Automated program repair is an emerging technology that seeks to automatically rectify program errors and vulnerabilities. Repair techniques are driven by a correctness criterion that is often in the form of a test suite. Such test-based repair may produce overfitting patches, where the patches produced fail on tests outside the test suite driving the repair. In this work, we present a repair method that fixes program vulnerabilities without the need for a voluminous test suite. Given a vulnerability as evidenced by an exploit, the technique extracts a constraint representing the vulnerability with the help of sanitizers. The extracted constraint serves as a proof obligation that our synthesized patch should satisfy. The proof obligation is met by propagating the extracted constraint to locations that are deemed to be “suitable” fix locations. An implementation of our approach (E xtract F ix ) on top of the KLEE symbolic execution engine shows its efficacy in fixing a wide range of vulnerabilities taken from the ManyBugs benchmark, real-world CVEs and Google’s OSS-Fuzz framework. We believe that our work presents a way forward for the overfitting problem in program repair by generalizing observable hazards/vulnerabilities (as constraint) from a single failing test or exploit.

中文翻译：

---

超越测试

自动程序修复是一种新兴技术，旨在自动纠正程序错误和漏洞。修复技术由通常以测试套件形式出现的正确性标准驱动。这种基于测试的修复可能会产生过拟合补丁，其中产生的补丁在驱动修复的测试套件之外的测试中失败。在这项工作中，我们提出了一种修复方法，无需大量测试套件即可修复程序漏洞。给定由漏洞利用证明的漏洞，该技术在消毒剂的帮助下提取表示漏洞的约束。提取的约束作为我们的合成补丁应满足的证明义务。通过将提取的约束传播到被认为是“合适的”修复位置的位置来满足证明义务。提取物F九) 在 KLEE 符号执行引擎之上显示了它在修复从 ManyBugs 基准测试、真实世界 CVE 和 Google 的 OSS-Fuzz 框架中获取的各种漏洞方面的功效。我们相信，我们的工作通过从单个失败的测试或利用中概括可观察到的危险/漏洞（作为约束），为程序修复中的过度拟合问题提供了一种解决方法。