News
Next Seminar on 26.04.2023
Written on 20.04.2023 10:47 by Niklas Medinger
Dear All,
The next seminar(s) take place on 26.04.2023 at 14:00 (Session A) and 14:00 (Session B).
Session A: (14:00-15:00)
Niklas Flentje, Dominic Troppmann
https://cispa-de.zoom.us/j/96786205841?pwd=M3FOQ3dSczRabDNLb3F1czVXVUpvdz09
Meeting-ID: 967 8620 5841
Kenncode: BT!u5=
Session B: (14:00-14:30)
Nils Hagen
https://us02web.zoom.us/j/88284395516?pwd=Vk1sTzZpSmhYVmxvY3RsSHN2RUR3Zz09 (update)
Session A:
14:00 - 14:30
Speaker: Niklas Flentje
No information provided.
14:30 - 15:00
Speaker: Dominic Troppmann
Type of talk: Master Intro
Advisor: Dr. Cristian-Alexandru Staicu
Title: Trust is good, control is better: Shedding light on typing practices in gradually typed scripting languages.
Research Area: RA5
Abstract: In recent years, scripting languages, most notably JavaScript/TypeScript and Python, have gained a lot of traction, due to their ease of learning, ease of use, and the presence of large ecosystems of third-party packages and libraries. Another key feature of these languages is that, contrary to languages like C or Java, they do not use a static type system, which saves developers the significant effort of adding type annotations and affords faster prototyping and development. However, this usually comes at the cost of an increased number of typing-related bugs, which would otherwise be caught by a static typing system. Thus, to give developers "the best of both worlds" both TypeScript and Python feature a gradual type system, allowing developers to add optional type annotations/hints. These type annotations are checked at compile time, but not enforced at runtime, meaning that developers must implement type checks to enforce datatypes during runtime.
But does this happen in practice, or might developers even be fooled into thinking their scripts become type-safe by simply annotating them? This study aims to address this question and better understand typing-related practices. More specifically, we want to learn how much developers rely on type annotations/checks, where developers are most likely to implement them, as well as trying to discern whether type annotations/checks, or rather lack thereof, can be used as an indicator for typing related bugs and vulnerabilities. To this end, we develop a static analysis based on CodeQL, which we use to analyze several tens of thousands of real-world github projects.
With this work, we hope to provide sufficient evidence about the importance of implementing solid type checks, even in the presence of type annotation, for developers to continuously adopt safer programming practices.
Session B:
14:00 - 14:30
Speaker: Nils Hagen
Type of talk: Bachelor Intro
Advisor: Prof. Andreas Zeller, Leon Bettscheider
Title: Semantic fuzzing with I/O contracts
Research Area: RA5: Empirical and Behavioural Security
Abstract:
Grammar-based fuzzing with context-free grammars is a common technique to make fuzzers
more program-specific and to increase coverage. This has proven to be an especially
successful test generation method in black-box settings with target programs that require
highly-structured inputs. However, context-free grammars are limited to the expression
of syntactic constraints which makes them unsuitable for input/output affiliations (like
in a client/server architecture or other reactive systems) where input and output are
semantically linked. Most fuzzers therefore rely solely on generic test oracles for bug
detection that either detect program crashes or output on standard error ports.
To express more powerful oracles we additionally want to consider the aforementioned input-
output relations. In this work we present a method to describe these semantically linked
interactions through I/O contracts where syntactic and semantic properties are expressed
through intertwined context-free grammars (termed I/O grammars) and semantic ISLa
constraints. Furthermore, we show how to apply these methods in practice on a real-world
server implementation of the IRC protocol and compare them to traditional context-free
grammar-based approaches.