Data-flow Analysis of Programs with Associative Arrays

TL;DR

This paper introduces a sound and precise data-flow analysis method for programs with associative arrays, addressing challenges in static analysis of dynamic languages like PHP, JavaScript, and Python.

Contribution

It presents a novel approach for value and points-to analysis of associative arrays, implemented in a PHP code analyzer for web applications.

Findings

Provides a sound and precise analysis framework.

Successfully implemented in a PHP code analyzer.

Addresses challenges of dynamic data structures in static analysis.

Abstract

Dynamic programming languages, such as PHP, JavaScript, and Python, provide built-in data structures including associative arrays and objects with similar semantics-object properties can be created at run-time and accessed via arbitrary expressions. While a high level of security and safety of applications written in these languages can be of a particular importance (consider a web application storing sensitive data and providing its functionality worldwide), dynamic data structures pose significant challenges for data-flow analysis making traditional static verification methods both unsound and imprecise. In this paper, we propose a sound and precise approach for value and points-to analysis of programs with associative arrays-like data structures, upon which data-flow analyses can be built. We implemented our approach in a web-application domain-in an analyzer of PHP code.