DXR JS Analysis

Revision as of 23:17, 23 June 2014 by Mchanlatte (talk | contribs)

(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)

Requirements for DxR

Must work with lastest version of ecmascript (6 as of this writing)
Produce all symbols and locations
Produce a call graph

Bonus Features

Type Inference

Existing work:

See: <https://wiki.mozilla.org/Security/B2G/JavaScript_code_analysis>

Algorithms and Techniques

k-CFA

Anderson's Points-To Analysis

Use Analysis

CFA2

Inlining Eval

Removing the with Statement

Ways to get the AST

Framework	ES6+	Interface	Function References (Call Graph or Something)	Type Inference	Other Notes
JSWebTools	No
Esprima	Partial	JS
Ternjs	No	JS or http+json
Doctorjs	No	JS
Safe	No	Java
JSAI		Coffee Script (from paper)			couldn't find code

Name	Interface	Compatible with Mozilla Parser API	Other Pros	Other Cons
Spidermonkey Reflect.parse	JS	Yes (by construction)	Full ES6 support
Acorn.js	JS	yes
Sweet.js	JS	yes	support for macros	might be hard for the analysis
Esprima	JS	yes	Partial ES6 support

Retrieved from "https://wiki.mozilla.org/index.php?title=DXR_JS_Analysis&oldid=991677"