Abstract
A JavaScript array object is just like any other kind of object except that it has a property named length that is automatically updated. The array object may have other property names such as non-numeric strings and string representations of negative integers. A conventional array is an array that has a property named length and the names of all other properties are (string representation of) positive integers. This paper presents a conventionality analysis of array objects in JavaScript programs. The analysis provides useful information for program development and understanding since any non-conventional use of an array could indicate a potential programming error unless it is intended by the programmer. The analysis is built upon a novel abstract string domain that captures array index information more precisely than the existing ones. Our experiments on a set of 98 benchmark programs show that arrays are used in a conventional way in 95% of the benchmark programs.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsReferences
Anderson, C., Giannini, P., Drossopoulou, S.: Towards type inference for JavaScript. In: Black, A.P. (ed.) ECOOP 2005. LNCS, vol. 3586, pp. 428–452. Springer, Heidelberg (2005). https://doi.org/10.1007/11531142_19
Bandhakavi, S., Tiku, N., Pittman, W., King, S.T., Madhusudan, P., Winslett, M.: Vetting browser extensions for security vulnerabilities with VEX. Commun. ACM 54(9), 91–99 (2011)
Chaudhuri, A.: Flow: abstract interpretation of JavaScript for type checking and beyond. In: ACM Workshop on Programming Languages and Analysis for Security, pp. 1–1. ACM (2016)
Cortesi, A., Zanioli, M.: Widening and narrowing operators for abstract interpretation. Comput. Lang. Syst. Struct. 37(1), 24–42 (2011)
Cousot, P., Cousot, R.: Abstract interpretation and application to logic programs. J. Logic Program. 13(2), 103–179 (1992)
Crockford, D.: JSlint: The Javascript code quality tool (2011). http://www.jslint.com, 95
Guarnieri, S., Livshits, V.B.: GATEKEEPER: mostly static enforcement of security and reliability policies for JavaScript code. In: USENIX Security Symposium, pp. 151–168 (2009)
Guha, A., Krishnamurthi, S., Jim, T.: Using static analysis for ajax intrusion detection. In: 18th International Conference on World Wide Web, pp. 561–570. ACM (2009)
Heidegger, P., Thiemann, P.: Recency types for analyzing scripting languages. In: D’Hondt, T. (ed.) ECOOP 2010. LNCS, vol. 6183, pp. 200–224. Springer, Heidelberg (2010). https://doi.org/10.1007/978-3-642-14107-2_10
Jensen, S.H., Møller, A., Thiemann, P.: Type analysis for JavaScript. In: Palsberg, J., Su, Z. (eds.) SAS 2009. LNCS, vol. 5673, pp. 238–255. Springer, Heidelberg (2009). https://doi.org/10.1007/978-3-642-03237-0_17
Kashyap, V., Dewey, K., Kuefner, E.A., Wagner, J., Gibbons, K., Sarracino, J., Wiedermann, B., Hardekopf, B.: JSAI: a static analysis platform for Javascript. In: 22nd ACM SIGSOFT International Symposium on Foundations of Software Engineering, pp. 121–132. ACM (2014)
Kovalyov, A., Kluge, W., Perez, J.: JSHint, a JavaScript Code Quality Tool (2010)
Lee, H., Won, S., Jin, J., Cho, J., Ryu, S.: SAFE: formal specification and implementation of a scalable analysis framework for ECMAScript. In: International Workshop on Foundations of Object-Oriented Languages (FOOL) (2012)
Logozzo, F., Venter, H.: RATA: rapid atomic type analysis by abstract interpretation – application to, optimization. In: Gupta, R. (ed.) CC 2010. LNCS, vol. 6011, pp. 66–83. Springer, Heidelberg (2010). https://doi.org/10.1007/978-3-642-11970-5_5
Taly, A., Mitchell, J.C., Miller, M.S., Nagra, J., et al.: Automated analysis of security-critical javascript apis. In: 2011 IEEE Symposium on Security and Privacy (SP), pp. 363–378. IEEE (2011)
Taylor, R.N., Levine, D.L., Kelly, C.D.: Structural testing of concurrent programs. IEEE Trans. Software Eng. 18(3), 206–215 (1992)
Thiemann, P.: Towards a type system for analyzing JavaScript programs. In: Sagiv, M. (ed.) ESOP 2005. LNCS, vol. 3444, pp. 408–422. Springer, Heidelberg (2005). https://doi.org/10.1007/978-3-540-31987-0_28
Younang, A., Lu, L.: Improving precision of JavaScript program analysis with an extended domain of intervals. In: 39th Annual Computer Software and Applications Conference, IEEE COMPSAC, pp. 441–446 (2015)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2018 Springer International Publishing AG
About this paper
Cite this paper
Younang, A., Lu, L., Almashfi, N. (2018). Statically Checking Conventionality of Array Objects in JavaScript. In: Itsykson, V., Scedrov, A., Zakharov, V. (eds) Tools and Methods of Program Analysis. TMPA 2017. Communications in Computer and Information Science, vol 779. Springer, Cham. https://doi.org/10.1007/978-3-319-71734-0_16
Download citation
DOI: https://doi.org/10.1007/978-3-319-71734-0_16
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-71733-3
Online ISBN: 978-3-319-71734-0
eBook Packages: Computer ScienceComputer Science (R0)