Mehdi Bouaziz (joint work with Andrey Chudnov and David Naumann)

A symbolic evaluator for Javascript

End of internship talk, Stevens Institute of Technology, Hoboken, NJ, USA. February 25, 2011

• PDF, 8 pages, 94.8 KB
• Abstract: Symbolic execution is a form of static analysis that can be used even for highly dynamic languages like Javascript. One application of symbolic execution is for tracking the flow of information. For example, consider a web application like a tax calculator that manipulates confidential data the user does not sent to the server. The application can be executed with symbolic values for the secret inputs; the XMLHttpRequests that it generates in symbolic form can be checked to see whether they depend on the secrets. This informal talk will briefly introduce and demonstrate the Jsx symbolic evaluator we have developed.
• @misc{BouazizChudnovNaumann-SIT11-talk,
    author = {Bouaziz, Mehdi},
    title = {A symbolic evaluator for Javascript},
    year = {2011},
    month = {February},
    institution = {Stevens Institute of Technology},
    address = {Hoboken, NJ, USA},
    note = {End of internship talk},
    url = {http://www.bouaziz.me/p/BouazizChudnovNaumann-SIT11-slides.pdf}
  }

Home | Contact | Site map

Last update: January 24, 2014