2015
DOI: 10.1007/978-3-319-26529-2_26
|View full text |Cite
|
Sign up to set email alerts
|

More Sound Static Handling of Java Reflection

Abstract: Reflection is a highly dynamic language feature that poses grave problems for static analyses. In the Java setting, reflection is ubiquitous in large programs. Any handling of reflection will be approximate, and overestimating its reach in a large codebase can be catastrophic for precision and scalability. We present an approach for handling reflection with improved empirical soundness (as measured against prior approaches and dynamic information) in the context of a points-to analysis. Our approach is based o… Show more

Help me understand this report

Search citation statements

Order By: Relevance

Paper Sections

Select...
1
1
1
1

Citation Types

0
33
0

Year Published

2015
2015
2023
2023

Publication Types

Select...
4
3
1

Relationship

1
7

Authors

Journals

citations
Cited by 45 publications
(33 citation statements)
references
References 24 publications
0
33
0
Order By: Relevance
“…The literature survey suggests looking into combinations with dynamic analysis and user annotations. Note that the highly advanced analysis tools already solve a number of these challenges (such as exception handling), but further improvement to get similar accuracy for higher efficiency is warranted since these tools would run faster on a part of the corpus [10].…”
Section: E Implications For Static Analysis Researchersmentioning
confidence: 99%
“…The literature survey suggests looking into combinations with dynamic analysis and user annotations. Note that the highly advanced analysis tools already solve a number of these challenges (such as exception handling), but further improvement to get similar accuracy for higher efficiency is warranted since these tools would run faster on a part of the corpus [10].…”
Section: E Implications For Static Analysis Researchersmentioning
confidence: 99%
“…In 11 out of the 17 apps, Ripple has successfully discovered more true targets than StrInf . This highlights the importance of making reflection analysis fully IIE‐aware for Android apps, by handling not only Case 2 as for Java programs but also Case 3.…”
Section: Discussionmentioning
confidence: 99%
“…Similarly, v may point to a non‐null object but with a statically unknown type. In this case, we can resolve the reflective calls in lines 6 to 9 by performing type inference to deduce what clz, mtd, and the objects pointed to by v are, as done previously for Java programs …”
Section: Iies In Android Appsmentioning
confidence: 99%
“…Recent work by Li et al [10] and Smaragdakis et al [16] present promising new approaches to fully-static resolution of reflective calls in Java. Both techniques leverage meaningful operations performed on the return value of reflective calls (such as downcasts) to provide a more sound handling of reflection without compromising scalability.…”
Section: Related Workmentioning
confidence: 99%