Skip to Main Content
Conventional data-flow analysis technology has many disadvantages when applied to OOPL for the polymorphism, generic, and other special features. This paper analyzes these disadvantages, and based on which, a new dataflow analysis framework for OOPL is developed. It develops a unified abstract syntax tree (UAST) of all object-oriented programming languages. Key algorithms of global data-flow analysis for OOPL are studied. Various special OOPL features are considered. The experiment proves that, using this framework and its algorithm set, we can identify security vulnerabilities and their attack paths accurately and efficiently.
Date of Conference: 16-18 July 2010