SemOpenAlex |

SemOpenAlex

Matches in SemOpenAlex for { <https://semopenalex.org/work/W3215440972> ?p ?o ?g. }

Showing items 1 to 100 of 100 with 100 items per page.

W3215440972 abstract "Scripting languages are continuously gaining popularity due to their ease of use and the flourishing software ecosystems that surround them. These languages offer crash and memory safety by design, hence developers do not need to understand and prevent most low-level security issues plaguing languages like C. However, scripting languages often allow native extensions, which are a way for custom C/C++ code to be invoked directly from the high-level language. While this feature promises several benefits such as increased performance or the reuse of legacy code, it can also break the guarantees provided by the language, e.g., crash-safety. In this work, we first provide a comparative analysis of the security risks of the existing native extension API in three popular scripting languages. Additionally, we discuss a novel methodology for studying vulnerabilities caused by misuse of the native extension API. We then perform an in-depth study of npm, an ecosystem which appears to be the most exposed to threats introduced by native extensions. We show that vulnerabilities in extensions can be exploited in their embedding library by producing a hard crash in 30 npm packages, simply by invoking their API. Moreover, we identify five open-source web applications in which such exploits can be deployed remotely. Finally, we provide a set of recommendations for language designers, users and for the research community." @default.
W3215440972 created "2021-12-06" @default.
W3215440972 creator A5004014878 @default.
W3215440972 creator A5028738303 @default.
W3215440972 creator A5042598747 @default.
W3215440972 creator A5068174067 @default.
W3215440972 date "2021-11-22" @default.
W3215440972 modified "2023-09-27" @default.
W3215440972 title "Bilingual Problems: Studying the Security Risks Incurred by Native Extensions in Scripting Languages" @default.
W3215440972 cites W1531203382 @default.
W3215440972 cites W1966862293 @default.
W3215440972 cites W1981801194 @default.
W3215440972 cites W1987647365 @default.
W3215440972 cites W1992114977 @default.
W3215440972 cites W2008810193 @default.
W3215440972 cites W202191487 @default.
W3215440972 cites W2062340141 @default.
W3215440972 cites W2103380617 @default.
W3215440972 cites W2110001365 @default.
W3215440972 cites W2121780525 @default.
W3215440972 cites W2514626402 @default.
W3215440972 cites W2591793539 @default.
W3215440972 cites W2603712331 @default.
W3215440972 cites W2654868256 @default.
W3215440972 cites W2698406033 @default.
W3215440972 cites W2733373979 @default.
W3215440972 cites W2740279154 @default.
W3215440972 cites W2756234923 @default.
W3215440972 cites W2758513221 @default.
W3215440972 cites W2785521635 @default.
W3215440972 cites W2789570312 @default.
W3215440972 cites W2792181598 @default.
W3215440972 cites W2796472165 @default.
W3215440972 cites W2806253293 @default.
W3215440972 cites W2889480272 @default.
W3215440972 cites W2898029226 @default.
W3215440972 cites W2898614297 @default.
W3215440972 cites W2899462170 @default.
W3215440972 cites W2910728092 @default.
W3215440972 cites W2915997584 @default.
W3215440972 cites W2929275958 @default.
W3215440972 cites W2947109320 @default.
W3215440972 cites W2955478879 @default.
W3215440972 cites W2963350015 @default.
W3215440972 cites W2968966662 @default.
W3215440972 cites W2985320478 @default.
W3215440972 cites W3000350072 @default.
W3215440972 cites W3008842570 @default.
W3215440972 cites W3015193297 @default.
W3215440972 cites W3039784053 @default.
W3215440972 cites W3048513423 @default.
W3215440972 cites W3092106265 @default.
W3215440972 cites W3122752779 @default.
W3215440972 cites W3138230581 @default.
W3215440972 cites W3139023885 @default.
W3215440972 cites W3156862845 @default.
W3215440972 cites W3160786004 @default.
W3215440972 cites W3163626978 @default.
W3215440972 hasPublicationYear "2021" @default.
W3215440972 type Work @default.
W3215440972 sameAs 3215440972 @default.
W3215440972 citedByCount "0" @default.
W3215440972 crossrefType "posted-content" @default.
W3215440972 hasAuthorship W3215440972A5004014878 @default.
W3215440972 hasAuthorship W3215440972A5028738303 @default.
W3215440972 hasAuthorship W3215440972A5042598747 @default.
W3215440972 hasAuthorship W3215440972A5068174067 @default.
W3215440972 hasConcept C115903868 @default.
W3215440972 hasConcept C136764020 @default.
W3215440972 hasConcept C165696696 @default.
W3215440972 hasConcept C183469790 @default.
W3215440972 hasConcept C18903297 @default.
W3215440972 hasConcept C199360897 @default.
W3215440972 hasConcept C206588197 @default.
W3215440972 hasConcept C2777904410 @default.
W3215440972 hasConcept C2778583558 @default.
W3215440972 hasConcept C38652104 @default.
W3215440972 hasConcept C41008148 @default.
W3215440972 hasConcept C61423126 @default.
W3215440972 hasConcept C86803240 @default.
W3215440972 hasConceptScore W3215440972C115903868 @default.
W3215440972 hasConceptScore W3215440972C136764020 @default.
W3215440972 hasConceptScore W3215440972C165696696 @default.
W3215440972 hasConceptScore W3215440972C183469790 @default.
W3215440972 hasConceptScore W3215440972C18903297 @default.
W3215440972 hasConceptScore W3215440972C199360897 @default.
W3215440972 hasConceptScore W3215440972C206588197 @default.
W3215440972 hasConceptScore W3215440972C2777904410 @default.
W3215440972 hasConceptScore W3215440972C2778583558 @default.
W3215440972 hasConceptScore W3215440972C38652104 @default.
W3215440972 hasConceptScore W3215440972C41008148 @default.
W3215440972 hasConceptScore W3215440972C61423126 @default.
W3215440972 hasConceptScore W3215440972C86803240 @default.
W3215440972 hasLocation W32154409721 @default.
W3215440972 hasOpenAccess W3215440972 @default.
W3215440972 hasPrimaryLocation W32154409721 @default.
W3215440972 isParatext "false" @default.
W3215440972 isRetracted "false" @default.
W3215440972 magId "3215440972" @default.
W3215440972 workType "article" @default.