Abstract
We introduce a composition of object-oriented component PHP grammar for taint analysis. Our novel method successfully restructured the PHP parser and reduced grammar artifact objects that must be visited in a taint analysis process by up to 52% grammar variation. Taint analysis is an analysis that detects any injection vulnerability pattern in source code. The analysis identifies the information flow of untrustworthy input that affects the sensitive sink or part of the system. The static taint analysis was run on an abstract syntax tree and traversed all nodes. A static taint analysis uses a parser to traverse abstract syntax trees of the source code. A web PHP parser has 140 grammar combinations in an abstract syntax tree, which has to be traversed to recognize the tainted flow pattern. Additionally, there are many variations of syntax and coding styles for tainted flow patterns. Therefore, the amount of combinations will consume many computation resources.
Sign-in/Register to access full text options 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
