Database interactions are among the most essential functional features in web applications. Therefore, for the testing and maintenance of a web application, it is important that the web engineer could identify all the database interactions in the web application. However, the highly dynamic nature of web applications makes it challenging to extract all the possible database interactions from source code.
In this paper, we propose an automated approach to extract database interactions from source code by using symbolic execution and inference rules. Our approach automatically identifies all the possible database interaction points. After that, all the program paths, which pass through each interaction point, are also computed. Each of these paths is then symbolically executed following our proposed symbolic evaluation rules. We also develop inference rules to deduce the interaction types from the set of symbolic expressions derived during the symbolic execution. Experiments have been conducted to evaluate the performance and usefulness of the proposed approach. The results indicate that even with some limitations in handling function calls, pointers and polymorphism, our approach still gives an average precision of 79.2%, which is 45.4% more than that of the conservative approach.

• 出版日期2008-2
• 单位南阳理工学院