Integer overflows have threatened software applications for decades. Thus, in this paper, we propose a novel technique to provide automatic repairs of integer overflows in C source code. Our technique, based on static symbolic execution, fuses detection, repair generation and validation. This technique is implemented in a prototype named IntRepair. We applied IntRepair to 2,052 C programs (approx. 1 million lines of code) contained in SAMATE’s Juliet test suite and 50 synthesized programs that range up to 20KLOC. Our experimental results show that IntRepair is able to effectively detect integer overflows and successfully repair them, while only increasing the source code (LOC) and binary (Kb) size by around 1%, respectively. Further, we present the results of a user study with 30 participants which shows that IntRepair repairs are more than 10x efficient as compared to manually generated code repairs.
Sat 11 JulDisplayed time zone: (UTC) Coordinated Universal Time change
15:00 - 16:00 | A26-Bugs and RepairJournal First / Technical Papers at Goguryeo Chair(s): Davide Falessi California Polytechnic State University | ||
15:00 12mTalk | Simulee: Detecting CUDA Synchronization Bugs via Memory-Access ModelingTechnical Technical Papers Mingyuan Wu Southern University of Science and Technology, Yicheng Ouyang Southern University of Science and Technology, Husheng Zhou The University of Texas at Dallas, Lingming Zhang The University of Texas at Dallas, Cong Liu UT Dallas, Yuqun Zhang Southern University of Science and Technology | ||
15:12 8mTalk | Fine-Grained Dynamic Resource Allocation for Big-Data ApplicationsJ1 Journal First Luciano Baresi Politecnico di Milano, Alberto Leva Politecnico di Milano, Giovanni Quattrocchi Politecnico di Milano | ||
15:20 8mTalk | The Assessor's Dilemma: Improving Bug Repair via Empirical Game TheoryJ1 Journal First Carlos Gavidia-Calderon University College London, Federica Sarro University College London, UK, Mark Harman Facebook and University College London, Earl T. Barr University College London, UK Link to publication DOI Pre-print Media Attached | ||
15:28 8mTalk | FixMiner: Mining Relevant Fix Patterns for Automated Program RepairJ1 Journal First Anil Koyuncu University of Luxembourg, Luxembourg, Kui Liu Nanjing University of Aeronautics and Astronautics, Tegawendé F. Bissyandé SnT, University of Luxembourg, Dongsun Kim Furiosa.ai, Jacques Klein University of Luxembourg, SnT, Martin Monperrus KTH Royal Institute of Technology, Yves Le Traon University of Luxembourg Pre-print | ||
15:36 8mTalk | IntRepair: Informed Repairing of Integer OverflowsJ1 Journal First Paul Muntean TU Munich, Martin Monperrus KTH Royal Institute of Technology, Hao Sun Unaffiliated, Jens Grossklags Technical University of Munich, Claudia Eckert Technical University of Munich | ||
15:44 12mTalk | DLFix: Context-based Code Transformation Learning for Automated Program RepairTechnical Technical Papers Yi Li New Jersey Institute of Technology, USA, Shaohua Wang New Jersey Institute of Technology, USA, Tien N. Nguyen University of Texas at Dallas | ||