l10-handout

l10-handout - Lecture 10 Pointer Analysis 1. Datalog 2....

Info iconThis preview shows pages 1–4. Sign up to view the full content.

View Full Document Right Arrow Icon
1 Lecture 10 Pointer Analysis 1. Datalog 2. Context-insensitive, flow-insensitive pointer analysis 3. Context sensitivity Readings: Chapter 12 Advanced Compilers M. Lam & J. Whaley Advanced Compilers L10: Pointer Analysis Pointer Analysis to Improve Security Top web application security vulnerabilities SQL injection, cross-site scripting User input accessing databases Information flow analysis (taint analysis) Sound analysis that found errors in 8 out of 9 apps p 1 = req .getParameter ( ); stmt .executeQuery ( p 2 ); p 1 and p 2 point to same object? Pointer alias analysis PQL
Background image of page 1

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
2 Advanced Compilers L10: Pointer Analysis Automatic Analysis Generation BDD operations 1000s of lines 1 year tuning Datalog bddbddb ( BDD - b ased d eductive d ata b ase) with Active Machine Learning PQL BDD: 10,000s-lines library Compiler writer: Ptr analysis in 10 lines Programmer: Security analysis in 10 lines Advanced Compilers L10: Pointer Analysis Goals of the Lecture Pointer analysis Interprocedural, context-sensitive, flow- insensitive (Dataflow: intraprocedural, flow-sensitive) Power of languages and abstractions Elegant abstractions Logic programming BDDs: Binary decision diagrams (Most-cited CS paper a few years ago)
Background image of page 2
3 Advanced Compilers L10: Pointer Analysis 1. Why a Deductive Database? Pointer analysis produces “intermediate” results to be consumed in analysis. Allow query of specific subsets of results Analysis as queries Results of queries can be further queried in a uniform way Advanced Compilers L10: Pointer Analysis Datalog Basics p( X 1 , X 2 , … X n ) p is a predicate X 1 , X 2 , … X n are terms such as variables or constants A predicate can be viewed as a relation
Background image of page 3

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
Image of page 4
This is the end of the preview. Sign up to access the rest of the document.

Page1 / 12

l10-handout - Lecture 10 Pointer Analysis 1. Datalog 2....

This preview shows document pages 1 - 4. Sign up to view the full document.

View Full Document Right Arrow Icon
Ask a homework question - tutors are online