Distributed ray tracing in X10
Dave Cunningham
SPLASH 2011
Most kinds of security vulnerabilities in web applications can be fixed by adding appropriate sanitization methods. Finding the correct place for the sanitizers can be difficult due to complicated data and control flow. Fixing SQL injection vulnerabilities may require more complex transformations, such as replacing uses of Statement by PreparedStatement, which could include some code motion. We have developed algorithms to place sanitizers correctly, as well as to transform Statement to PreparedStatement. These have been implemented as "quick fixes" in an Eclipse plugin that works together with a commercial tool that discovers security vulnerabilities in web applications.
Dave Cunningham
SPLASH 2011
Fan Zhang, Junwei Cao, et al.
IEEE TETC
Rajeev Gupta, Shourya Roy, et al.
ICAC 2006
David S. Kung
DAC 1998