DOCSLIB.ORG

Introduction to Regular Expressions in 4D V11 SQL

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
Introduction to Regular Expressions in 4D V11 SQL Introduction to Regular Expressions in 4D v11 SQL By Robert Molina, Technical Support Engineer, 4D Inc. Technical Note 07-47 Abstract ------------------------------------------------------------------------------------------------------------------------------------------------------------------ Regular expressions (regex) is a meta-language that provides developers a means to easily validate and search for characters within text. 4D v11 SQL natively supports this language, displaying 4D’s commitment to adhere to industry wide standards. This Technical Note provides background information, benefits of using regex, and examples within 4D. Background Information ------------------------------------------------------------------------------------------------------------------------------------------------------------------ Regular expressions can be found in many programming and scripting languages. In addition, regular expressions are also used in word processing applications and text editors. The foundations of regular expressions come from the early works of Stephen Cole Kleene and Ken Thompson. Ken Thompson used Kleene’s notation called regular sets which lead to his production of the popular search tool “grep” in the Unix editor, “ed”. Eventually, different variations of regular expressions tools have been developed based on Thompson’s implementation. One of the popular programming languages to take advantage of regular expressions is Perl. Perl took the regex library written by Henry Philips and made additions for use in its language. Based on Perl’s implementation, Philip Hazel then developed PCRE (Perl Compatible Regular Expressions) which is a version of regex that is normally used in Apache web servers and PHP today. The version of 4D’s regular expression engine is from the ICU’s (International Components for Unicode) regular expression package. Information about this package can be found here: http://www.icu-project.org/userguide/regexp.html What is a regular expression? ------------------------------------------------------------------------------------------------------------------------------------------------------------------ A regular expression is a structured string of characters that matches patterns within text. Below is an example of a regular expression. .*\.txt This regular expression will match any string that contains “.txt”. At first glance the above expression may look foreign which is common when seeing a new language. Like any language, there is syntax that will need to be learned and followed. The syntax involves the components: literals, metacharacters, and operators. Literals Literals are constant values that can only mean one thing and nothing else. A literal in a regular expression will stand on its own, matching on a one-by-one basis. For instance, the literal: regex informs the regular expression engine to search for the text “regex” and nothing else. Metacharacters Along with the literals, there are also metacharacters. Metacharacters are the opposite of literals, in that they have special meanings. For instance, a period (.) represents any single character. Therefore the regular expression: .example will match Aexample, Bexample, and <example. Any single character in front of the string “example” will result in a match. In another example, what if the task is to find “Regex” right before the end of the line? The metacharacter that will help aid in this task is $, which represents the end of the line. Below is the regular expression: Regex$ The regular expression engine will search the text for the string “regex” followed by and end of line character. For the list of metacharacters used in ICU regular expressions please go to: http://www.icu-project.org/userguide/regexp.html Operators Regular expressions also contain operators. Some common operators used are *, +, and the |. For instance, what if the task is to either find “Regex” or “regex” the above example can also be written with an operator: [R|r]egex The operator used here is the “OR” operator which is symbolized by the pipe character (|). For the list of operators used in ICU regular expressions please go to: http://www.icu-project.org/userguide/regexp.html In addition, to learn more about pattern matching with regular expressions, a popular reference is the book "Mastering Regular Expressions, Second Edition" by Jeffrey E. F. Friedl, O'Reilly & Associates; 2nd edition (July 15, 2002). Why Use Regular Expressions in 4D? ------------------------------------------------------------------------------------------------------------------------------------------------------------------ There are two main reasons for using regex in 4D: Efficiency One of the main advantages of using regular expressions within 4D, or any programming language, is efficiency in code. Using regular expressions will reduce the amount of code written for a specific task regarding text data. For instance, here is some 4D code that will search for the string “Regex”. $result:=Position("Regex";[Table_1]Field_2;1;lengthfound) If ($result>0) `The string has been found $resstring:=Substring([Table_1]Field_2;$result;lengthfound) If (Character code($resstring[[1]])=Character code("r")) ALERT("We found "+$resstring) End if End if As the above example shows, there are 4 lines of code that are needed in achieving the same result as the simple “Regex” regular expression as shown below used with the Match regex command: $result:=Match regex("regex";[Table_1]Field_2;1;posfound;lengthfound) If ($result=True) `The string has been found ALERT("We found "+Substring([Table_1]Field_2;posfound;lengthfound)) End if What makes the regular expression efficient compared to the 4D code is the support of literals. As the example above shows, 4D is not a case sensitive language, thus searching for “Regex” is not as simple as the regular expression. Industry Standard Because regular expressions are used in numerous applications it has become the de facto industry standard in pattern matching text. Although there is more than one regular expression engine, the basics are essentially the same. Therefore, learning regular expressions may help in future projects that involve text searching. Below is a list of regular expression libraries along with applications and languages that use regular expressions: The Match regex Command ------------------------------------------------------------------------------------------------------------------------------------------------------------------ Regular expressions are now part of the 4D language in 4D v11 SQL. The command that makes this possible is Match regex. Below is the description of the parameters for the command: Optional Parameter: start The optional start parameter allows searching for a text pattern at a specific position. For example, what if the task is to find the second instance of the string “crunch” within “crunch crunch”? The 4D code to do so would be: vfound:=Match regex("crunch";"crunch crunch";8;pos_found;length_found) The command notifies the regex engine to go to position 8 within the string and find “crunch”. Using this start parameter provides a means to skip matches as well prevent the engine from trying to parse more than it needs to. In contrast, if no optional parameters are added: vfound:=Match regex("crunch";"crunch crunch") this notifies the regex engine to obtain a complete match or equality. Therefore, since “crunch” is not equal to “crunch crunch” the result is false. Optional Parameters: pos_found and length_found These two parameters can either return a single value or an array of values. Below is an example of the parameters returning single values: $Start:=1 $result:=Match regex("XL";"Super Bowl XL.";$start;posfound;lengthfound) The variable posfound will return the position. Therefore the value will be 12. Here is an illustration of the character positions: The lengthfound variable will return 2 since the string being matched is the two characters “XL”. As mentioned earlier in this section, these parameters can also be arrays. The use of arrays allows the feature of “Capture Groups” within regular expressions (Capture Groups will be explored in the next section). Optional Parameter: * The asterisk (*) parameter is used if the search is specified to a position within the string. The addition of this parameter can produce different results with the same regular expression. For instance, here is an example: $result:=Match regex("quick";"The quick brown fox";1;$pos_found; $length_found) The above code will return true since “quick” is within the string. Here is another example: $result:=Match regex("quick";"The quick brown fox";1;$pos_found; $length_found;*) The code above will return false since the * parameter has been added, which tells the regex engine to only search at position 1. The string at position 1 is “The” string which does not match “quick”. Here is a third example: vfound:=Match regex("quick";"The quick brown fox";5;$pos_found; $length_found;*) The code above will return true since the position parameter is set to 5 and at position 5 is the string “quick” which is the target string. Capture Groups ------------------------------------------------------------------------------------------------------------------------------------------------------------------ This feature allows separating a regular expression into groups. For instance, what if the task was to match the date format “MM/DD/YYYY” and group MM, DD, and YYYY? Here is the 4D code to do it: ARRAY LONGINT(posfound;0) ARRAY LONGINT(lenghtfound;0)
Load more

Recommended publications
  • Express Yourself! Regular Expressions Vs SAS Text String Functions Spencer Childress, Rho®, Inc., Chapel Hill, NC
    PharmaSUG 2014 - Paper BB08 Express Yourself! Regular Expressions vs SAS Text String Functions Spencer Childress, Rho®, Inc., Chapel Hill, NC ABSTRACT ® SAS and Perl regular expression functions offer a powerful alternative and complement to typical SAS text string functions. By harnessing the power of regular expressions, SAS functions such as PRXMATCH and PRXCHANGE not only overlap functionality with functions such as INDEX and TRANWRD, they also eclipse them. With the addition of the modifier argument to such functions as COMPRESS, SCAN, and FINDC, some of the regular expression syntax already exists for programmers familiar with SAS 9.2 and later versions. We look at different methods that solve the same problem, with detailed explanations of how each method works. Problems range from simple searches to complex search and replaces. Programmers should expect an improved grasp of the regular expression and how it can complement their portfolio of code. The techniques presented herein offer a good overview of basic data step text string manipulation appropriate for all levels of SAS capability. While this article targets a clinical computing audience, the techniques apply to a broad range of computing scenarios. INTRODUCTION This article focuses on the added capability of Perl regular expressions to a SAS programmer’s skillset. A regular expression (regex) forms a search pattern, which SAS uses to scan through a text string to detect matches. An extensive library of metacharacters, characters with special meanings within the regex, allows extremely robust searches. Before jumping in, the reader would do well to read over ‘An Introduction to Perl Regular Expressions in SAS 9’, referencing page 3 in particular (Cody, 2004).
    [Show full text]
  • 855 Symbols & (Ampersand), 211 && (AND Operator), 608 `` (Backquotes/Backticks), 143 & (Bitwise AND) Operator, 1
    index.fm Page 855 Wednesday, October 25, 2006 1:28 PM Index Symbols A & (ampersand), 211 abs() function, 117 && (AND operator), 608 Access methods, 53, 758–760 `` (backquotes/backticks), 143 ACTION attribute, 91 & (bitwise AND) operator, 140 action attribute, 389–390, 421 ~ (bitwise NOT) operator, 141 addcslashes() function, 206–208, 214 | (bitwise OR) operator, 140 Addition (+), 112 ^ (bitwise XOR) operator, 140 addslashes() function, 206–208, 214 ^ (caret metacharacter), 518, 520–521 admin_art_edit.php, 784, 793–796 " (double quote), 211 admin_art_list.php, 784 @ (error control) operator, 143–145 admin_artist_edit.php, 784, 788–789 > (greater than), 211, 608, 611-612 admin_artist_insert.php, 784, 791–792 << (left shift) operator, 141 admin_artist_list.php, 784, 786–787, < (less than), 211, 608, 611-612 796 * metacharacter, 536–538 admin_footer.php, 784 !, NOT operator, 608 admin_header.php, 784, 803 < operator, 608, 611–612 admin_login.php, 784, 797, 803 <= operator, 608 Advisory locking, 474 <>, != operator, 608–609 Aliases, 630–631 = operator, 608–609 Alphabetic sort of, 299–300 > operator, 608, 611–612 Alphanumeric word characters, metasymbols -> operator, 743–744 representing, 531–533 >= operator, 608 ALTER command, 631 || (OR operator), 130–132, 608 ALTER TABLE statement, 620, 631–633 >> (right shift) operator, 141 Alternation, metacharacters for, 543 ' (single quote), 211, 352–353, 609 Anchoring metacharacters, 520–523 % wildcard, 613–614 beginning-of-line anchor, 520–523 >>> (zero-fill right shift) operator, end-of-line anchor,
    [Show full text]
  • Perl Regular Expressions 102
    NESUG 2006 Posters Perl Regular Expressions 102 Kenneth W. Borowiak, Howard M. Proskin & Associates, Inc., Rochester, NY ABSTRACT Perl regular expressions were made available in SAS® in Version 9 through the PRX family of functions and call routines. The SAS community has already generated some literature on getting started with these often-cryptic, but very powerful character functions. The goal of this paper is to build upon the existing literature by exposing some of the pitfalls and subtleties of writing regular expressions. Using a fictitious clinical trial adverse event data set, concepts such as zero-width assertions, anchors, non-capturing buffers and greedy quantifiers are explored. This paper is targeted at those who already have a basic knowledge of regular expressions. Keywords: word boundary, negative lookaheads, positive lookbehinds, zero-width assertions, anchors, non-capturing buffers, greedy quantifiers INTRODUCTION Regular expressions enable you to generally characterize a pattern for subsequent matching and manipulation of text fields. If you have you ever used a text editor’s Find (-and Replace) capability of literal strings then you are already using regular expressions, albeit in the most strict sense. In SAS Version 9, Perl regular expressions were made available through the PRX family of functions and call routines. Though the Programming Extract and Reporting Language is itself a programming language, it is the regular expression capabilities of Perl that have been implemented in SAS. The SAS community of users and developers has already generated some literature on getting started with these often- cryptic, but very powerful character functions. Introductory papers by Cassell [2005], Cody [2006], Pless [2005] and others are referenced at the end of this paper.
    [Show full text]
  • Quick Tips and Tricks: Perl Regular Expressions in SAS® Pratap S
    Paper 4005-2019 Quick Tips and Tricks: Perl Regular Expressions in SAS® Pratap S. Kunwar, Jinson Erinjeri, Emmes Corporation. ABSTRACT Programming with text strings or patterns in SAS® can be complicated without the knowledge of Perl regular expressions. Just knowing the basics of regular expressions (PRX functions) will sharpen anyone's programming skills. Having attended a few SAS conferences lately, we have noticed that there are few presentations on this topic and many programmers tend to avoid learning and applying the regular expressions. Also, many of them are not aware of the capabilities of these functions in SAS. In this presentation, we present quick tips on these expressions with various applications which will enable anyone learn this topic with ease. INTRODUCTION SAS has numerous character (string) functions which are very useful in manipulating character fields. Every SAS programmer is generally familiar with basic character functions such as SUBSTR, SCAN, STRIP, INDEX, UPCASE, LOWCASE, CAT, ANY, NOT, COMPARE, COMPBL, COMPRESS, FIND, TRANSLATE, TRANWRD etc. Though these common functions are very handy for simple string manipulations, they are not built for complex pattern matching and search-and-replace operations. Regular expressions (RegEx) are both flexible and powerful and are widely used in popular programming languages such as Perl, Python, JavaScript, PHP, .NET and many more for pattern matching and translating character strings. Regular expressions skills can be easily ported to other languages like SQL., However, unlike SQL, RegEx itself is not a programming language, but simply defines a search pattern that describes text. Learning regular expressions starts with understanding of character classes and metacharacters.
    [Show full text]
  • Context-Free Grammar for the Syntax of Regular Expression Over the ASCII
    Context-free Grammar for the syntax of regular expression over the ASCII character set assumption : • A regular expression is to be interpreted a Haskell string, then is used to match against a Haskell string. Therefore, each regexp is enclosed inside a pair of double quotes, just like any Haskell string. For clarity, a regexp is highlighted and a “Haskell input string” is quoted for the examples in this document. • Since ASCII character strings will be encoded as in Haskell, therefore special control ASCII characters such as NUL and DEL are handled by Haskell. context-free grammar : BNF notation is used to describe the syntax of regular expressions defined in this document, with the following basic rules: • <nonterminal> ::= choice1 | choice2 | ... • Double quotes are used when necessary to reflect the literal meaning of the content itself. <regexp> ::= <union> | <concat> <union> ::= <regexp> "|" <concat> <concat> ::= <term><concat> | <term> <term> ::= <star> | <element> <star> ::= <element>* <element> ::= <group> | <char> | <emptySet> | <emptyStr> <group> ::= (<regexp>) <char> ::= <alphanum> | <symbol> | <white> <alphanum> ::= A | B | C | ... | Z | a | b | c | ... | z | 0 | 1 | 2 | ... | 9 <symbol> ::= ! | " | # | $ | % | & | ' | + | , | - | . | / | : | ; | < | = | > | ? | @ | [ | ] | ^ | _ | ` | { | } | ~ | <sp> | \<metachar> <sp> ::= " " <metachar> ::= \ | "|" | ( | ) | * | <white> <white> ::= <tab> | <vtab> | <nline> <tab> ::= \t <vtab> ::= \v <nline> ::= \n <emptySet> ::= Ø <emptyStr> ::= "" Explanations : 1. Definition of <metachar> in our definition of regexp: Symbol meaning \ Used to escape a metacharacter, \* means the star char itself | Specifies alternatives, y|n|m means y OR n OR m (...) Used for grouping, giving the group priority * Used to indicate zero or more of a regexp, a* matches the empty string, “a”, “aa”, “aaa” and so on Whi tespace char meaning \n A new line character \t A horizontal tab character \v A vertical tab character 2.
    [Show full text]
  • K5917: Using Regular Expressions in a Health Monitor Receive String
    K5917: Using regular expressions in a health monitor receive string Non-Diagnostic Original Publication Date: Oct 20, 2015 Update Date: Aug 24, 2021 Topic Some BIG-IP application health monitors, such as the HTTP monitor, include a Receive String field. This field specifies a string for comparison with the server response. You can specify a regular expression in that field to provide some flexibility in matching an expected response from a healthy server. Health monitors that support regular expressions include TCP, HTTP, HTTPS, and User Datagram Protocol (UDP). Regular expressions provide the flexibility for identifying strings of text that are of interest, such as certain characters, words, or a pattern of characters. With some exceptions, health monitors on BIG-IP systems support the use of POSIX Extended Regular Expressions (ERE). ERE syntax treats most characters as literals, meaning that they match only themselves, and defines metacharacters, which can be used to represent special characters, multiple characters, or a sequences of characters. To reduce operating overhead for the BIG-IP system, F5 recommends that, whenever possible, you use static strings for monitoring. Using static strings instead of regular expressions for monitoring is simpler and more efficient. However, the performance impact is minimal in comparison to the administrative flexibility offered from using regular expressions. For example, your HTTP health monitor requests the /admin/monitor.html page from the web server, which invokes a simple local script. The script checks whether vital local operating parameters, such as connections, memory, processor, or disk space, are within acceptable limits. If so, the script returns the monitor.html page, which includes a single line of body text that varies for each server, based on the server name: Server1: OK Server2: OK Server3: OK If you do not use a regular expression to match this response, you must create three separate monitors, each with a different receive string, and ensure the correct monitor is applied to each server.
    [Show full text]
  • String Search & Pattern Matching
    String Search & Pattern Matching Wednesday, October 23, 2008 Reading: Stoughton 3.14, Kozen Chs. 7-8 CS235 Languages and Automata Department of Computer Science Wellesley College Some Applications of Regular Languages Today: o Efficient string searching o Pattern matching with regular expressions (example: Unix grep utility) Tomorrow: o Lexical analysis (a.k.a. scanning, tokenizing) in a compiler (example: ML-Lex). Pattern Matching 21-2 Naïve String Searching How to search for abbaba in abbabcabbabbaba? a b b a b c a b b a b b a b a a b b a b a a b b a b a a b b a b a a b b a b a a b b a b a a b b a b a a b b a b a a b b a b a a b b a b a a b b a b a Pattern Matching 21-3 More Efficient String Searching Knuth-Morris-Pratt algorithm: construct a DFA for searched-for string, and use it to do searching. b,c a a b a a b b a b a c c b,c c c How to construct this DFA automatically? a b b a b c a b b a b b a b a a b b a b a a b b a b a a b b a b a Pattern Matching 21-4 Pattern Matching with Regular Expressions Can turn any regular expression (possibly extended with complement, intersection, and difference) into a DFA and use it for string searching.
    [Show full text]
  • Strings, I/O, Formatting, and Parsing
    CertPrs8/Java 5 Cert. Study Guide/Sierra-Bates/225360-6/Chapter 6 Blind Folio CDXI 6 Strings, I/O, Formatting, and Parsing CERTIFICATION OBJECTIVES l Using String, StringBuilder, and l Using Regular Expressions StringBuffer 3 Two-Minute Drill l File I/O using the java.io package Q&A Self Test l Serialization using the java.io package l Working with Dates, Numbers, and Currencies chap6-1127f.indd 411 11/28/05 12:43:24 AM CertPrs8/Java 5 Cert. Study Guide/Sierra-Bates/225360-6/Chapter 6 412 Chapter 6: Strings, I/O, Formatting, and Parsing his chapter focuses on the various API-related topics that were added to the exam for Java 5. J2SE comes with an enormous API, and a lot of your work as a Java programmer Twill revolve around using this API. The exam team chose to focus on APIs for I/O, formatting, and parsing. Each of these topics could fill an entire book. Fortunately, you won't have to become a total I/O or regex guru to do well on the exam. The intention of the exam team was to include just the basic aspects of these technologies, and in this chapter we cover more than you'll need to get through the String, I/O, formatting, and parsing objectives on the exam. CERTIFICATION OBJECTIVE String, StringBuilder, and StringBuffer (Exam Objective 3.1) 3.1 Discuss the differences between the String, StringBuilder, and StringBuffer classes. Everything you needed to know about Strings in the SCJP 1.4 exam, you'll need to know for the SCJP 5 exam…plus, Sun added the StringBuilder class to the API, to provide faster, non-synchronized StringBuffer capability.
    [Show full text]
  • Introduction to Regular Expressions in SAS®
    Introduction to Regular Expressions in SAS® K. Matthew Windham From Introduction to Regular Expressions in SAS®. Full book available for purchase here. Contents About This Book ........................................................................................ vii About The Author ...................................................................................... xi Acknowledgments .................................................................................... xiii Chapter 1: Introduction .............................................................................. 1 1.1 Purpose of This Book .............................................................................................................. 1 1.2 Layout of This Book ................................................................................................................. 1 1.3 Defining Regular Expressions ................................................................................................. 2 1.4 Motivational Examples ............................................................................................................ 3 1.4.1 Extract, Transform, and Load (ETL) .............................................................................. 3 1.4.2 Data Manipulation .......................................................................................................... 4 1.4.3 Data Enrichment ............................................................................................................. 5 Chapter 2: Getting Started with Regular
    [Show full text]
  • Lecture 7 Regular Expressions and Grep 7.1
    LECTURE 7 REGULAR EXPRESSIONS AND GREP 7.1 Regular Expressions 7.1.1 Metacharacters, Wild cards and Regular Expressions Characters that have special meaning for utilities like grep, sed and awk are called metacharacters. These special characters are usually alpha-numeric in nature; a "e# e$- ample metacharacters are: caret &�'( dollar &+'( question mar- &.'( asterisk &/'( backslash &1'("orward slash &2'( ampersand &3'( set braces &4 an) 5'( range brac-ets &[...]). These special characters are interpreted contextually 0y the utilities. If you need to use the spe- cial characters as is without any interpretation, they need to be prefixed with the escape character (\). 8or example( a literal + can be inserted as 1+! a literal \can be inserted as \\. Although not as commonly used, numbers also can be turned into metacharacters 0y using escape character. 8or example( a number 9 is a literal number tw*( while 19 has a special meaning. Often times( the same metacharacters ha:e special meaning "or the shell as #ell. Thus #e need to be careful when passing metacharacters as arguments to utilities. It is a standard practice to embed the metacharacter arguments in single quotes to stop the shell from interpreting the metacharacters. $grep a*b file . asteris- gets interpreted 0y shell $grep ’a*b’ file . asterisk gets interpreted 0y 6rep utility Although single quotes are needed only "or arguments with metacharacters( as a 6**) practice( the pattern arguments *" the 6rep( sed and a#- utilities are always embedded in single quotes. $grep ’ab’ file $sed ’/a*b/’ file 7.1 Regular Expressions 47 Wild card Meaning given 0y shell / Zero or more characters .
    [Show full text]
  • Corrigendum 3 Corrigendum 3
    INTERNATIONAL TELECOMMUNICATION UNION ITU-T X.680 TELECOMMUNICATION Corrigendum 3 STANDARDIZATION SECTOR OF ITU (02/2001) SERIES X: DATA NETWORKS AND OPEN SYSTEM COMMUNICATIONS OSI networking and system aspects – Abstract Syntax Notation One (ASN.1) Corrigendum 3: CAUTION ! PREPUBLISHED RECOMMENDATION This prepublication is an unedited version of a recently approved Recommendation. It will be replaced by the published version after editing. Therefore, there will be differences between this prepublication and the published version. FOREWORD The International Telecommunication Union (ITU) is the United Nations specialized agency in the field of tele communications. The ITU Telecommunication Standardization Sector (ITU-T) is a permanent organ of ITU. ITU-T is responsible for studying technical, operating and tariff questions and issuing Recommendations on them with a view to standardizing telecommunications on a worldwide basis. The World Telecommunication Standardization Assembly (WTSA), which meets every four years, establishes the topics for study by the ITU-T study groups which, in turn, produce Recommendations on these topics. The approval of ITU-T Recommendations is covered by the procedure laid down in WTSA Resolution 1. In some areas of information technology which fall within ITU-T's purview, the necessary standards are prepared on a collaborative basis with ISO and IEC. NOTE In this Recommendation, the expression "Administration" is used for conciseness to indicate both a telecommunication administration and a recognized operating agency. INTELLECTUAL PROPERTY RIGHTS ITU draws attention to the possibility that the practice or implementation of this Recommendation may involve the use of a claimed Intellectual Property Right. ITU takes no position concerning the evidence, validity or applicability of claimed Intellectual Property Rights, whether asserted by ITU members or others outside of the Recommendation development process.
    [Show full text]
  • 3 What Is Decidable About String Constraints with the Replaceall
    What Is Decidable about String Constraints with the ReplaceAll Function TAOLUE CHEN, Birkbeck, University of London, United Kingdom YAN CHEN, State Key Laboratory of Computer Science, Institute of Software, Chinese Academy of Sciences, China and University of Chinese Academy of Sciences, China MATTHEW HAGUE, Royal Holloway, University of London, United Kingdom ANTHONY W. LIN, University of Oxford, United Kingdom ZHILIN WU, State Key Laboratory of Computer Science, Institute of Software, Chinese Academy of Sciences, China The theory of strings with concatenation has been widely argued as the basis of constraint solving for verifying 3 string-manipulating programs. However, this theory is far from adequate for expressing many string constraints that are also needed in practice; for example, the use of regular constraints (pattern matching against a regular expression), and the string-replace function (replacing either the first occurrence or all occurrences ofa “pattern” string constant/variable/regular expression by a “replacement” string constant/variable), among many others. Both regular constraints and the string-replace function are crucial for such applications as analysis of JavaScript (or more generally HTML5 applications) against cross-site scripting (XSS) vulnerabilities, which motivates us to consider a richer class of string constraints. The importance of the string-replace function (especially the replace-all facility) is increasingly recognised, which can be witnessed by the incorporation of the function in the input languages of several string constraint solvers. Recently, it was shown that any theory of strings containing the string-replace function (even the most restricted version where pattern/replacement strings are both constant strings) becomes undecidable if we do not impose some kind of straight-line (aka acyclicity) restriction on the formulas.
    [Show full text]