MozillaWiki

DXR JS Analysis: Difference between revisions

Page Discussion

DXR JS Analysis (view source)

Revision as of 19:28, 24 June 2014

225 bytes added ,  24 June 2014
→‎Existing work:
No edit summary
 
(9 intermediate revisions by the same user not shown)
Line 18: Line 18:


See: <https://wiki.mozilla.org/Security/B2G/JavaScript_code_analysis>
See: <https://wiki.mozilla.org/Security/B2G/JavaScript_code_analysis>
== Algorithms and Techniques ==
=== k-CFA ===
=== Anderson's Points-To Analysis ===
=== Use Analysis ===
=== CFA2 ===
=== Inlining Eval ===
=== Removing the with Statement ===


{| class="wikitable"
{| class="wikitable"
Line 39: Line 25:
| JS WebTools || No || || || ||
| JS WebTools || No || || || ||
|-
|-
| Acorn || NO || JS || || ||
| Esprima || Partial || JS || || || Partial ES6 Support  
|-
| Esprima || Partial || JS || Partial ES6 Support || ||
|-
|-
| Ternjs || No || JS or http+json || || ||
| Ternjs || No || JS or http+json || || ||
Line 49: Line 33:
| Safe || No || Java || || ||
| Safe || No || Java || || ||
|-
|-
| JSAI || No || Coffee Script (stated in paper) || || Couldn't locate code ||
| JSAI || No || Coffee Script (stated in paper) || ||  ||Couldn't locate code
|-
| TAJS || No || || || ||
|}
|}


== Algorithms and Techniques ==
=== k-CFA ===
Family of flow analyses that approximate the program as a DFA via a structure called the call graph.
=== Anderson's Points-To Analysis ===
=== Use Analysis ===
=== CFA2 ===
Approximate the program as a PDA allowing seperate call sites to be distiguished (avoiding call/return mismatch). Implemented in Doctorjs


=== Inlining Eval ===


=== Dealing with "with" ===


= Ways to get the AST =
= Ways to get the AST =
Mchanlatte
14

edits

Retrieved from "https://wiki.mozilla.org/Special:MobileDiff/991987...992039"