Search
Now showing items 1-10 of 21
Combined Static and Dynamic Mutability Analysis
(2007-03-23)
Knowing which method parameters may be mutated during a method's execution is useful for many software engineering tasks. We present an approach to discovering parameter immutability, in which several lightweight, scalable ...
Refactoring for parameterizing Java classes
(2006-09-05)
Type safety and expressiveness of many existing Java libraries and theirclient applications would improve, if the libraries were upgraded to definegeneric classes. Efficient and accurate tools exist to assist clientapplications ...
Selecting Refining and Evaluating Properties for Program Analysis
(2003-07-21)
This research proposes and evaluates techniques for selectingpredicates for conditional program propertiesÂthatis, implications such as p ) q whose consequent must betrue whenever the predicate is true. Conditional ...
Automatic Creation of SQL Injection and Cross-Site Scripting Attacks
(2008-09-10)
We present a technique for finding security vulnerabilitiesin Web applications. SQL Injection (SQLI) and cross-sitescripting (XSS) attacks are widespread forms of attackin which the attacker crafts the input to the application ...
Finding Bugs in Web Applications Using Dynamic Test Generation and Explicit State Model Checking
(2009-03-26)
Web script crashes and malformed dynamically-generated web pages are common errors, and they seriously impact the usability of web applications. Current tools for web-page validation cannot handle the dynamically generated ...
HAMPI: A Solver for String Constraints
(2009-02-04)
Many automatic testing, analysis, and verification techniques for programs can be effectively reduced to a constraint-generation phase followed by a constraint-solving phase. This separation of concerns often leads to more ...
Refactoring Sequential Java Code for Concurrency via Concurrent Libraries
(2008-09-30)
Parallelizing existing sequential programs to run efficiently on multicores is hard. The Java 5 packagejava.util.concurrent (j.u.c.) supports writing concurrent programs: much of the complexity of writing threads-safe and ...
Quantitative Information-Flow Tracking for C and Related Languages
(2006-11-17)
We present a new approach for tracking programs' use of data througharbitrary calculations, to determine how much information about secretinputs is revealed by public outputs. Using a fine-grained dynamicbit-tracking ...
Converting Java Programs to Use Generic Libraries
(2004-03-30)
Java 1.5 will include a type system (called JSR-14) that supports parametric polymorphism, or generic classes. This will bring many benefits to Java programmers, not least because current Java practice makes heavy use of ...
Object and Reference Immutability using Java Generics
(2007-03-16)
A compiler-checked immutability guarantee provides useful documentation, facilitates reasoning, and enables optimizations. This paper presents Immutability Generic Java (IGJ), a novel language extension that expresses ...