Document Open Access Logo

Practical Type-Based Taint Checking and Inference (Artifact)

Authors Nima Karimipour , Kanak Das , Manu Sridharan , Behnaz Hassanshahi

PDF

Artifact Description

Thumbnail PDF
PDF
DARTS.11.2.7.pdf
  • Filesize: 0.52 MB
  • 2 pages

Document Identifiers

Subject Classification

ACM Subject Classification
  • Software and its engineering → Software verification and validation
  • Security and privacy → Software security engineering
Keywords
  • Static analysis
  • Taint Analysis
  • Pluggable type systems
  • Security
  • Inference

Metrics

Artifact

Artifact Evaluation Policy

The artifact has been evaluated as described in the ECOOP 2025 Call for Artifacts and the ACM Artifact Review and Badging Policy.

Abstract

We present a containerized framework for the paper Practical Type-Based Taint Checking and Inference. Packed as a Docker image, the artifact bundles our novel inference engine alongside CodeQL and P/Taint analyses, together with precomputed results and scripts to reproduce five core experimental tables: benchmark characteristics, soundness on labeled issues, precision/recall on real‐world projects, runtime comparisons, and annotation ablation studies. By unifying checking and inference in a portable setup, this artifact enables straightforward validation of our paper’s claims.

Cite As Get BibTex

Nima Karimipour, Kanak Das, Manu Sridharan, and Behnaz Hassanshahi. Practical Type-Based Taint Checking and Inference (Artifact). In Special Issue of the 39th European Conference on Object-Oriented Programming (ECOOP 2025). Dagstuhl Artifacts Series (DARTS), Volume 11, Issue 2, pp. 7:1-7:2, Schloss Dagstuhl – Leibniz-Zentrum für Informatik (2025) https://doi.org/10.4230/DARTS.11.2.7

Author Details

Nima Karimipour
  • University of California, Riverside, CA, USA
Kanak Das
  • University of California, Riverside, CA, USA
Manu Sridharan
  • University of California, Riverside, CA, USA
Behnaz Hassanshahi
  • Oracle Labs, Brisbane, Australia

Funding

This research was supported in part by the National Science Foundation under grants CCF-2007024, CCF-2223826, and CCF-2312263, and a gift from Oracle Labs.

Related Article

  • Nima Karimipour, Kanak Das, Manu Sridharan, and Behnaz Hassanshahi, "Practical Type-Based Taint Checking and Inference", in 39th European Conference on Object-Oriented Programming (ECOOP 2025), LIPIcs, Vol. 333, pp. 18:1-18:25, 2025. https://doi.org/10.4230/LIPIcs.ECOOP.2025.18

References

  1. CodeQL. https://codeql.github.com, 2024. Accessed: 2024-02-07.
  2. Doop - Framework for Java Pointer and Taint Analysis (using P/Taint). https://github.com/plast-lab/doop, 2024. Accessed: 2024-07-29.
  3. Zenodo. https://zenodo.org/records/15301001, 2024. Accessed: 2024-02-07.
Any Issues?
X

Feedback on the Current Page

CAPTCHA

Thanks for your feedback!

Feedback submitted to Dagstuhl Publishing

Could not send message

Please try again later or send an E-mail
© 2023-2025 Schloss Dagstuhl – LZI GmbH About DROPS Imprint Privacy Contact