The search functionality is under construction.
The search functionality is under construction.

Author Search Result

[Author] Seikoh NISHITA(1hit)

1-1hit
  • More Precise Analysis of Dynamically Generated String Expressions in Web Applications with Input Validation

    Seikoh NISHITA  

     
    PAPER-Static Analysis

      Vol:
    E96-D No:6
      Page(s):
    1278-1285

    The string analysis is a static analysis of dynamically generated strings in a target program, which is applied to check well-formed string construction in web applications. The string analysis constructs a finite state automaton that approximates a set of possible strings generated for a particular string variable at a program location at runtime. A drawback in the string analysis is imprecision in the analysis result, leading to false positives in the well-formedness checkers. To address the imprecision, this paper proposes an improvement technique of the string analysis to make it perform more precise analysis with respect to input validation in web applications. This paper presents the improvement by annotations representing screening of a set of possible strings, and empirical evaluation with experiments of the improved analyzer on real-world web applications.