Bugs in user input sanitation of software systems often lead to vulnerabilities. Among them many are caused by improper use of regular replacement. This paper presents a precise modeling of various semantics of regular substitution, such as the declarative, finite, greedy, and reluctant, using finite state transducers (FST). By projecting an FST to its input/output tapes, we are able to solve atomic string constraints, which can be applied to both the forward and backward image computation in model checking and symbolic execution of text processing programs. We report several interesting discoveries, e.g., certain fragments of the general problem can be handled using less expressive deterministic FST. A compact representation of FST is impl...
Constraint solving is an essential technique for detecting vulnerabilities in programs, since it can...
Verifying string manipulating programs is a crucial problem in computer security. String operations ...
Regular expressions are a classical concept in formal language theory. Regular expressions in progra...
String analysis is the problem of reasoning about how strings are manipulated by a program. It has n...
We study the fundamental issue of decidability of satisfiability over string logics with concatenati...
Artículo de publicación ISIWe study the fundamental issue of decidability of satisfiability over str...
Most common vulnerabilities in modern software applications are due to errors in string manipulatio...
Symbolic finite automata (SFA) allow the representation of regular languages of strings over an infi...
The theory of strings with concatenation has been widely argued as the basis of constraint solving f...
The design and implementation of decision procedures for checking path feasibility in string-manipul...
In this thesis, we study algorithms which can be used to extract, or learn, formal mathematical mode...
String constraint solving is an important emerging field, given the ubiquity of strings over differe...
Motivated by the vulnerability analysis of web programs which work on string inputs, we present S3, ...
Abstract. There has been significant interest in static analysis of pro-grams that manipulate string...
Constraint solving is an essential technique for detecting vulnerabilities in programs, since it can...
Verifying string manipulating programs is a crucial problem in computer security. String operations ...
Regular expressions are a classical concept in formal language theory. Regular expressions in progra...
String analysis is the problem of reasoning about how strings are manipulated by a program. It has n...
We study the fundamental issue of decidability of satisfiability over string logics with concatenati...
Artículo de publicación ISIWe study the fundamental issue of decidability of satisfiability over str...
Most common vulnerabilities in modern software applications are due to errors in string manipulatio...
Symbolic finite automata (SFA) allow the representation of regular languages of strings over an infi...
The theory of strings with concatenation has been widely argued as the basis of constraint solving f...
The design and implementation of decision procedures for checking path feasibility in string-manipul...
In this thesis, we study algorithms which can be used to extract, or learn, formal mathematical mode...
String constraint solving is an important emerging field, given the ubiquity of strings over differe...
Motivated by the vulnerability analysis of web programs which work on string inputs, we present S3, ...
Abstract. There has been significant interest in static analysis of pro-grams that manipulate string...
Constraint solving is an essential technique for detecting vulnerabilities in programs, since it can...
Verifying string manipulating programs is a crucial problem in computer security. String operations ...
Regular expressions are a classical concept in formal language theory. Regular expressions in progra...