Php Sat Origin
Static analysis for PHP
There where two sources that made the idea for PHP-Sat. The first source of inspiration came from my work as a assistant at the course
"internet programmeren" (Internet Programming) (2005,2006) at my
University department. I noticed that a lot of students where not aware of the security problems involved when programming PHP for the web.
The other source of inspiration came from a
practical assignment that I had to do for the course
Programming Transformation (2006). A part of this assignment was about tracking knowledge about variables that possibly contain null-pointers.
These two inspiration-sources lead me to the idea of a program that would track the state of a variable, if it was tainted or not, and then warn a user when this was used at the wrong places. This could be used by students to check and improve there programs before they submit.
I wanted to work out this idea, but I had to get a job for the summer to be able to pay my bills. A combination of these two was found in Google's
Summer of Code 2006. So I asked the person in charge of the course,
Eelco Visser if this idea was any good. In a short talk at the elevators I told him my idea and asked him about the Summer of Code. He was interested and there was sure to be someone who could mentor me.
So I started writing on my proposal. I found out that the idea was not really new because
Nenad Jovanovic was already developing
Pixy. An other project that was related is
PHC, the open source PHP compiler. I still wanted to continue with my idea, the reasons for this are all captured in my
SoC-proposal.
I had written this application and applied for the Summer of Code with it. Since there where about 6000 applications, changes where not very good. Especially because I wanted to work on a new project instead of an existing one. When the accepted applications where announced there was a bit of confusion. I had send in my proposal to both PHP and Google, but PHP had moved it to Google. My proposal that was send to Google was not accepted, but the one that was send to PHP and moved to Google was! I was off course very happy, and started reading some related papers. I was told that I would get a mentor from PHP, but there was no progress on this subject for a week. I proposed to Google that they would accept
Martin as my mentor. They agreed to this very soon and the development could really get started.
The development of a good vulnerability detection strategy takes a lot of time. During the development of this strategy Martin suggested to add bug patterns to PHP-Sat. A bug pattern detects a pattern in source code that could indicate a bug, a optimization possibility or a style-violation. This would already make the tool useful when the vulnerability detection strategy was not completely implemented.
More info about the name can be found on the
name page.
--
EricBouwers - 09 Sep 2006