{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2024,9,5]],"date-time":"2024-09-05T23:24:15Z","timestamp":1725578655783},"publisher-location":"Berlin, Heidelberg","reference-count":31,"publisher":"Springer Berlin Heidelberg","isbn-type":[{"type":"print","value":"9783642198601"},{"type":"electronic","value":"9783642198618"}],"license":[{"start":{"date-parts":[[2011,1,1]],"date-time":"2011-01-01T00:00:00Z","timestamp":1293840000000},"content-version":"unspecified","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2011]]},"DOI":"10.1007\/978-3-642-19861-8_8","type":"book-chapter","created":{"date-parts":[[2011,3,14]],"date-time":"2011-03-14T17:39:26Z","timestamp":1300124366000},"page":"124-143","source":"Crossref","is-referenced-by-count":6,"title":["Tainted Flow Analysis on e-SSA-Form Programs"],"prefix":"10.1007","author":[{"given":"Andrei","family":"Rimsa","sequence":"first","affiliation":[]},{"given":"Marcelo","family":"d\u2019Amorim","sequence":"additional","affiliation":[]},{"given":"Fernando Magno","family":"Quint\u00e3o Pereira","sequence":"additional","affiliation":[]}],"member":"297","reference":[{"key":"8_CR1","unstructured":"Ananian, S.: The Static Single Information Form. Master\u2019s thesis, MIT (September 1999)"},{"key":"8_CR2","doi-asserted-by":"publisher","DOI":"10.1017\/CBO9780511811432","volume-title":"Modern Compiler Implementation in Java","author":"A.W. Appel","year":"2002","unstructured":"Appel, A.W., Palsberg, J.: Modern Compiler Implementation in Java, 2nd edn. Cambridge University Press, Cambridge (2002)","edition":"2"},{"key":"8_CR3","unstructured":"Biggar, P.: Design and Implementation of an Ahead-of-Time Compiler for PHP. Ph.D. thesis. Trinity College, Dublin (2009)"},{"key":"8_CR4","doi-asserted-by":"crossref","first-page":"1916","DOI":"10.1145\/1529282.1529709","volume-title":"SAC","author":"P. Biggar","year":"2009","unstructured":"Biggar, P., de Vries, E., Gregg, D.: A practical solution for scripting language compilers. In: SAC, pp. 1916\u20131923. ACM, New York (2009)"},{"key":"8_CR5","doi-asserted-by":"publisher","first-page":"321","DOI":"10.1145\/349299.349342","volume-title":"PLDI","author":"R. Bodik","year":"2000","unstructured":"Bodik, R., Gupta, R., Sarkar, V.: ABCD: eliminating array bounds checks on demand. In: PLDI, pp. 321\u2013333. ACM, New York (2000)"},{"key":"8_CR6","doi-asserted-by":"crossref","unstructured":"Choi, J.D., Cytron, R., Ferrante, J.: Automatic construction of sparse data flow evaluation graphs. In: POPL, pp. 55\u201366 (1991)","DOI":"10.1145\/99583.99594"},{"key":"8_CR7","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"253","DOI":"10.1007\/3-540-61053-7_66","volume-title":"Compiler Construction","author":"F.C. Chow","year":"1996","unstructured":"Chow, F.C., Chan, S., Liu, S.M., Lo, R., Streich, M.: Effective representation of aliases and indirect memory operations in SSA form. In: Gyim\u00f3thy, T. (ed.) CC 1996. LNCS, vol.\u00a01060, pp. 253\u2013267. Springer, Heidelberg (1996)"},{"key":"8_CR8","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1007\/3-540-44898-5_1","volume-title":"Static Analysis","author":"A.S. Christensen","year":"2003","unstructured":"Christensen, A.S., M\u00f8ller, A., Schwartzbach, M.I.: Precise analysis of string expressions. In: Cousot, R. (ed.) SAS 2003. LNCS, vol.\u00a02694, pp. 1\u201318. Springer, Heidelberg (2003)"},{"key":"8_CR9","doi-asserted-by":"publisher","first-page":"50","DOI":"10.1145\/1542476.1542483","volume-title":"PLDI","author":"R. Chugh","year":"2009","unstructured":"Chugh, R., Meister, J.A., Jhala, R., Lerner, S.: Staged information flow for javascript. In: PLDI, pp. 50\u201362. ACM, New York (2009)"},{"issue":"4","key":"8_CR10","doi-asserted-by":"publisher","first-page":"451","DOI":"10.1145\/115372.115320","volume":"13","author":"R. Cytron","year":"1991","unstructured":"Cytron, R., Ferrante, J., Rosen, B.K., Wegman, M.N., Zadeck, F.K.: Efficiently computing static single assignment form and the control dependence graph. TOPLAS\u00a013(4), 451\u2013490 (1991)","journal-title":"TOPLAS"},{"key":"8_CR11","first-page":"1","volume-title":"PLDI","author":"J.S. Foster","year":"2002","unstructured":"Foster, J.S., Terauchi, T., Aiken, A.: Flow-sensitive type qualifiers. In: PLDI, pp. 1\u201312. ACM, New York (2002)"},{"key":"8_CR12","first-page":"1","volume-title":"ISSSE","author":"C. Hammer","year":"2006","unstructured":"Hammer, C., Krinke, J., Snelting, G.: Information flow control for java based on path conditions in dependence graphs. In: ISSSE, pp. 1\u201310. IEEE, Los Alamitos (2006)"},{"key":"8_CR13","first-page":"258","volume-title":"S&P","author":"N. Jovanovic","year":"2006","unstructured":"Jovanovic, N., Kruegel, C., Kirda, E.: Pixy: A static analysis tool for detecting web application vulnerabilities (short paper). In: S&P, pp. 258\u2013263. IEEE, Los Alamitos (2006)"},{"key":"8_CR14","doi-asserted-by":"crossref","first-page":"27","DOI":"10.1145\/1134744.1134751","volume-title":"PLAS","author":"N. Jovanovic","year":"2006","unstructured":"Jovanovic, N., Kruegel, C., Kirda, E.: Precise alias analysis for static detection of web application vulnerabilities. In: PLAS, pp. 27\u201336. ACM, New York (2006)"},{"issue":"1","key":"8_CR15","doi-asserted-by":"publisher","first-page":"121","DOI":"10.1145\/357062.357071","volume":"1","author":"T. Lengauer","year":"1979","unstructured":"Lengauer, T., Tarjan, R.E.: A fast algorithm for finding dominators in a flowgraph. TOPLAS\u00a01(1), 121\u2013141 (1979)","journal-title":"TOPLAS"},{"issue":"6","key":"8_CR16","doi-asserted-by":"publisher","first-page":"557","DOI":"10.1017\/S0956796897002906","volume":"7","author":"P. \u00d8rb\u00e6k","year":"1997","unstructured":"\u00d8rb\u00e6k, P., Palsberg, J.: Trust in the \u03bb-calculus. Journal of Functional Programming\u00a07(6), 557\u2013591 (1997)","journal-title":"Journal of Functional Programming"},{"issue":"2","key":"8_CR17","doi-asserted-by":"publisher","first-page":"198","DOI":"10.1006\/inco.1995.1168","volume":"123","author":"J. Palsberg","year":"1995","unstructured":"Palsberg, J.: Efficient inference of object types. Inf. Comput.\u00a0123(2), 198\u2013209 (1995)","journal-title":"Inf. Comput."},{"key":"8_CR18","unstructured":"Pioli, A., Burke, M., Hind, M.: Conditional pointer aliasing and constant propagation. Tech. Rep. 99-102, SUNY at New Paltz (1999)"},{"key":"8_CR19","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"362","DOI":"10.1007\/11531142_16","volume-title":"ECOOP 2005 - Object-Oriented Programming","author":"M. Pistoia","year":"2005","unstructured":"Pistoia, M., Flynn, R.J., Koved, L., Sreedhar, V.C.: Interprocedural analysis for privileged code placement and tainted variable detection. In: Gao, X.-X. (ed.) ECOOP 2005. LNCS, vol.\u00a03586, pp. 362\u2013386. Springer, Heidelberg (2005)"},{"key":"8_CR20","first-page":"49","volume-title":"POPL","author":"T. Reps","year":"1995","unstructured":"Reps, T., Horwitz, S., Sagiv, M.: Precise interprocedural dataflow analysis via graph reachability. In: POPL, pp. 49\u201361. ACM, New York (1995)"},{"key":"8_CR21","unstructured":"Rimsa, A.: Efficient detection of tainted flow vulnerabilities. Master\u2019s thesis, Federal University of Minas Gerais (UFMG) (December 2010)"},{"key":"8_CR22","unstructured":"Rimsa, A.A., d\u2019Amorim, M., Pereira, F.M.Q.: Efficient static checker for tainted variable attacks. In: SBLP. SBC (2010)"},{"key":"8_CR23","doi-asserted-by":"crossref","unstructured":"Scholz, B., Zhang, C., Cifuentes, C.: User-input dependence analysis via graph reachability. Tech. rep., Sun Microsystems, Inc. (2008)","DOI":"10.1109\/SCAM.2008.22"},{"key":"8_CR24","doi-asserted-by":"publisher","first-page":"771","DOI":"10.1109\/TKDE.2003.1208998","volume":"15","author":"D. Scott","year":"2003","unstructured":"Scott, D., Sharp, R.: Specifying and enforcing application-level web security policies. Trans. on Knowl. and Data Eng.\u00a015, 771\u2013783 (2003)","journal-title":"Trans. on Knowl. and Data Eng."},{"key":"8_CR25","unstructured":"Singer, J.: Static Program Analysis Based on Virtual Register Renaming. Ph.D. thesis, University of Cambridge (2006)"},{"key":"8_CR26","first-page":"112","volume-title":"PLDI","author":"M. Sridharan","year":"2007","unstructured":"Sridharan, M., Fink, S.J., Bodik, R.: Thin slicing. In: PLDI, pp. 112\u2013122. ACM, New York (2007)"},{"key":"8_CR27","unstructured":"Tavares, A.L.C., Pereira, F.M.Q., Bigonha, M.A.S., Bigonha, R.: Efficient SSI conversion. In: Brazilian Symposium on Programming Languages (SBLP), pp. 1\u201314 (2010)"},{"key":"8_CR28","doi-asserted-by":"publisher","first-page":"87","DOI":"10.1145\/1542476.1542486","volume-title":"PLDI","author":"O. Tripp","year":"2009","unstructured":"Tripp, O., Pistoia, M., Fink, S., Sridharan, M., Weisman, O.: TAJ: Effective taint analysis of web applications. In: PLDI, pp. 87\u201397. ACM, New York (2009)"},{"key":"8_CR29","first-page":"32","volume-title":"PLDI","author":"G. Wassermann","year":"2007","unstructured":"Wassermann, G., Su, Z.: Sound and precise analysis of web applications for injection vulnerabilities. In: PLDI, pp. 32\u201341. ACM, New York (2007)"},{"key":"8_CR30","first-page":"439","volume-title":"ICSE","author":"M. Weiser","year":"1981","unstructured":"Weiser, M.: Program slicing. In: ICSE, pp. 439\u2013449. IEEE, Los Alamitos (1981)"},{"key":"8_CR31","unstructured":"Xie, Y., Aiken, A.: Static detection of security vulnerabilities in scripting languages. In: USENIX-SS. USENIX Association (2006)"}],"container-title":["Lecture Notes in Computer Science","Compiler Construction"],"original-title":[],"link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-642-19861-8_8","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2023,6,5]],"date-time":"2023-06-05T18:42:18Z","timestamp":1685990538000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/978-3-642-19861-8_8"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2011]]},"ISBN":["9783642198601","9783642198618"],"references-count":31,"URL":"https:\/\/doi.org\/10.1007\/978-3-642-19861-8_8","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"type":"print","value":"0302-9743"},{"type":"electronic","value":"1611-3349"}],"subject":[],"published":{"date-parts":[[2011]]}}}