Framework for Static Analysis of PHP Applications (Artifact)

Authors David Hauzar, Jan Kofron

Thumbnail PDF

Artifact Description

  • Filesize: 354 kB
  • 2 pages

Document Identifiers

Author Details

David Hauzar
Jan Kofron

Cite AsGet BibTex

David Hauzar and Jan Kofron. Framework for Static Analysis of PHP Applications (Artifact). In Special Issue of the 29th European Conference on Object-Oriented Programming (ECOOP 2015). Dagstuhl Artifacts Series (DARTS), Volume 1, Issue 1, pp. 11:1-11:2, Schloss Dagstuhl – Leibniz-Zentrum für Informatik (2015)



This artifact is based on Weverca, a static analyzer framework for PHP applications. The aim of Weverca is to provide developers with a framework that would allow for an easy implementation of custom static analyses of PHP, while not coping with the dynamic language issues. The framework processes the input source code in two phases. In the first phase, the program-point graph is constructed, which has the dynamic constructs (eval, dynamic includes, type information) already resolved. The developer can then implement a custom static analysis in the second phase, exploiting the output of the first phase. The provided package is designed to support repeatability of the experiments of the companion paper: in particular to perform security (taint) analyses of two bundled applications. Instruction to compile and run the analyzer are also provided.
  • Static analysis
  • abstract interpretation
  • dynamic languages
  • PHP
  • security


  • Access Statistics
  • Total Accesses (updated on a weekly basis)
    PDF Downloads