Static Analysis of Event-Driven Node.js']js Java']JavaScript Applications

被引：0

作者：

Madsen, Magnus ^{[1
]}

Tip, Frank ^{[2
]}

Lhotak, Ondrej ^{[1
]}

机构：

[1] Univ Waterloo, Waterloo, ON N2L 3G1, Canada

[2] Samsung Res Amer, Mountain View, CA USA

来源：

ACM SIGPLAN NOTICES | 2015年 / 50卷 / 10期

关键词：

event based-systems; static analysis; !text type='Java']Java[!/text]Script;

D O I：

10.1145/2814270.2814272

中图分类号：

TP31 [计算机软件];

学科分类号：

081202 ; 0835 ;

摘要：

Many JavaScript programs are written in an event-driven style. In particular, in server-side Node. js applications, operations involving sockets, streams, and files are typically performed in an asynchronous manner, where the execution of listeners is triggered by events. Several types of programming errors are specific to such event-based programs (e.g., unhandled events, and listeners that are registered too late). We present the event-based call graph, a program representation that can be used to detect bugs related to event handling. We have designed and implemented three analyses for constructing event-based call graphs. Our results show that these analyses are capable of detecting problems reported on StackOverflow. Moreover, we show that the number of false positives reported by the analysis on a suite of small Node. js applications is manageable.

引用

页码：505 / 519

页数：15

共 50 条

[1] Race Detection for Event-Driven Node.js']js Applications
Chang, Xiaoning
Dou, Wensheng
Wei, Jun
Huang, Tao
Xie, Jinhui
Deng, Yuetang
Yang, Jianbo
Yang, Jiaheng
[J]. 2021 36TH IEEE/ACM INTERNATIONAL CONFERENCE ON AUTOMATED SOFTWARE ENGINEERING ASE 2021, 2021, : 480 - 491
[2] Detecting Atomicity Violations for Event-Driven Node.js']js Applications
Chang, Xiaoning
Dou, Wensheng
Gao, Yu
Wang, Jie
Wei, Jun
Huang, Tao
[J]. 2019 IEEE/ACM 41ST INTERNATIONAL CONFERENCE ON SOFTWARE ENGINEERING (ICSE 2019), 2019, : 631 - 642
[3] Study of Java']JavaScript Static Analysis Tools for Vulnerability Detection in Node.js']js Packages
Brito, Tiago
Ferreira, Mafalda
Monteiro, Miguel
Lopes, Pedro
Barros, Miguel
Santos, Jose Fragoso
Santos, Nuno
[J]. IEEE TRANSACTIONS ON RELIABILITY, 2023, 72 (04) : 1324 - 1339
[4] NODEST: Feedback-Driven Static Analysis of Node.js']js Applications
Nielsen, Benjamin Barslev
Hassanshahi, Behnaz
Gauthier, Francois
[J]. ESEC/FSE'2019: PROCEEDINGS OF THE 2019 27TH ACM JOINT MEETING ON EUROPEAN SOFTWARE ENGINEERING CONFERENCE AND SYMPOSIUM ON THE FOUNDATIONS OF SOFTWARE ENGINEERING, 2019, : 455 - 465
[5] Time-Travel Debugging for Java']JavaScript/Node.js']js
Barr, Earl T.
Marron, Mark
Maurer, Ed
Moseley, Dan
Seth, Gaurav
[J]. FSE'16: PROCEEDINGS OF THE 2016 24TH ACM SIGSOFT INTERNATIONAL SYMPOSIUM ON FOUNDATIONS OF SOFTWARE ENGINEERING, 2016, : 1003 - 1007
[6] Server-side Web Development with Java']JavaScript and Node.js']js
Ortiz, Ariel
[J]. PROCEEDINGS OF THE 45TH ACM TECHNICAL SYMPOSIUM ON COMPUTER SCIENCE EDUCATION (SIGCSE'14), 2014, : 747 - 747
[7] Mutode: Generic Java']JavaScript and Node.js']js Mutation Testing Tool
Rodriguez-Baquero, Diego
Linares-Vasquez, Mario
[J]. ISSTA'18: PROCEEDINGS OF THE 27TH ACM SIGSOFT INTERNATIONAL SYMPOSIUM ON SOFTWARE TESTING AND ANALYSIS, 2018, : 372 - 375
[8] SPMP: A Java']JavaScript Support for Shared Persistent Memory on Node.js']js
Zhang, Qipeng
Li, Tianyou
Deng, Pan
Chen, Yuting
Huang, Linpeng
Rudoff, Andy
[J]. ALGORITHMS AND ARCHITECTURES FOR PARALLEL PROCESSING, ICA3PP 2018, PT II, 2018, 11335 : 354 - 366
[9] Complementing Java']JavaScript in High-Performance Node.js']js and Web Applications with Rust and WebAssembly
Kyriakou, Kyriakos-Ioannis D.
Tselikas, Nikolaos D.
[J]. ELECTRONICS, 2022, 11 (19)
[10] A Sense of Time for Java']JavaScript and Node.js']js: First-Class Timeouts as a Cure for Event Handler Poisoning
Davis, James C.
Williamson, Eric R.
Lee, Dongyoon
[J]. PROCEEDINGS OF THE 27TH USENIX SECURITY SYMPOSIUM, 2018, : 343 - 359

← 1 2 3 4 5 →