TY - GEN
T1 - Representing and Reasoning about Dynamic Code
AU - Bartels, Jesse
AU - Stephens, Jon
AU - Debray, Saumya
N1 - Publisher Copyright:
© 2020 ACM.
PY - 2020/9
Y1 - 2020/9
N2 - Dynamic code, i.e., code that is created or modified at runtime, is ubiquitous in today's world. The behavior of dynamic code can depend on the logic of the dynamic code generator in subtle and nonobvious ways, e.g., JIT compiler bugs can lead to exploitable vulnerabilities in the resulting JIT-compiled code. Existing approaches to program analysis do not provide adequate support for reasoning about such behavioral relationships. This paper takes a first step in addressing this problem by describing a program representation and a new notion of dependency that allows us to reason about dependency and information flow relationships between the dynamic code generator and the generated dynamic code. Experimental results show that analyses based on these concepts are able to capture properties of dynamic code that cannot be identified using traditional program analyses.
AB - Dynamic code, i.e., code that is created or modified at runtime, is ubiquitous in today's world. The behavior of dynamic code can depend on the logic of the dynamic code generator in subtle and nonobvious ways, e.g., JIT compiler bugs can lead to exploitable vulnerabilities in the resulting JIT-compiled code. Existing approaches to program analysis do not provide adequate support for reasoning about such behavioral relationships. This paper takes a first step in addressing this problem by describing a program representation and a new notion of dependency that allows us to reason about dependency and information flow relationships between the dynamic code generator and the generated dynamic code. Experimental results show that analyses based on these concepts are able to capture properties of dynamic code that cannot be identified using traditional program analyses.
KW - Dynamic Code
KW - Program Analysis
KW - Program Representations
KW - Self-Modifying Code
KW - Slicing
UR - http://www.scopus.com/inward/record.url?scp=85099266587&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=85099266587&partnerID=8YFLogxK
U2 - 10.1145/3324884.3416542
DO - 10.1145/3324884.3416542
M3 - Conference contribution
AN - SCOPUS:85099266587
T3 - Proceedings - 2020 35th IEEE/ACM International Conference on Automated Software Engineering, ASE 2020
SP - 312
EP - 323
BT - Proceedings - 2020 35th IEEE/ACM International Conference on Automated Software Engineering, ASE 2020
PB - Institute of Electrical and Electronics Engineers Inc.
T2 - 35th IEEE/ACM International Conference on Automated Software Engineering, ASE 2020
Y2 - 22 September 2020 through 25 September 2020
ER -