Towards the Efficient Use of Dynamic Call Graph Generators of Node.js Applications

Herczeg, Zoltán; Lóki, Gábor; Kiss, Ákos

doi:10.1007/978-3-030-40223-5_14

Cited by 1 publication

(2 citation statements)

References 16 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…The first phase of the analysis constructs a summary for each module, without considering the connections between the modules. Let Loc, Prop, Var, and Exp denote the sets of all possible source code locations, 11 property names, variable names (including parameters), and program expressions, respectively. Given a single JavaScript file 𝑓 as input, 12 we compute a module summary 𝛽 𝑓 consisting of three separate pieces of information:…”

Section: Module Summary Constructionmentioning

confidence: 99%

See 1 more Smart Citation

Modular call graph construction for security scanning of Node.js applications

Nielsen

Torp

Møller

2021

Proceedings of the 30th ACM SIGSOFT International Symposium on Software Testing and Analysis

View full text Add to dashboard Cite

Most of the code in typical Node.js applications comes from thirdparty libraries that consist of a large number of interdependent modules. Because of the dynamic features of JavaScript, it is difficult to obtain detailed information about the module dependencies, which is vital for reasoning about the potential consequences of security vulnerabilities in libraries, and for many other software development tasks. The underlying challenge is how to construct precise call graphs that capture the connectivity between functions in the modules.In this work we present a novel approach to call graph construction for Node.js applications that is modular, taking into account the modular structure of Node.js applications, and sufficiently accurate and efficient to be practically useful. We demonstrate experimentally that the constructed call graphs are useful for security scanning, reducing the number of false positives by 81% compared to npm audit and with zero false negatives. Compared to js-callgraph, the call graph construction is significantly more accurate and efficient. The experiments also show that the analysis time is reduced substantially when reusing modular call graphs.

show abstract

Section: Module Summary Constructionmentioning

confidence: 99%

“…The dynamic call graph generators by Herczeg et al [11] and Hejderup et al [10] have been developed for JavaScript security scanning and function-level dependency management, but unlike our approach they require high-coverage test suites to avoid missing security issues.…”

Section: Related Workmentioning

confidence: 99%