The design and implementation of decision procedures for checking path feasibility in string-manipulating programs is an important problem, with such applications as symbolic execution of programs with strings and automated detection of cross-site scripting (XSS) vulnerabilities in web applications. A (symbolic) path is given as a finite sequence of assignments and assertions (i.e. without loops), and checking its feasibility amounts to determining the existence of inputs that yield a successful execution. Modern programming languages (e.g. JavaScript, PHP, and Python) support many complex string operations, and strings are also often implicitly modified during a computation in some intricate fashion (e.g. by some autoescaping mechanisms). ...
The success of software verification depends on the ability to find a suitable abstraction of a pro...
As an important extension of symbolic execution (SE), probabilistic symbolic execution (PSE) compute...
Regular expressions are a classical concept in formal language theory. Regular expressions in progra...
The design and implementation of decision procedures for checking path feasibility in string-manipul...
We study the fundamental issue of decidability of satisfiability over string logics with concatenati...
String analysis is the problem of reasoning about how strings are manipulated by a program. It has n...
Artículo de publicación ISIWe study the fundamental issue of decidability of satisfiability over str...
The theory of strings with concatenation has been widely argued as the basis of constraint solving f...
Symbolic execution tools query constraint solvers for tasks such as determining the feasibility of p...
Bugs in user input sanitation of software systems often lead to vulnerabilities. Among them many are...
This archive is provided as artifact material for the article "Decision Procedures for Sequence Theo...
Motivated by the vulnerability analysis of web programs which work on string inputs, we present S3, ...
Streaming string transducers [1] define (partial) functions from input strings to output strings. A ...
Abstract. We introduce streaming data string transducers that map input data strings to output data ...
The success of software verification depends on the ability to find a suitable abstraction of a pro...
As an important extension of symbolic execution (SE), probabilistic symbolic execution (PSE) compute...
Regular expressions are a classical concept in formal language theory. Regular expressions in progra...
The design and implementation of decision procedures for checking path feasibility in string-manipul...
We study the fundamental issue of decidability of satisfiability over string logics with concatenati...
String analysis is the problem of reasoning about how strings are manipulated by a program. It has n...
Artículo de publicación ISIWe study the fundamental issue of decidability of satisfiability over str...
The theory of strings with concatenation has been widely argued as the basis of constraint solving f...
Symbolic execution tools query constraint solvers for tasks such as determining the feasibility of p...
Bugs in user input sanitation of software systems often lead to vulnerabilities. Among them many are...
This archive is provided as artifact material for the article "Decision Procedures for Sequence Theo...
Motivated by the vulnerability analysis of web programs which work on string inputs, we present S3, ...
Streaming string transducers [1] define (partial) functions from input strings to output strings. A ...
Abstract. We introduce streaming data string transducers that map input data strings to output data ...
The success of software verification depends on the ability to find a suitable abstraction of a pro...
As an important extension of symbolic execution (SE), probabilistic symbolic execution (PSE) compute...
Regular expressions are a classical concept in formal language theory. Regular expressions in progra...