Statically typed string sanitation inside a python

PSP '14 Pub Date : 2014-10-21 DOI:10.1145/2687148.2687152

Nathan Fulton, Cyrus Omar, Jonathan Aldrich

{"title":"Statically typed string sanitation inside a python","authors":"Nathan Fulton, Cyrus Omar, Jonathan Aldrich","doi":"10.1145/2687148.2687152","DOIUrl":null,"url":null,"abstract":"Web applications must ultimately command systems like web browsers and database engines using strings. Strings derived from improperly sanitized user input can as a result be a vector for command injection attacks. In this paper, we introduce regular string types, which classify strings constrained statically to be in a regular language specified by a regular expression. Regular strings support standard string operations like concatenation and substitution, as well as safe coercions, so they can be used to implement, in an essentially conventional manner, the pieces of a web application or framework that handle strings arising from user input. Simple type annotations at function interfaces can be used to statically verify that sanitization has been performed correctly without introducing redundant run-time checks. We specify this type system first as a minimal typed lambda calculus, lambdaRS. To be practical, adopting a specialized type system like this should not require the adoption of a new programming language. Instead, we advocate for extensible type systems: new type system fragments like this should be implemented as libraries atop a mechanism that guarantees that they can be safely composed. We support this with two contributions. First, we specify a translation from lambdaRS to a calculus with only standard strings and regular expressions. Then, taking Python as a language with these constructs, we implement the type system together with the translation as a library using typy, an extensible static type system for Python.","PeriodicalId":433332,"journal":{"name":"PSP '14","volume":"74 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2014-10-21","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"4","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"PSP '14","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1145/2687148.2687152","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 4

Abstract

Web applications must ultimately command systems like web browsers and database engines using strings. Strings derived from improperly sanitized user input can as a result be a vector for command injection attacks. In this paper, we introduce regular string types, which classify strings constrained statically to be in a regular language specified by a regular expression. Regular strings support standard string operations like concatenation and substitution, as well as safe coercions, so they can be used to implement, in an essentially conventional manner, the pieces of a web application or framework that handle strings arising from user input. Simple type annotations at function interfaces can be used to statically verify that sanitization has been performed correctly without introducing redundant run-time checks. We specify this type system first as a minimal typed lambda calculus, lambdaRS. To be practical, adopting a specialized type system like this should not require the adoption of a new programming language. Instead, we advocate for extensible type systems: new type system fragments like this should be implemented as libraries atop a mechanism that guarantees that they can be safely composed. We support this with two contributions. First, we specify a translation from lambdaRS to a calculus with only standard strings and regular expressions. Then, taking Python as a language with these constructs, we implement the type system together with the translation as a library using typy, an extensible static type system for Python.

查看原文本刊更多论文

python内部的静态类型字符串卫生

Web应用程序最终必须使用字符串命令Web浏览器和数据库引擎等系统。因此，从未经正确处理的用户输入派生的字符串可能成为命令注入攻击的载体。在本文中，我们引入了正则字符串类型，它将静态约束的字符串分类为由正则表达式指定的正则语言。常规字符串支持标准的字符串操作，如连接和替换，以及安全强制，因此它们可以用于以一种本质上传统的方式实现web应用程序或框架处理用户输入产生的字符串的部分。函数接口上的简单类型注释可用于静态验证是否正确执行了清理，而无需引入冗余的运行时检查。我们首先将这个类型系统指定为最小类型的λ演算。实际上，采用这样一个专门的类型系统不应该要求采用新的编程语言。相反，我们提倡可扩展的类型系统:像这样的新类型系统片段应该作为库实现在保证它们可以安全组合的机制之上。我们为此作出两项贡献。首先，我们指定从lambda到仅使用标准字符串和正则表达式的演算的转换。然后，将Python作为一种具有这些结构的语言，我们使用type (Python的可扩展静态类型系统)实现类型系统以及作为库的翻译。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

PSP '14

自引率

0.00%

发文量