article

Precise and scalable static analysis of jQuery using a regular expression domain

Authors:

Sukyoung RyuAuthors Info & Claims

ACM SIGPLAN Notices, Volume 52, Issue 2

Pages 25 - 36

https://doi.org/10.1145/3093334.2989228

Published: 01 November 2016 Publication History

Abstract

jQuery is the most popular JavaScript library but the state-of-the-art static analyzers for JavaScript applications fail to analyze simple programs that use jQuery. In this paper, we present a novel abstract string domain whose elements are simple regular expressions that can represent prefix, infix, and postfix substrings of a string and even their sets. We formalize the new domain in the abstract interpretation framework with abstract models of strings and objects commonly used in the existing JavaScript analyzers. For practical use of the domain, we present polynomial-time inclusion decision rules between the regular expressions and prove that the rules exactly capture the actual inclusion relation. We have implemented the domain as an extension of the open-source JavaScript analyzer, SAFE, and we show that the extension significantly improves the scalability and precision of the baseline analyzer in analyzing programs that use jQuery.

References

[1]

ECMAScript Language Specification. Edition 5.1, 2011.

[2]

P. A. Abdulla, A. Bouajjani, and B. Jonsson. On-the-fly analysis of systems with unbounded, lossy fifo channels. In Proceedings of the 10th International Conference on Computer Aided Verification. Springer Berlin Heidelberg, 1998.

Digital Library

[3]

E. Andreasen and A. Møller. Determinacy in static analysis for jQuery. In Proceedings of the International Conference on Object Oriented Programming Systems Languages and Applications, 2014.

Digital Library

[4]

T.-H. Choi, O. Lee, H. Kim, and K.-G. Doh. A practical string analyzer by the widening approach. In Proceedings of the Asian Symposium on Programming Languages and Systems, 2006.

Digital Library

[5]

A. S. Christensen, A. Møller, and M. I. Schwartzbach. Precise analysis of string expressions. In Proceedings of the International Symposium on Static Analysis, 2003.

Digital Library

[6]

P. Cousot and R. Cousot. Abstract interpretation: A unified lattice model for static analysis of programs by construction or approximation of fixpoints. In Proceedings of the Symposium on Principles of Programming Languages, 1977.

Digital Library

[7]

H. Hosoya, J. Vouillon, and B. C. Pierce. Regular expression types for XML. ACM Transactions on Programming Languages and Systems, 27(1):46–90, 2005.

Digital Library

[8]

D. Hovland. The inclusion problem for regular expressions. Journal of Computer and System Sciences, 78(6), 2012.

Digital Library

[9]

S. H. Jensen, A. Møller, and P. Thiemann. Type analysis for JavaScript. In Proceedings of the International Symposium on Static Analysis. Springer-Verlag, 2009.

Digital Library

[10]

S. H. Jensen, M. Madsen, and A. Møller. Modeling the HTML DOM and browser API in static analysis of JavaScript web applications. In Proceedings of the International Symposium on Foundations of Software Engineering. ACM, 2011.

Digital Library

[11]

jQuery Foundation. jQuery. http://jquery.com.

[12]

KAIST PLRG. http://plrg.kaist.ac.kr/pch.

[13]

V. Kashyap, K. Dewey, E. A. Kuefner, J. Wagner, K. Gibbons, J. Sarracino, B. Wiedermann, and B. Hardekopf. JSAI: A static analysis platform for JavaScript. In Proceedings of the International Symposium on Foundations of Software Engineering, 2014.

Digital Library

[14]

H. Lee, S. Won, J. Jin, J. Cho, and S. Ryu. SAFE: Formal specification and implementation of a scalable analysis framework for ECMAScript. In Workshop on Foundations of Object Oriented Languages, 2012.

[15]

B. S. Lerner, L. Elberty, J. Li, and S. Krishnamurthi. Combining form and function: Static types for jQuery programs. In Proceedings of the European Conference on Object-Oriented Programming, 2013.

Digital Library

[16]

M. Madsen and E. Andreasen. String analysis for dynamic field access. In Proceedings of the International Conference on Compiler Construction, 2014.

[17]

W. Martens, F. Neven, and T. Schwentick. Complexity of decision problems for simple regular expressions. In Proceedings of the International Symposium on Mathematical Foundations of Computer Science, 2004.

[18]

T. Milo and D. Suciu. Index structures for path expressions. In Proceedings of the International Conference on Database Theory, 1999.

Digital Library

[19]

C. Park and S. Ryu. Scalable and precise static analysis of JavaScript applications via loop-sensitivity. In Proceedings of the European Conference on Object-Oriented Programming, 2015.

[20]

C. Park, S. Won, J. Jin, and S. Ryu. Static analysis of JavaScript web applications in the wild via practical DOM. In Proceedings of the International Conference on Automated Software Engineering, 2015.

Digital Library

[21]

J. G. Politz, A. Guha, and S. Krishnamurthi. Semantics and types for objects with first-class member names. In Workshop on Foundations of Object Oriented Languages, 2012.

[22]

M. Schäfer, M. Sridharan, J. Dolby, and F. Tip. Dynamic determinacy analysis. In Proceedings of the Conference on Programming Language Design and Implementation, 2013.

Digital Library

[23]

M. Sridharan, J. Dolby, S. Chandra, M. Schäfer, and F. Tip. Correlation tracking for points-to analysis of JavaScript. In Proceedings of the European Conference on Object-Oriented Programming, 2012.

Digital Library

[24]

L. J. Stockmeyer and A. R. Meyer. Word problems requiring exponential time(preliminary report). In Proceedings of the Annual ACM Symposium on Theory of Computing, 1973.

Digital Library

Cited By

Wang Z(2023)Construction of Interactive Platform for Audio Reading From the Perspective of All Media Based on Vue Framework2023 IEEE 12th International Conference on Communication Systems and Network Technologies (CSNT)10.1109/CSNT57126.2023.10134717(602-606)Online publication date: 8-Apr-2023
https://doi.org/10.1109/CSNT57126.2023.10134717
Serrano M(2021)Of JavaScript AOT compilation performanceProceedings of the ACM on Programming Languages10.1145/34735755:ICFP(1-30)Online publication date: 19-Aug-2021
https://dl.acm.org/doi/10.1145/3473575
Ren ZFan XLi XZhou ZJiang H(2021)Multi-objective Evolutionary Algorithm for String SMT Solver Testing2021 8th International Conference on Dependable Systems and Their Applications (DSA)10.1109/DSA52907.2021.00019(102-113)Online publication date: Aug-2021
https://doi.org/10.1109/DSA52907.2021.00019
Show More Cited By

Index Terms

Precise and scalable static analysis of jQuery using a regular expression domain
1. Theory of computation
  1. Semantics and reasoning
    1. Program semantics

Recommendations

Precise and scalable static analysis of jQuery using a regular expression domain
DLS 2016: Proceedings of the 12th Symposium on Dynamic Languages

jQuery is the most popular JavaScript library but the state-of-the-art static analyzers for JavaScript applications fail to analyze simple programs that use jQuery. In this paper, we present a novel abstract string domain whose elements are simple ...
Systematic approaches for increasing soundness and precision of static analyzers
SOAP 2017: Proceedings of the 6th ACM SIGPLAN International Workshop on State Of the Art in Program Analysis

Building static analyzers for modern programming languages is difficult. Often soundness is a requirement, perhaps with some well-defined exceptions, and precision must be adequate for producing useful results on realistic input programs. Formally ...
The secret sauce in efficient and precise static analysis: the beauty of distributive, summary-based static analyses (and how to master them)
ISSTA '18: Companion Proceedings for the ISSTA/ECOOP 2018 Workshops

In this paper I report on experiences gained from more than five years of extensively designing static code analysis tools- in particular such ones with a focus on security- to scale to real-world projects within an industrial context. Within this time ...

Comments

Information & Contributors

Information

Published In

cover image ACM SIGPLAN Notices

ACM SIGPLAN Notices Volume 52, Issue 2

DLS '16

February 2017

131 pages

ISSN:0362-1340

EISSN:1558-1160

DOI:10.1145/3093334

Editor:
Matthew Fluet

Issue’s Table of Contents

DLS 2016: Proceedings of the 12th Symposium on Dynamic Languages
November 2016
131 pages
ISBN:9781450344456
DOI:10.1145/2989225
Program Chair:
Roberto Ierusalimschy
PUC-Rio, Brazil

Copyright © 2016 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 01 November 2016

Published in SIGPLAN Volume 52, Issue 2

Check for updates

Author Tags

Qualifiers

Article

Funding Sources

National Research Foundation of Korea
Samsung Electronics

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

25
Total Citations
View Citations
255
Total Downloads

Downloads (Last 12 months)11
Downloads (Last 6 weeks)0

Reflects downloads up to 13 Jan 2025

Other Metrics

View Author Metrics

Citations

Cited By

Wang Z(2023)Construction of Interactive Platform for Audio Reading From the Perspective of All Media Based on Vue Framework2023 IEEE 12th International Conference on Communication Systems and Network Technologies (CSNT)10.1109/CSNT57126.2023.10134717(602-606)Online publication date: 8-Apr-2023
https://doi.org/10.1109/CSNT57126.2023.10134717
Serrano M(2021)Of JavaScript AOT compilation performanceProceedings of the ACM on Programming Languages10.1145/34735755:ICFP(1-30)Online publication date: 19-Aug-2021
https://dl.acm.org/doi/10.1145/3473575
Ren ZFan XLi XZhou ZJiang H(2021)Multi-objective Evolutionary Algorithm for String SMT Solver Testing2021 8th International Conference on Dependable Systems and Their Applications (DSA)10.1109/DSA52907.2021.00019(102-113)Online publication date: Aug-2021
https://doi.org/10.1109/DSA52907.2021.00019
Almashfi NLu L(2020)Precise String Domain for Analyzing JavaScript Arrays and Objects2020 3rd International Conference on Information and Computer Technologies (ICICT)10.1109/ICICT50521.2020.00011(17-23)Online publication date: Mar-2020
https://doi.org/10.1109/ICICT50521.2020.00011
Arceri VOlliaro MCortesi AMastroeni I(2019)Completeness of Abstract Domains for String Analysis of JavaScript ProgramsTheoretical Aspects of Computing – ICTAC 201910.1007/978-3-030-32505-3_15(255-272)Online publication date: 22-Oct-2019
https://doi.org/10.1007/978-3-030-32505-3_15
Zheng HWang LPeng FGu JLu SZhang DLi L(2018)Design and implementation of an index calculation system for forestry ecological assessment in ChinaComputers and Electronics in Agriculture10.1016/j.compag.2017.12.040145(253-274)Online publication date: Feb-2018
https://doi.org/10.1016/j.compag.2017.12.040
Negrini LArceri VCortesi AFerrara P(2024) Tarsis : An effective automata‐based abstract domain for string analysis Journal of Software: Evolution and Process10.1002/smr.2647Online publication date: 14-Feb-2024
https://doi.org/10.1002/smr.2647
Olliaro MArceri VCortesi AFerrara P(2023)Lifting String Analysis DomainsChallenges of Software Verification10.1007/978-981-19-9601-6_7(109-143)Online publication date: 22-Jul-2023
https://doi.org/10.1007/978-981-19-9601-6_7
Park JAn SRyu SRoychoudhury ACadar CKim M(2022)Automatically deriving JavaScript static analyzers from specifications using Meta-level static analysisProceedings of the 30th ACM Joint European Software Engineering Conference and Symposium on the Foundations of Software Engineering10.1145/3540250.3549097(1022-1034)Online publication date: 7-Nov-2022
https://dl.acm.org/doi/10.1145/3540250.3549097
Søndergaard H(2022)String Abstract Domains and Their CombinationLogic-Based Program Synthesis and Transformation10.1007/978-3-030-98869-2_1(1-15)Online publication date: 13-Mar-2022
https://doi.org/10.1007/978-3-030-98869-2_1
Show More Cited By

View Options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Media

Figures

Other

Tables

View Issue’s Table of Contents