{"title":"Cross-Language Taint Analysis: Generating Caller-Sensitive Native Code Specification for Java","authors":"Shuangxiang Kan;Yuhao Gao;Zexin Zhong;Yulei Sui","doi":"10.1109/TSE.2024.3392254","DOIUrl":null,"url":null,"abstract":"Cross-language programming is a common practice within the software development industry, offering developers a multitude of advantages such as expressiveness, interoperability, and cross-platform compatibility, for developing large-scale applications. As an important example, JNI (Java Native Interface) programming is widely used in diverse scenarios where Java interacts with code written in other programming languages, such as C or C++. Conventional static analysis based on a single programming language faces challenges when it comes to tracing the flow of values across multiple modules that are coded in different programming languages. In this paper, we introduce CSS, a new \n<italic>Caller-Sensitive Specification</i>\n approach designed to enhance the static taint analysis of Java programs employing JNI to interface with C/C++ code. In contrast to conservative specifications, this approach takes into consideration the calling context of the invoked C/C++ functions (or cross-language context), resulting in more precise and concise specifications for the side effects of native code. Furthermore, CSS specifically enhances the capabilities of Java analyzers, enabling them to perform precise static taint analysis across language boundaries into native code. The experimental results show that CSS can accurately summarize value-flow information and enhance the ability of Java monolingual static analyzers for cross-language taint flow tracking.","PeriodicalId":13324,"journal":{"name":"IEEE Transactions on Software Engineering","volume":null,"pages":null},"PeriodicalIF":6.5000,"publicationDate":"2024-03-27","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"IEEE Transactions on Software Engineering","FirstCategoryId":"94","ListUrlMain":"https://ieeexplore.ieee.org/document/10539620/","RegionNum":1,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q1","JCRName":"COMPUTER SCIENCE, SOFTWARE ENGINEERING","Score":null,"Total":0}
引用次数: 0
Abstract
Cross-language programming is a common practice within the software development industry, offering developers a multitude of advantages such as expressiveness, interoperability, and cross-platform compatibility, for developing large-scale applications. As an important example, JNI (Java Native Interface) programming is widely used in diverse scenarios where Java interacts with code written in other programming languages, such as C or C++. Conventional static analysis based on a single programming language faces challenges when it comes to tracing the flow of values across multiple modules that are coded in different programming languages. In this paper, we introduce CSS, a new
Caller-Sensitive Specification
approach designed to enhance the static taint analysis of Java programs employing JNI to interface with C/C++ code. In contrast to conservative specifications, this approach takes into consideration the calling context of the invoked C/C++ functions (or cross-language context), resulting in more precise and concise specifications for the side effects of native code. Furthermore, CSS specifically enhances the capabilities of Java analyzers, enabling them to perform precise static taint analysis across language boundaries into native code. The experimental results show that CSS can accurately summarize value-flow information and enhance the ability of Java monolingual static analyzers for cross-language taint flow tracking.
期刊介绍:
IEEE Transactions on Software Engineering seeks contributions comprising well-defined theoretical results and empirical studies with potential impacts on software construction, analysis, or management. The scope of this Transactions extends from fundamental mechanisms to the development of principles and their application in specific environments. Specific topic areas include:
a) Development and maintenance methods and models: Techniques and principles for specifying, designing, and implementing software systems, encompassing notations and process models.
b) Assessment methods: Software tests, validation, reliability models, test and diagnosis procedures, software redundancy, design for error control, and measurements and evaluation of process and product aspects.
c) Software project management: Productivity factors, cost models, schedule and organizational issues, and standards.
d) Tools and environments: Specific tools, integrated tool environments, associated architectures, databases, and parallel and distributed processing issues.
e) System issues: Hardware-software trade-offs.
f) State-of-the-art surveys: Syntheses and comprehensive reviews of the historical development within specific areas of interest.