Return to search

Symbolic string execution

Thesis (MSc)--Stellenbosch University, 2012. / ENGLISH ABSTRACT: Symbolic execution is a well-established technique for automated test generation
and for nding errors in complex code. Most of the focus has however
been on programs that manipulate integers, booleans, and even, references in
object-oriented programs. Recently researchers have started looking at programs
that do lots of string processing, motivated, in part, by the popularity of
the web and the risk that errors in web servers may lead to security violations.
Attempts to extend symbolic execution to the domain of strings are mainly
divided into one of two camps: automata-based approaches and approaches
based on bitvector analysis. Here we investigate these two approaches in a
uni ed setting, namely the symbolic execution framework of Java PathFinder.
We describe the implementations of both approaches and then do an evaluation
to show under what circumstances each approach performs well (or not
so well). We also illustrate the usefulness of the symbolic execution of strings
by nding errors in real-world examples. / AFRIKAANSE OPSOMMING: Simboliese uitvoering is 'n bekende tegniek vir automatiese genereering van
toetse en om foute te vind in ingewikkelde bronkode. Die fokus sover was
grotendeels op programme wat gebruik maak van heelgetalle, boolse waardes
en selfs verwysings in objek geörienteerde programme. Navorsers het onlangs
begin kyk na programme wat baie gebruik maak van string prosessering, deelteliks
gemotiveerd deur die populariteit van die web en die gepaardgaande
risiko's daarvan. Vorige implementasies van simboliese string uitvoering word
binne twee kampe verdeel: die automata gebaseerde benadering en bitvektoor
gebaseerde benadering. Binne hierdie tesis word die twee benaderings
onder een dak gebring, naamliks Java PathFinder. Die implentasie van beide
benaderings word bespreek en ge-evalueer om die omstandighede uit te wys
waarbinne elk beter sou vaar. Die nut van simboliese string uitvoering word
geïllustreer deur dit toe te pas in foutiewe regte wêreld voorbeelde.

Identiferoai:union.ndltd.org:netd.ac.za/oai:union.ndltd.org:sun/oai:scholar.sun.ac.za:10019.1/20335
Date03 1900
CreatorsRedelinghuys, Gideon
ContributorsVisser, W., Geldenhuys, J., Stellenbosch University. Faculty of Science. Dept. of Mathematical Sciences. Dept. of Computer Science.
PublisherStellenbosch : Stellenbosch University
Source SetsSouth African National ETD Portal
Languageen_ZA
Detected LanguageEnglish
TypeThesis
Format87 p.
RightsStellenbosch University

Page generated in 0.0027 seconds