Etendre des interpréteurs par détournement, ou comment étendre des interpréteurs sans en modifier le code : avec une application à des analyses dynamiques pour un interpréteur de JavaScript

Florent Marchand de Kerchove 1, 2
2 ASCOLA - Aspect and composition languages
Inria Rennes – Bretagne Atlantique , Département informatique - EMN, LINA - Laboratoire d'Informatique de Nantes Atlantique
Abstract : For securing web applications, we were interested in applying dynamic security analyses to JavaScript programs. In this context, the ability to quickly modify the interpreter and to compose analyses at runtime is paramount. One way to effect these changes would have been through refactoring. But refactoring can be tricky and time-consuming, as it entails to rewrite parts of the source code, and even to reorganize the program’s whole architecture. Refactoring is too costly when rapid iteration is preferred.We explore a lightweight alternative to refactoring: diverting. To divert a program is to change its results without directly modifying its source code. To divert a program, we leverage indirection techniques such as dynamic scoping and metaprogramming.We first review the techniques used in related extensibility problems, like the Expression Problem, and apply these techniques to divert simple interpreters. We then show how diverting can help build interpreters incrementally in layers, allowing dynamic activation of alternative behavior. Finally, we apply those techniques to divert a full-blown JavaScript interpreter with multiple dynamic security analyses. We find that, with potential costs in efficiency and program safety, diverting is both faster and more flexible than rewriting the interpreter,thus making diverting a legitimate alternative to refactoring.
Document type :
Theses
Complete list of metadatas

https://tel.archives-ouvertes.fr/tel-01415588
Contributor : Nathalie Fontaine <>
Submitted on : Tuesday, March 28, 2017 - 8:17:50 AM
Last modification on : Wednesday, December 5, 2018 - 1:22:09 AM

Identifiers

  • HAL Id : tel-01415588, version 2

Citation

Florent Marchand de Kerchove. Etendre des interpréteurs par détournement, ou comment étendre des interpréteurs sans en modifier le code : avec une application à des analyses dynamiques pour un interpréteur de JavaScript. Langage de programmation [cs.PL]. Ecole des Mines de Nantes, 2016. Français. ⟨NNT : 2016EMNA0223⟩. ⟨tel-01415588v2⟩

Share

Metrics

Record views

746

Files downloads

492