GSoC/GCI Archive
Google Summer of Code 2012 The Java Pathfinder Team

Sanitizer validation using symbolic execution and library cross-checking

by Mateus Araujo Borges for The Java Pathfinder Team

The goal of this project is to analyze sanitization libraries in seek of vulnerabilities. More specifically, we want to find inputs that reveal vulnerabilities in existing sanitization functions. Our contribution is twofold: (1) we want to find spec-violating inputs for the sanitization function and (2) report vulnerabilities not covered by the current library.