{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,2,27]],"date-time":"2026-02-27T03:44:46Z","timestamp":1772163886268,"version":"3.50.1"},"publisher-location":"New York, NY, USA","reference-count":61,"publisher":"ACM","license":[{"start":{"date-parts":[[2005,10,12]],"date-time":"2005-10-12T00:00:00Z","timestamp":1129075200000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2005,10,12]]},"DOI":"10.1145\/1094811.1094840","type":"proceedings-article","created":{"date-parts":[[2005,11,7]],"date-time":"2005-11-07T12:34:39Z","timestamp":1131366879000},"page":"365-383","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":214,"title":["Finding application errors and security flaws using PQL"],"prefix":"10.1145","author":[{"given":"Michael","family":"Martin","sequence":"first","affiliation":[{"name":"Stanford University"}]},{"given":"Benjamin","family":"Livshits","sequence":"additional","affiliation":[{"name":"Stanford University"}]},{"given":"Monica S.","family":"Lam","sequence":"additional","affiliation":[{"name":"Stanford University"}]}],"member":"320","published-online":{"date-parts":[[2005,10,12]]},"reference":[{"key":"e_1_3_2_1_1_1","volume-title":"Compilers: Principles, Techniques, and Tools","author":"Aho A. V.","year":"1988","unstructured":"A. V. Aho , R. Sethi , and J. D. Ullman . Compilers: Principles, Techniques, and Tools . Addison-Wesley , 1988 . A. V. Aho, R. Sethi, and J. D. Ullman. Compilers: Principles, Techniques, and Tools. Addison-Wesley, 1988."},{"key":"e_1_3_2_1_2_1","doi-asserted-by":"publisher","DOI":"10.1145\/1094811.1094839"},{"key":"e_1_3_2_1_3_1","doi-asserted-by":"publisher","DOI":"10.1145\/1040305.1040314"},{"key":"e_1_3_2_1_4_1","doi-asserted-by":"publisher","DOI":"10.1145\/503272.503275"},{"key":"e_1_3_2_1_5_1","volume-title":"Advanced SQL Injection in SQL Server Applications","author":"Anley C.","year":"2002","unstructured":"C. Anley . Advanced SQL Injection in SQL Server Applications , 2002 . C. Anley. Advanced SQL Injection in SQL Server Applications, 2002."},{"key":"e_1_3_2_1_6_1","doi-asserted-by":"publisher","DOI":"10.5555\/313651.313816"},{"key":"e_1_3_2_1_7_1","doi-asserted-by":"publisher","DOI":"10.1145\/508386.508396"},{"key":"e_1_3_2_1_9_1","doi-asserted-by":"publisher","DOI":"10.1145\/68210.69217"},{"key":"e_1_3_2_1_10_1","doi-asserted-by":"publisher","DOI":"10.1002\/(SICI)1097-024X(200006)30:7%3C775::AID-SPE309%3E3.0.CO;2-H"},{"key":"e_1_3_2_1_11_1","doi-asserted-by":"publisher","DOI":"10.1145\/337180.337234"},{"key":"e_1_3_2_1_12_1","first-page":"205","volume-title":"Robby. A Language Framework for Expressing Checkable Properties of Dynamic Software. In SPIN '00: Proceedings of the 7th SPIN Workshop","author":"Corbett J. C.","year":"2000","unstructured":"J. C. Corbett , M. B. Dwyer , J. Hatcliff , and Robby. A Language Framework for Expressing Checkable Properties of Dynamic Software. In SPIN '00: Proceedings of the 7th SPIN Workshop , pages 205 -- 223 , 2000 . J. C. Corbett, M. B. Dwyer, J. Hatcliff, and Robby. A Language Framework for Expressing Checkable Properties of Dynamic Software. In SPIN '00: Proceedings of the 7th SPIN Workshop, pages 205--223, 2000."},{"key":"e_1_3_2_1_13_1","first-page":"229","volume-title":"ASTLOG: A Language for Examining Abstract Syntax Trees. In Proceedings of the USENIX Conference on Domain-Specific Languages","author":"Crew R. F.","year":"1997","unstructured":"R. F. Crew . ASTLOG: A Language for Examining Abstract Syntax Trees. In Proceedings of the USENIX Conference on Domain-Specific Languages , pages 229 -- 242 , 1997 . R. F. Crew. ASTLOG: A Language for Examining Abstract Syntax Trees. In Proceedings of the USENIX Conference on Domain-Specific Languages, pages 229--242, 1997."},{"key":"e_1_3_2_1_14_1","volume-title":"COAST","author":"Du W.","year":"1998","unstructured":"W. Du and A. P. Mathur . Vulnerability Testing of Software System Using Fault Injection. Technical report , COAST , Purdue University , West Lafayette, IN , US, April 1998 . W. Du and A. P. Mathur. Vulnerability Testing of Software System Using Fault Injection. Technical report, COAST, Purdue University, West Lafayette, IN, US, April 1998."},{"key":"e_1_3_2_1_15_1","first-page":"603","volume-title":"Proceedings of the International Conference on Dependable Systems and Networks (DSN 2000), Workshop On Dependability Versus Malicious Faults","author":"Du W.","year":"2000","unstructured":"W. Du and A. P. Mathur . Testing for Software Vulnerability Using Environment Perturbation . In Proceedings of the International Conference on Dependable Systems and Networks (DSN 2000), Workshop On Dependability Versus Malicious Faults , pages 603 -- 612 , New York City, NY , June 2000 . W. Du and A. P. Mathur. Testing for Software Vulnerability Using Environment Perturbation. In Proceedings of the International Conference on Dependable Systems and Networks (DSN 2000), Workshop On Dependability Versus Malicious Faults, pages 603--612, New York City, NY, June 2000."},{"key":"e_1_3_2_1_16_1","doi-asserted-by":"publisher","DOI":"10.1145\/337180.337240"},{"key":"e_1_3_2_1_17_1","doi-asserted-by":"publisher","DOI":"10.1145\/1094811.1094841"},{"key":"e_1_3_2_1_18_1","doi-asserted-by":"publisher","DOI":"10.1145\/512529.512539"},{"key":"e_1_3_2_1_19_1","first-page":"125","volume-title":"Proceedings of the Winter USENIX Conference","author":"Hastings R.","year":"1992","unstructured":"R. Hastings and B. Joyce . Purify: Fast Detection of Memory Leaks and Access Errors . In Proceedings of the Winter USENIX Conference , pages 125 -- 136 , December 1992 . R. Hastings and B. Joyce. Purify: Fast Detection of Memory Leaks and Access Errors. In Proceedings of the Winter USENIX Conference, pages 125--136, December 1992."},{"key":"e_1_3_2_1_20_1","doi-asserted-by":"publisher","DOI":"10.1145\/781131.781150"},{"key":"e_1_3_2_1_21_1","doi-asserted-by":"publisher","DOI":"10.1109\/32.588521"},{"key":"e_1_3_2_1_22_1","doi-asserted-by":"publisher","DOI":"10.1145\/1028664.1028717"},{"key":"e_1_3_2_1_23_1","doi-asserted-by":"publisher","DOI":"10.1145\/988672.988679"},{"key":"e_1_3_2_1_24_1","doi-asserted-by":"publisher","DOI":"10.1145\/643603.643622"},{"key":"e_1_3_2_1_25_1","doi-asserted-by":"publisher","DOI":"10.5555\/646158.680006"},{"key":"e_1_3_2_1_26_1","unstructured":"A. Klein. Divide and Conquer: HTTP Response Splitting Web Cache Poisoning Attacks and Related Topics. http:\/\/www.packetstormsecurity.org\/papers\/general\/whitepaper httpresponse.pdf 2004.  A. Klein. Divide and Conquer: HTTP Response Splitting Web Cache Poisoning Attacks and Related Topics. http:\/\/www.packetstormsecurity.org\/papers\/general\/whitepaper httpresponse.pdf 2004."},{"key":"e_1_3_2_1_27_1","volume-title":"An Introduction to SQL Injection Attacks for Oracle Developers","author":"Kost S.","year":"2004","unstructured":"S. Kost . An Introduction to SQL Injection Attacks for Oracle Developers , 2004 . S. Kost. An Introduction to SQL Injection Attacks for Oracle Developers, 2004."},{"key":"e_1_3_2_1_28_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-540-45070-2_13"},{"key":"e_1_3_2_1_29_1","doi-asserted-by":"publisher","DOI":"10.1145\/263698.263752"},{"key":"e_1_3_2_1_30_1","doi-asserted-by":"publisher","DOI":"10.1145\/1040305.1040335"},{"key":"e_1_3_2_1_31_1","doi-asserted-by":"publisher","DOI":"10.1145\/996841.996868"},{"key":"e_1_3_2_1_32_1","doi-asserted-by":"publisher","DOI":"10.1145\/1081706.1081754"},{"key":"e_1_3_2_1_33_1","volume-title":"Proceedings of the 14th Usenix Security Symposium","author":"Livshits V. B.","year":"2005","unstructured":"V. B. Livshits and M. S. Lam . Finding Security Errors in Java Programs with Static Analysis . In Proceedings of the 14th Usenix Security Symposium , Aug. 2005 . V. B. Livshits and M. S. Lam. Finding Security Errors in Java Programs with Static Analysis. In Proceedings of the 14th Usenix Security Symposium, Aug. 2005."},{"key":"e_1_3_2_1_34_1","unstructured":"Q. H. Mahmoud. Password Masking in the Java Programming Language. http:\/\/java.sun.com\/developer\/technicalArticles\/Security\/pwordmask\/ July 2004.  Q. H. Mahmoud. Password Masking in the Java Programming Language. http:\/\/java.sun.com\/developer\/technicalArticles\/Security\/pwordmask\/ July 2004."},{"key":"e_1_3_2_1_35_1","unstructured":"F.-M. S. mailing list. Vulnerability Scanner for SQL injection. http:\/\/www.derkeiler.com\/Mailing-Lists\/securityfocus\/focus-ms\/2003-09\/0110.html 2003.  F.-M. S. mailing list. Vulnerability Scanner for SQL injection. http:\/\/www.derkeiler.com\/Mailing-Lists\/securityfocus\/focus-ms\/2003-09\/0110.html 2003."},{"key":"e_1_3_2_1_36_1","first-page":"105","volume-title":"Dataflow Pointcut in Aspect-Oriented Programming. In APLAS'03 - the First Asian Symposium on Programming Languages and Systems","author":"Masuhara H.","year":"2003","unstructured":"H. Masuhara and K. Kawauchi . Dataflow Pointcut in Aspect-Oriented Programming. In APLAS'03 - the First Asian Symposium on Programming Languages and Systems , pages 105 -- 121 , 2003 . H. Masuhara and K. Kawauchi. Dataflow Pointcut in Aspect-Oriented Programming. In APLAS'03 - the First Asian Symposium on Programming Languages and Systems, pages 105--121, 2003."},{"key":"e_1_3_2_1_37_1","unstructured":"Netcontinuum Inc. Web Application Firewall: How NetContinuum Stops the 21 Classes of Web Application Threats. http:\/\/www.netcontinuum.com\/products\/whitePapers\/getPDF.cfm?n=NC WhitePaper WebFirewall.pdf 2004.  Netcontinuum Inc. Web Application Firewall: How NetContinuum Stops the 21 Classes of Web Application Threats. http:\/\/www.netcontinuum.com\/products\/whitePapers\/getPDF.cfm?n=NC WhitePaper WebFirewall.pdf 2004."},{"key":"e_1_3_2_1_38_1","volume-title":"Electronic Notes in Theoretical Computer Science","author":"Nethercote N.","year":"2003","unstructured":"N. Nethercote and A. Mycroft . Redux: A Dynamic Dataflow Tracer . In O. Sokolsky and M. Viswanathan, editors, Electronic Notes in Theoretical Computer Science , volume 89 . Elsevier , 2003 . N. Nethercote and A. Mycroft. Redux: A Dynamic Dataflow Tracer. In O. Sokolsky and M. Viswanathan, editors, Electronic Notes in Theoretical Computer Science, volume 89. Elsevier, 2003."},{"key":"e_1_3_2_1_39_1","volume-title":"Electronic Notes in Theoretical Computer Science","author":"Nethercote N.","year":"2003","unstructured":"N. Nethercote and J. Seward . Valgrind: A Program Supervision Framework . In O. Sokolsky and M. Viswanathan, editors, Electronic Notes in Theoretical Computer Science , volume 89 . Elsevier , 2003 . N. Nethercote and J. Seward. Valgrind: A Program Supervision Framework. In O. Sokolsky and M. Viswanathan, editors, Electronic Notes in Theoretical Computer Science, volume 89. Elsevier, 2003."},{"key":"e_1_3_2_1_40_1","doi-asserted-by":"publisher","DOI":"10.1007\/0-387-25660-1_20"},{"key":"e_1_3_2_1_41_1","volume-title":"SWT : The Standard Widget Toolkit","author":"Northover S.","year":"2004","unstructured":"S. Northover and M. Wilson . SWT : The Standard Widget Toolkit , Volume 1 . Addison-Wesley Professional , 2004 . S. Northover and M. Wilson. SWT : The Standard Widget Toolkit, Volume 1. Addison-Wesley Professional, 2004."},{"key":"e_1_3_2_1_42_1","doi-asserted-by":"publisher","DOI":"10.1002\/spe.4380210207"},{"key":"e_1_3_2_1_43_1","volume-title":"Reflection 2001: Meta-level Architectures and Separation of Crosscutting Concerns","author":"Orleans D.","year":"2001","unstructured":"D. Orleans and K. Lieberherr . DJ: Dynamic Adaptive Programming in Java . In Reflection 2001: Meta-level Architectures and Separation of Crosscutting Concerns , Kyoto, Japan, September 2001 . Springer Verlag . 8 pages. D. Orleans and K. Lieberherr. DJ: Dynamic Adaptive Programming in Java. In Reflection 2001: Meta-level Architectures and Separation of Crosscutting Concerns , Kyoto, Japan, September 2001. Springer Verlag. 8 pages."},{"key":"e_1_3_2_1_44_1","volume-title":"Ten Most Critical Web Application Security Vulnerabilities","author":"OWASP.","year":"2004","unstructured":"OWASP. Ten Most Critical Web Application Security Vulnerabilities , 2004 . OWASP. Ten Most Critical Web Application Security Vulnerabilities, 2004."},{"key":"e_1_3_2_1_45_1","doi-asserted-by":"publisher","DOI":"10.1145\/1007512.1007545"},{"key":"e_1_3_2_1_46_1","doi-asserted-by":"publisher","DOI":"10.1145\/265924.265927"},{"key":"e_1_3_2_1_47_1","volume-title":"Object-Oriented and Classical Software Engineering","author":"Schach S. R.","year":"2004","unstructured":"S. R. Schach . Object-Oriented and Classical Software Engineering . McGraw-Hill Science\/Engineering\/Math , 2004 . S. R. Schach. Object-Oriented and Classical Software Engineering. McGraw-Hill Science\/Engineering\/Math, 2004."},{"key":"e_1_3_2_1_48_1","volume-title":"Blackhat Europe","author":"Schonefeld M.","year":"2003","unstructured":"M. Schonefeld . Hunting Flaws in JDK . In Blackhat Europe , 2003 . M. Schonefeld. Hunting Flaws in JDK. In Blackhat Europe, 2003."},{"key":"e_1_3_2_1_49_1","unstructured":"http:\/\/patterns.projects.cis.ksu.edu\/.  http:\/\/patterns.projects.cis.ksu.edu\/."},{"key":"e_1_3_2_1_50_1","unstructured":"K. Spett. Cross-Site Scripting: Are Your Web Applications Vulnerable. http:\/\/www.spidynamics.com\/support\/whitepapers\/SPIcross-sitescripting.pdf 2002.  K. Spett. Cross-Site Scripting: Are Your Web Applications Vulnerable. http:\/\/www.spidynamics.com\/support\/whitepapers\/SPIcross-sitescripting.pdf 2002."},{"key":"e_1_3_2_1_51_1","volume-title":"Manning Publications Co","author":"Tate B. A.","year":"2002","unstructured":"B. A. Tate . Bitter Java . Manning Publications Co ., 2002 . B. A. Tate. Bitter Java. Manning Publications Co., 2002."},{"key":"e_1_3_2_1_52_1","volume-title":"April","author":"Vernon M.","year":"2004","unstructured":"M. Vernon . Top Five Threats. ComputerWeekly.com (http:\/\/www.computerweekly.com\/Article129980.htm) , April 2004 . M. Vernon. Top Five Threats. ComputerWeekly.com (http:\/\/www.computerweekly.com\/Article129980.htm), April 2004."},{"key":"e_1_3_2_1_53_1","volume-title":"Software Fault Injection: Innoculating Programs Against Errors","author":"Voas J.","year":"1997","unstructured":"J. Voas and G. McGraw . Software Fault Injection: Innoculating Programs Against Errors . John Wiley and Sons , 1997 . J. Voas and G. McGraw. Software Fault Injection: Innoculating Programs Against Errors. John Wiley and Sons, 1997."},{"key":"e_1_3_2_1_54_1","first-page":"3","volume-title":"Proceedings of Network and Distributed Systems Security Symposium","author":"Wagner D.","year":"2000","unstructured":"D. Wagner , J. Foster , E. Brewer , and A. Aiken . A First Step Towards Automated Detection of Buffer Overrun Vulnerabilities . In Proceedings of Network and Distributed Systems Security Symposium , pages 3 -- 17 , 2000 . D. Wagner, J. Foster, E. Brewer, and A. Aiken. A First Step Towards Automated Detection of Buffer Overrun Vulnerabilities. In Proceedings of Network and Distributed Systems Security Symposium, pages 3--17, 2000."},{"key":"e_1_3_2_1_55_1","doi-asserted-by":"publisher","DOI":"10.1145\/1029894.1029918"},{"key":"e_1_3_2_1_56_1","volume-title":"http:\/\/www.webappsec.org\/tc\/WASC-TC-v1 0.pdf","author":"Web Application Security Consortium","year":"2004","unstructured":"Web Application Security Consortium . Threat Classification . http:\/\/www.webappsec.org\/tc\/WASC-TC-v1 0.pdf , 2004 . Web Application Security Consortium. Threat Classification. http:\/\/www.webappsec.org\/tc\/WASC-TC-v1 0.pdf, 2004."},{"key":"e_1_3_2_1_57_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-540-31980-1_30"},{"key":"e_1_3_2_1_58_1","doi-asserted-by":"publisher","DOI":"10.1145\/1028976.1029011"},{"key":"e_1_3_2_1_59_1","doi-asserted-by":"publisher","DOI":"10.1145\/996841.996859"},{"key":"e_1_3_2_1_60_1","doi-asserted-by":"publisher","DOI":"10.1145\/566172.566212"},{"key":"e_1_3_2_1_61_1","volume-title":"How to Break Software Security","author":"Whittaker J. A.","year":"2003","unstructured":"J. A. Whittaker and H. H. Thompson . How to Break Software Security . Addison Wesley , 2003 . J. A. Whittaker and H. H. Thompson. How to Break Software Security. Addison Wesley, 2003."},{"key":"e_1_3_2_1_62_1","doi-asserted-by":"publisher","DOI":"10.1145\/1040305.1040334"}],"event":{"name":"OOPSLA05: ACM SIGPLAN Object Oriented Programming Systems and Applications Conference","location":"San Diego CA USA","acronym":"OOPSLA05","sponsor":["SIGPLAN ACM Special Interest Group on Programming Languages","ACM Association for Computing Machinery"]},"container-title":["Proceedings of the 20th annual ACM SIGPLAN conference on Object-oriented programming, systems, languages, and applications"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/1094811.1094840","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/1094811.1094840","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,18]],"date-time":"2025-06-18T12:08:09Z","timestamp":1750248489000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/1094811.1094840"}},"subtitle":["a program query language"],"short-title":[],"issued":{"date-parts":[[2005,10,12]]},"references-count":61,"alternative-id":["10.1145\/1094811.1094840","10.1145\/1094811"],"URL":"https:\/\/doi.org\/10.1145\/1094811.1094840","relation":{"is-identical-to":[{"id-type":"doi","id":"10.1145\/1103845.1094840","asserted-by":"object"}]},"subject":[],"published":{"date-parts":[[2005,10,12]]},"assertion":[{"value":"2005-10-12","order":2,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}