{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,7,1]],"date-time":"2026-07-01T04:00:36Z","timestamp":1782878436885,"version":"3.54.5"},"publisher-location":"New York, NY, USA","reference-count":59,"publisher":"ACM","funder":[{"DOI":"10.13039\/501100000781","name":"European Research Council","doi-asserted-by":"publisher","award":["850868"],"award-info":[{"award-number":["850868"]}],"id":[{"id":"10.13039\/501100000781","id-type":"DOI","asserted-by":"publisher"}]},{"name":"SNSF","award":["186794"],"award-info":[{"award-number":["186794"]}]},{"name":"FFG","award":["888338"],"award-info":[{"award-number":["888338"]}]}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2025,8,25]]},"DOI":"10.1145\/3708821.3710818","type":"proceedings-article","created":{"date-parts":[[2025,8,13]],"date-time":"2025-08-13T06:33:18Z","timestamp":1755066798000},"page":"1772-1787","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":2,"title":["REFLECTA: Reflection-based Scalable and Semantic Scripting Language Fuzzing"],"prefix":"10.1145","author":[{"ORCID":"https:\/\/orcid.org\/0009-0003-7367-2131","authenticated-orcid":false,"given":"Chibin","family":"Zhang","sequence":"first","affiliation":[{"name":"EPFL, Lausanne, Switzerland"}],"role":[{"vocabulary":"crossref","role":"author"}]},{"ORCID":"https:\/\/orcid.org\/0009-0006-6464-355X","authenticated-orcid":false,"given":"Gwangmu","family":"Lee","sequence":"additional","affiliation":[{"name":"EPFL, Lausanne, Switzerland"}],"role":[{"vocabulary":"crossref","role":"author"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-5865-6227","authenticated-orcid":false,"given":"Qiang","family":"Liu","sequence":"additional","affiliation":[{"name":"EPFL, Lausanne, Switzerland"}],"role":[{"vocabulary":"crossref","role":"author"}]},{"ORCID":"https:\/\/orcid.org\/0000-0001-5054-7547","authenticated-orcid":false,"given":"Mathias","family":"Payer","sequence":"additional","affiliation":[{"name":"EPFL, Lausanne, Switzerland"}],"role":[{"vocabulary":"crossref","role":"author"}]}],"member":"320","published-online":{"date-parts":[[2025,8,24]]},"reference":[{"key":"e_1_3_3_2_2_2","unstructured":"[n. d.]. Heap hardening Issue 14083 php\/php-src \u2014 github.com. https:\/\/github.com\/php\/php-src\/issues\/14083. [Accessed 19-12-2024]."},{"key":"e_1_3_3_2_3_2","unstructured":"2019. PHP Remote Code Execution Vulnerability (CVE-2019-11043). https:\/\/blog.qualys.com\/product-tech\/2019\/10\/30\/php-remote-code-execution-vulnerability-cve-2019-11043."},{"key":"e_1_3_3_2_4_2","unstructured":"2023. Antlr\/Grammars-v4: Grammars Written for ANTLR v4; Expectation That the Grammars Are Free of Actions. https:\/\/github.com\/antlr\/grammars-v4."},{"key":"e_1_3_3_2_5_2","unstructured":"2023. ECMA-262."},{"key":"e_1_3_3_2_6_2","unstructured":"2023. HHVM. http:\/\/hhvm.com\/."},{"key":"e_1_3_3_2_7_2","unstructured":"2023. LCOV - Unix_coverage_v1.21.0-199-Gcc8fc450a.Info. https:\/\/micropython.org\/resources\/code-coverage\/."},{"key":"e_1_3_3_2_8_2","unstructured":"2023. libFuzzer \u2013 a Library for Coverage-Guided Fuzz Testing. \u2014 LLVM 17.0.0git Documentation. https:\/\/llvm.org\/docs\/LibFuzzer.html."},{"key":"e_1_3_3_2_9_2","unstructured":"2023. Memory Error in Calendar.Isleap \u00b7 Issue #103687 \u00b7 Python\/Cpython. https:\/\/github.com\/python\/cpython\/issues\/103687."},{"key":"e_1_3_3_2_10_2","unstructured":"2023. Mruby. https:\/\/mruby.org\/."},{"key":"e_1_3_3_2_11_2","unstructured":"2023. OSS-Fuzz: Continuous Fuzzing for Open Source Software. Google."},{"key":"e_1_3_3_2_12_2","unstructured":"2023. PHP: Hypertext Preprocessor. https:\/\/www.php.net\/index.php."},{"key":"e_1_3_3_2_13_2","unstructured":"2023. PyRTFuzz\/Apispec\/PySpec\/StcSpec\/Pyspec\/Apispec_openai_generator.Py at Master \u00b7 Awen-Li\/PyRTFuzz. \"https:\/\/github.com\/awen-li\/PyRTFuzz\/blob\/master\/apispec\/PySpec\/StcSpec\/pyspec\/apispec_openai_generator.py\"."},{"key":"e_1_3_3_2_14_2","unstructured":"2023. RecursionError in Pyclbr.Readmodule_ex \u00b7 Issue #103864 \u00b7 Python\/Cpython. https:\/\/github.com\/python\/cpython\/issues\/103864."},{"key":"e_1_3_3_2_15_2","unstructured":"2023. Reflective Programming. Wikipedia (Jan. 2023)."},{"key":"e_1_3_3_2_16_2","unstructured":"2023. Ruby Programming Language. https:\/\/www.ruby-lang.org\/en\/."},{"key":"e_1_3_3_2_17_2","unstructured":"2023. SanitizerCoverage \u2014 Clang 18.0.0git Documentation. https:\/\/clang.llvm.org\/docs\/SanitizerCoverage.html."},{"key":"e_1_3_3_2_18_2","unstructured":"2023. Stack Overflow Developer Survey 2023. https:\/\/survey.stackoverflow.co\/2023\/?utm_source=social-share&utm_medium=social&utm_campaign=dev-survey-2023."},{"key":"e_1_3_3_2_19_2","unstructured":"2023. Welcome to Python.Org. https:\/\/www.python.org\/."},{"key":"e_1_3_3_2_20_2","unstructured":"2024. MicroPython - Python for Microcontrollers. http:\/\/micropython.org\/."},{"key":"e_1_3_3_2_21_2","unstructured":"2024. Nginx\/Njs. nginx."},{"key":"e_1_3_3_2_22_2","doi-asserted-by":"publisher","DOI":"10.14722\/ndss.2019.23412"},{"key":"e_1_3_3_2_23_2","doi-asserted-by":"publisher","DOI":"10.1145\/3062341.3062349"},{"key":"e_1_3_3_2_24_2","doi-asserted-by":"publisher","DOI":"10.1145\/3548606.3560624"},{"key":"e_1_3_3_2_25_2","series-title":"(Security\u201919)","first-page":"1985","volume-title":"28th USENIX Security Symposium","author":"Blazytko Tim","year":"2019","unstructured":"Tim Blazytko, Cornelius Aschermann, Moritz Schl\u00f6gel, Ali Abbasi, Sergej Schumilo, Simon W\u00f6rner, and Thorsten Holz. 2019. GRIMOIRE: Synthesizing Structure While Fuzzing. In 28th USENIX Security Symposium(Security\u201919). 1985\u20132002."},{"key":"e_1_3_3_2_26_2","doi-asserted-by":"publisher","unstructured":"Marcel B\u00f6hme Van-Thuan Pham and Abhik Roychoudhury. 2019. Coverage-Based Greybox Fuzzing as Markov Chain. IEEE Transactions on Software Engineering 45 5 (May 2019) 489\u2013506. 10.1109\/TSE.2017.2785841","DOI":"10.1109\/TSE.2017.2785841"},{"key":"e_1_3_3_2_27_2","doi-asserted-by":"publisher","unstructured":"Peng Chen Yuxuan Xie Yunlong Lyu Yuxiao Wang and Hao Chen. 2023. HOPPER: Interpretative Fuzzing for Libraries. 10.48550\/arXiv.2309.03496 arxiv:https:\/\/arXiv.org\/abs\/2309.03496\u00a0[cs]","DOI":"10.48550\/arXiv.2309.03496"},{"key":"e_1_3_3_2_28_2","doi-asserted-by":"publisher","unstructured":"T.\u00a0Y. Chen S.\u00a0C. Cheung and S.\u00a0M. Yiu. 2020. Metamorphic Testing: A New Approach for Generating Next Test Cases. 10.48550\/arXiv.2002.12543 arxiv:https:\/\/arXiv.org\/abs\/2002.12543\u00a0[cs]","DOI":"10.48550\/arXiv.2002.12543"},{"key":"e_1_3_3_2_29_2","doi-asserted-by":"publisher","DOI":"10.1145\/3460120.3484564"},{"key":"e_1_3_3_2_30_2","doi-asserted-by":"publisher","DOI":"10.1109\/SP40001.2021.00071"},{"key":"e_1_3_3_2_31_2","doi-asserted-by":"publisher","DOI":"10.1145\/3133956.3134069"},{"key":"e_1_3_3_2_32_2","unstructured":"Author eyalitkin. 2017. MRuby VM Escape \u2013 Step by Step."},{"key":"e_1_3_3_2_33_2","series-title":"(WOOT\u201920)","volume-title":"14th USENIX Workshop on Offensive Technologies","author":"Fioraldi Andrea","year":"2020","unstructured":"Andrea Fioraldi, Dominik Maier, Heiko Ei\u00dffeldt, and Marc Heuse. 2020. AFL++ : Combining Incremental Steps of Fuzzing Research. In 14th USENIX Workshop on Offensive Technologies(WOOT\u201920)."},{"key":"e_1_3_3_2_34_2","unstructured":"fuzz-evaluator. 2023. Artifact Evaluation: SoFi."},{"key":"e_1_3_3_2_35_2","series-title":"(NDSS\u201923)","volume-title":"30th Annual Network and Distributed System Security Symposium, NDSS 2023, San Diego, California, USA, February 27 - March 3, 2023","author":"Gro\u00df Samuel","year":"2023","unstructured":"Samuel Gro\u00df, Simon Koch, Lukas Bernhard, Thorsten Holz, and Martin Johns. 2023. FUZZILLI: Fuzzing for JavaScript JIT Compiler Vulnerabilities. In 30th Annual Network and Distributed System Security Symposium, NDSS 2023, San Diego, California, USA, February 27 - March 3, 2023(NDSS\u201923). The Internet Society."},{"key":"e_1_3_3_2_36_2","unstructured":"Choongwoo Han. 2023. Case Study of JavaScript Engine Vulnerabilities."},{"key":"e_1_3_3_2_37_2","doi-asserted-by":"publisher","DOI":"10.1145\/3133956.3134103"},{"key":"e_1_3_3_2_38_2","doi-asserted-by":"publisher","DOI":"10.14722\/ndss.2019.23263"},{"key":"e_1_3_3_2_39_2","doi-asserted-by":"publisher","DOI":"10.1145\/3460120.3484823"},{"key":"e_1_3_3_2_40_2","doi-asserted-by":"publisher","DOI":"10.1145\/2970276.2970321"},{"key":"e_1_3_3_2_41_2","series-title":"(Security\u201920)","first-page":"2271","volume-title":"29th USENIX Security Symposium","author":"Ispoglou Kyriakos","year":"2020","unstructured":"Kyriakos Ispoglou, Daniel Austin, Vishwath Mohan, and Mathias Payer. 2020. FuzzGen: Automatic Fuzzer Generation. In 29th USENIX Security Symposium(Security\u201920). 2271\u20132287."},{"key":"e_1_3_3_2_42_2","doi-asserted-by":"publisher","DOI":"10.1109\/SP46215.2023.10179394"},{"key":"e_1_3_3_2_43_2","unstructured":"Yuancheng Jiang Chuqi Zhang Bonan Ruan Jiahao Liu Manuel Rigger Roland Yap and Zhenkai Liang. 2024. Fuzzing the PHP Interpreter via Dataflow Fusion. arxiv:https:\/\/arXiv.org\/abs\/2410.21713\u00a0[cs.CR] https:\/\/arxiv.org\/abs\/2410.21713"},{"key":"e_1_3_3_2_44_2","doi-asserted-by":"publisher","DOI":"10.1145\/2814270.2814319"},{"key":"e_1_3_3_2_45_2","doi-asserted-by":"publisher","DOI":"10.1145\/3238147.3238176"},{"key":"e_1_3_3_2_46_2","doi-asserted-by":"publisher","DOI":"10.1145\/3576915.3623166"},{"key":"e_1_3_3_2_47_2","doi-asserted-by":"publisher","DOI":"10.1109\/SP40000.2020.00067"},{"key":"e_1_3_3_2_48_2","doi-asserted-by":"publisher","unstructured":"Van-Thuan Pham Marcel B\u00f6hme Andrew\u00a0E. Santosa Alexandru\u00a0R\u0103zvan C\u0103ciulescu and Abhik Roychoudhury. 2021. Smart Greybox Fuzzing. IEEE Transactions on Software Engineering 47 9 (Sept. 2021) 1980\u20131997. 10.1109\/TSE.2019.2941681","DOI":"10.1109\/TSE.2019.2941681"},{"key":"e_1_3_3_2_49_2","series-title":"(Security\u201921)","first-page":"2795","volume-title":"30th USENIX Security Symposium","author":"Salls Christopher","year":"2021","unstructured":"Christopher Salls, Chani Jindal, Jake Corina, Christopher Kruegel, and Giovanni Vigna. 2021. Token-Level Fuzzing. In 30th USENIX Security Symposium(Security\u201921). 2795\u20132809."},{"key":"e_1_3_3_2_50_2","series-title":"(ATC\u201912)","first-page":"309","volume-title":"2012 USENIX Annual Technical Conference","author":"Serebryany Konstantin","year":"2012","unstructured":"Konstantin Serebryany, Derek Bruening, Alexander Potapenko, and Dmitriy Vyukov. 2012. AddressSanitizer: A Fast Address Sanity Checker. In 2012 USENIX Annual Technical Conference(ATC\u201912). 309\u2013318."},{"key":"e_1_3_3_2_51_2","doi-asserted-by":"publisher","DOI":"10.1145\/3460319.3464814"},{"key":"e_1_3_3_2_52_2","doi-asserted-by":"publisher","DOI":"10.1145\/2983990.2984038"},{"key":"e_1_3_3_2_53_2","series-title":"(ATC\u201922)","first-page":"351","volume-title":"2022 USENIX Annual Technical Conference","author":"Sun Hao","year":"2022","unstructured":"Hao Sun, Yuheng Shen, Jianzhong Liu, Yiru Xu, and Yu Jiang. 2022. KSG: Augmenting Kernel Fuzzing with System Call Specification Generation. In 2022 USENIX Annual Technical Conference(ATC\u201922). 351\u2013366."},{"key":"e_1_3_3_2_54_2","doi-asserted-by":"publisher","DOI":"10.1109\/ICSE.2019.00081"},{"key":"e_1_3_3_2_55_2","unstructured":"Junjie Wang Zhiyi Zhang Shuang Liu Xiaoning Du and Junjie Chen. 2023. FuzzJIT: Oracle-Enhanced Fuzzing for JavaScript Engine JIT Compiler. (2023)."},{"key":"e_1_3_3_2_56_2","doi-asserted-by":"publisher","unstructured":"Xuejun Yang Yang Chen Eric Eide and John Regehr. 2011. Finding and Understanding Bugs in C Compilers. ACM SIGPLAN Notices 46 6 (June 2011) 283\u2013294. 10.1145\/1993316.1993532","DOI":"10.1145\/1993316.1993532"},{"key":"e_1_3_3_2_57_2","unstructured":"Qi\u00a0Deng Yiheng\u00a0An Haozhe\u00a0Zhang. [n. d.]. Vulnerabilities in LangChain Gen AI \u2014 unit42.paloaltonetworks.com. https:\/\/unit42.paloaltonetworks.com\/langchain-vulnerabilities\/. [Accessed 19-12-2024]."},{"key":"e_1_3_3_2_58_2","series-title":"(Security\u201920)","first-page":"2307","volume-title":"29th USENIX Security Symposium","author":"Yue Tai","year":"2020","unstructured":"Tai Yue, Pengfei Wang, Yong Tang, Enze Wang, Bo Yu, Kai Lu, and Xu Zhou. 2020. EcoFuzz: Adaptive Energy-Saving Greybox Fuzzing as a Variant of the Adversarial Multi-Armed Bandit. In 29th USENIX Security Symposium(Security\u201920). 2307\u20132324."},{"key":"e_1_3_3_2_59_2","unstructured":"Insu Yun Changwoo Min Xujie Si Yeongjin Jang Taesoo Kim and Mayur Naik. 2016. APISAN: Sanitizing API Usages through Semantic Cross-checking. (2016)."},{"key":"e_1_3_3_2_60_2","doi-asserted-by":"publisher","DOI":"10.1145\/3062341.3062379"}],"event":{"name":"ASIA CCS '25: 20th ACM Asia Conference on Computer and Communications Security","location":"Hanoi Vietnam","acronym":"ASIA CCS '25","sponsor":["SIGSAC ACM Special Interest Group on Security, Audit, and Control"]},"container-title":["Proceedings of the 20th ACM Asia Conference on Computer and Communications Security"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3708821.3710818","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,8,13]],"date-time":"2025-08-13T07:25:58Z","timestamp":1755069958000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3708821.3710818"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2025,8,24]]},"references-count":59,"alternative-id":["10.1145\/3708821.3710818","10.1145\/3708821"],"URL":"https:\/\/doi.org\/10.1145\/3708821.3710818","relation":{},"subject":[],"published":{"date-parts":[[2025,8,24]]},"assertion":[{"value":"2025-08-24","order":3,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}