Path sensitive static analysis of taint-style vulnerabilities in PHP code

@article{Yan2017PathSS,
  title={Path sensitive static analysis of taint-style vulnerabilities in PHP code},
  author={Xue-xiong Yan and Qing-xian Wang and Heng-Tai Ma},
  journal={2017 IEEE 17th International Conference on Communication Technology (ICCT)},
  year={2017},
  pages={1382-1386}
}
This paper presents a novel path-sensitive static analysis method for detecting taint-style vulnerabilities in PHP code. The new method includes three key, the first of which is path searching during a basic block, the second is path searching between blocks, and the third is path searching crossing function call. A tool name POSE implements the new method… CONTINUE READING