Building An Abstract-Syntax-Tree-Oriented Symbolic Execution Engine for PHP Programs

Building An Abstract-Syntax-Tree-Oriented Symbolic Execution Engine for PHP Programs

Bibliographic Details
Main Author: Huang, Jin
Language:English
Published: Wright State University / OhioLINK 2018
Subjects:
Computer Science
abstract syntax tree
symbolic execution engine
PHP
programming
Online Access:http://rave.ohiolink.edu/etdc/view?acc_num=wright1527358331843492
id ndltd-OhioLink-oai-etd.ohiolink.edu-wright1527358331843492
record_format oai_dc
spelling ndltd-OhioLink-oai-etd.ohiolink.edu-wright15273583318434922021-08-03T07:07:09Z Building An Abstract-Syntax-Tree-Oriented Symbolic Execution Engine for PHP Programs Huang, Jin Computer Science abstract syntax tree symbolic execution engine PHP programming This thesis presents the design, implementation, and evaluation of an abstract-syntax-tree-oriented symbolic execution engine for the PHP programming language. As a symbolic execution engine, our system emulate the execution of a PHP program by assuming that all inputs are with symbolic rather than concrete values. While our system inherits the basic definition of symbolic execution, it fundamentally differs from existing symbolic execution implementations that mainly leverage intermediate representation (IRs) to operate. Specifically, our system directly takes the abstract syntax tree (AST) of a program as input and subsequently interprets this AST. Performing symbolic execution using AST offers unique advantages. First, it enables one-to-one mapping between the source code and the analysis results such as control flows and data flows. Second, it makes possible the direct instrumentation on source code to enable developer-aware changes. Third, it has higher applicability since IR is not always available. The design and implementation of our symbolic execution engine essentially feature an interpreter that interprets the AST based on symbolic values. Different from an interpreter that deterministically follows a single execution path by operating on concrete input values, the interpreter we have built needs to generate all paths, where each path has a constraint and its own environment. Constraints and environments of paths need to be dynamically created and maintained while the AST is evaluated. Our interpreter is context-dependent, where all user-defined functions are faithfully when they are called. Once all paths for a program is generated, we will automatically translate the constraint of each path into assertions that can be verified by satisfiability modulo theories (SMT) solver (e.g., Z3). The SMT solver can further verifies assertions for each path and report i) concrete input values that enable this path or ii) the infeasibility of this path. We have tested our system using both prototype PHP programs iii) and real PHP programs collected from WordPress plugins. The experimental results have demonstrated our system is highly effective in performing symbolic execution. 2018-06-07 English text Wright State University / OhioLINK http://rave.ohiolink.edu/etdc/view?acc_num=wright1527358331843492 http://rave.ohiolink.edu/etdc/view?acc_num=wright1527358331843492 unrestricted This thesis or dissertation is protected by copyright: all rights reserved. It may not be copied or redistributed beyond the terms of applicable copyright laws.
collection NDLTD
language English
sources NDLTD
topic Computer Science
abstract syntax tree
symbolic execution engine
PHP
programming
spellingShingle Computer Science
abstract syntax tree
symbolic execution engine
PHP
programming
Huang, Jin
Building An Abstract-Syntax-Tree-Oriented Symbolic Execution Engine for PHP Programs
author Huang, Jin
author_facet Huang, Jin
author_sort Huang, Jin
title Building An Abstract-Syntax-Tree-Oriented Symbolic Execution Engine for PHP Programs
title_short Building An Abstract-Syntax-Tree-Oriented Symbolic Execution Engine for PHP Programs
title_full Building An Abstract-Syntax-Tree-Oriented Symbolic Execution Engine for PHP Programs
title_fullStr Building An Abstract-Syntax-Tree-Oriented Symbolic Execution Engine for PHP Programs
title_full_unstemmed Building An Abstract-Syntax-Tree-Oriented Symbolic Execution Engine for PHP Programs
title_sort building an abstract-syntax-tree-oriented symbolic execution engine for php programs
publisher Wright State University / OhioLINK
publishDate 2018
url http://rave.ohiolink.edu/etdc/view?acc_num=wright1527358331843492
work_keys_str_mv AT huangjin buildinganabstractsyntaxtreeorientedsymbolicexecutionengineforphpprograms
_version_ 1719454160631365632

Similar Items