Datalog | BestHub

AntTech

Dec 23, 2024 · Fundamentals

Data‑Driven Cross‑Language Program Analysis with Datalog: CodeFuse‑Query and Its ICSE 2025 Publication

The article introduces a data‑driven, Datalog‑based cross‑language program analysis technique presented in an ICSE 2025 paper, describes the open‑source CodeFuse‑Query platform, its technical innovations, and multiple production scenarios such as code evaluation, precise testing, dead‑code detection, and large‑scale code data cleaning.

CodeFuse-QueryDatalogICSE2025

0 likes · 8 min read

Data‑Driven Cross‑Language Program Analysis with Datalog: CodeFuse‑Query and Its ICSE 2025 Publication

vivo Internet Technology

May 10, 2023 · Information Security

Detecting Apache Commons Text RCE (CVE-2022-42889) with the Doop Static Analysis Framework

The Vivo Internet Security Team demonstrates how to extend the Doop static analysis framework with custom Datalog rules to detect the Apache Commons Text CVE‑2022‑42889 remote code execution vulnerability by tracing taint from StringSubstitutor.replace to ScriptEngine.eval, producing source‑sink CSV reports and showcasing Doop’s extensibility for security research.

Apache Commons TextCVE-2022-42889Datalog

0 likes · 14 min read

Detecting Apache Commons Text RCE (CVE-2022-42889) with the Doop Static Analysis Framework

Data‑Driven Cross‑Language Program Analysis with Datalog: CodeFuse‑Query and Its ICSE 2025 Publication

Detecting Apache Commons Text RCE (CVE-2022-42889) with the Doop Static Analysis Framework

Data‑Driven Cross‑Language Program Analysis with Datalog: CodeFuse‑Query and Its ICSE 2025 Publication