriented Programming (ECOOP 2015). Dagstuhl Artifacts Series (DARTS), Volume 1, Issue 1, pp. 11:1-11:2, Schloss Dagstuhl – Leibniz-Zentrum für Informatik (2015) https://doi.org/10.4230/DARTS.1.1.11

Artifact

  MD5 Sum: e48e98ac2ee9796802637984c3ba932e (Get MD5 Sum)

Abstract

This artifact is based on Weverca, a static analyzer framework for PHP applications. The aim of Weverca is to provide developers with a framework that would allow for an easy implementation of custom static analyses of PHP, while not coping with the dynamic language issues. The framework processes the input source code in two phases. In the first phase, the program-point graph is constructed, which has the dynamic constructs (eval, dynamic includes, type information) already resolved. The developer can then implement a custom static analysis in the second phase, exploiting the output of the first phase. The provided package is designed to support repeatability of the experiments of the companion paper: in particular to perform security (taint) analyses of two bundled applications. Instruction to compile and run the analyzer are also provided.

Subject Classification

Keywords
  • Static analysis
  • abstract interpretation
  • dynamic languages
  • PHP
  • security

Metrics

  • Access Statistics
  • Total Accesses (updated on a weekly basis)
    0
    PDF Downloads
Questions / Remarks / Feedback
X

Feedback for Dagstuhl Publishing


Thanks for your feedback!

Feedback submitted

Could not send message

Please try again later or send an E-mail