Integer overflows have threatened software applications for decades. Thus, in this paper, we propose a novel technique to provide automatic repairs of integer overflows in C source code. Our technique, based on static symbolic execution, fuses detection, repair generation and validation. This technique is implemented in a prototype named IntRepair. We applied IntRepair to 2,052 C programs (approx. 1 million lines of code) contained in SAMATE’s Juliet test suite and 50 synthesized programs that range up to 20KLOC. Our experimental results show that IntRepair is able to effectively detect integer overflows and successfully repair them, while only increasing the source code (LOC) and binary (Kb) size by around 1%, respectively. Further, we present the results of a user study with 30 participants which shows that IntRepair repairs are more than 10x efficient as compared to manually generated code repairs.
Sat 11 Jul Times are displayed in time zone: (UTC) Coordinated Universal Time change
15:00 - 16:00: Paper Presentations - A26-Bugs and Repair at Goguryeo Chair(s): Davide FalessiCalifornia Polytechnic State University | ||||||||||||||||||||||||||||||||||||||||||
| 15:00 - 15:12 Talk | Mingyuan WuSouthern University of Science and Technology, Yicheng OuyangSouthern University of Science and Technology, Husheng ZhouThe University of Texas at Dallas, Lingming ZhangThe University of Texas at Dallas, Cong LiuUT Dallas, Yuqun ZhangSouthern University of Science and Technology | |||||||||||||||||||||||||||||||||||||||||
| 15:12 - 15:20 Talk | Luciano BaresiPolitecnico di Milano, Alberto LevaPolitecnico di Milano, Giovanni QuattrocchiPolitecnico di Milano | |||||||||||||||||||||||||||||||||||||||||
| 15:20 - 15:28 Talk | Carlos Gavidia-CalderonUniversity College London, Federica SarroUniversity College London, UK, Mark HarmanFacebook and University College London, Earl T. BarrUniversity College London, UK Link to publication DOI Pre-print Media Attached | |||||||||||||||||||||||||||||||||||||||||
| 15:28 - 15:36 Talk | Anil KoyuncuUniversity of Luxembourg, Luxembourg, Kui LiuNanjing University of Aeronautics and Astronautics, Tegawendé F. BissyandéSnT, University of Luxembourg, Dongsun KimFuriosa.ai, Jacques KleinUniversity of Luxembourg, SnT, Martin MonperrusKTH Royal Institute of Technology, Yves Le TraonUniversity of Luxembourg Pre-print | |||||||||||||||||||||||||||||||||||||||||
| 15:36 - 15:44 Talk | Paul MunteanTU Munich, Martin MonperrusKTH Royal Institute of Technology, Hao SunUnaffiliated, Jens GrossklagsTechnical University of Munich, Claudia EckertTechnical University of Munich | |||||||||||||||||||||||||||||||||||||||||
| 15:44 - 15:56 Talk | Yi LiNew Jersey Institute of Technology, USA, Shaohua WangNew Jersey Institute of Technology, USA, Tien N. NguyenUniversity of Texas at Dallas | |||||||||||||||||||||||||||||||||||||||||