Representing and Reasoning about Dynamic Code

TL;DR

This paper introduces a novel representation and dependency notion for analyzing dynamic code, enabling reasoning about behavior and security implications that traditional analyses cannot capture.

Contribution

It proposes a new program representation and dependency concept specifically designed for dynamic code, addressing limitations of existing analysis methods.

Findings

Analyzes can identify properties of dynamic code missed by traditional methods.

The new approach captures behavioral relationships between code generators and generated code.

Experimental results demonstrate improved analysis capabilities for dynamic code.

Abstract

Dynamic code, i.e., code that is created or modified at runtime, is ubiquitous in today's world. The behavior of dynamic code can depend on the logic of the dynamic code generator in subtle and non-obvious ways, with significant security implications, e.g., JIT compiler bugs can lead to exploitable vulnerabilities in the resulting JIT-compiled code. Existing approaches to program analysis do not provide adequate support for reasoning about such behavioral relationships. This paper takes a first step in addressing this problem by describing a program representation and a new notion of dependency that allows us to reason about dependency and information flow relationships between the dynamic code generator and the generated dynamic code. Experimental results show that analyses based on these concepts are able to capture properties of dynamic code that cannot be identified using traditional program analyses.