Related papers: Well Begun is Half Done: Location-Aware and Trace-Guided Iterative Automated Vulnerability Repair

Well Begun is Half Done: Location-Aware and Trace-Guided Iterative Automated Vulnerability Repair

URL: http://arxiv.org/abs/2512.20203v1
Date: Tue, 23 Dec 2025 09:54:22 GMT
Title: Well Begun is Half Done: Location-Aware and Trace-Guided Iterative Automated Vulnerability Repair
Authors: Zhenlei Ye, Xiaobing Sun, Sicong Cao, Lili Bo, Bin Li,
Abstract summary: Existing vulnerability repair approaches ignore the concern of locations that need to be patched and focus solely on the repair content.<n>We propose sysname, an LLM-based approach that provides information about where should be patched first.<n>sysname improves the iterative repair strategy by assessing the quality of test-failing patches and selecting the best patch for the next iteration.
Score: 8.461073497106222
License: http://creativecommons.org/licenses/by/4.0/
Abstract: The advances of large language models (LLMs) have paved the way for automated software vulnerability repair approaches, which iteratively refine the patch until it becomes plausible. Nevertheless, existing LLM-based vulnerability repair approaches face notable limitations: 1) they ignore the concern of locations that need to be patched and focus solely on the repair content. 2) they lack quality assessment for generated candidate patches in the iterative process. To tackle the two limitations, we propose \sysname, an LLM-based approach that provides information about where should be patched first. Furthermore, \sysname improves the iterative repair strategy by assessing the quality of test-failing patches and selecting the best patch for the next iteration. We introduce two dimensions to assess the quality of patches: whether they introduce new vulnerabilities and the taint statement coverage. We evaluated \sysname on a real-world C/C++ vulnerability repair dataset VulnLoc+, which contains 40 vulnerabilities and their Proofs-of-Vulnerability. The experimental results demonstrate that \sysname exhibits substantial improvements compared with the Neural Machine Translation-based, Program Analysis-based, and LLM-based state-of-the-art vulnerability repair approaches. Specifically, \sysname is able to generate 27 plausible patches, which is comparable to or even 8 to 22 more plausible patches than the baselines. In terms of correct patch generation, \sysname repairs 8 to 13 additional vulnerabilities compared with existing approaches.

Related papers

Enhancing Automated Program Repair via Faulty Token Localization and Quality-Aware Patch Refinement [15.978451025074962]
TokenRepair is a novel two-level refinement framework for program repair.<n>It integrates internal reflection for localizing potentially faulty tokens with external feedback for quality-aware patch refinement.<n> TokenRepair achieves new state-of-the-art repair performance, correctly fixing 88 bugs on Defects4J 1.2 and 139 bugs on HumanEval-Java.
arXiv Detail & Related papers (2025-11-22T10:05:26Z)
What Do They Fix? LLM-Aided Categorization of Security Patches for Critical Memory Bugs [46.325755802511026]
We developLM, a dual-method pipeline that integrates two approaches based on a Large Language Model (LLM) and a fine-tuned small language model.<n>LM successfully identified 111 of 5,140 recent Linux kernel patches addressing OOB or UAF vulnerabilities, with 90 true positives confirmed by manual verification.
arXiv Detail & Related papers (2025-09-26T18:06:36Z)
Revisiting Vulnerability Patch Localization: An Empirical Study and LLM-Based Solution [44.388332647211776]
Open-source software vulnerability patch detection is a critical component for maintaining software security and ensuring software supply chain integrity.<n>Traditional detection methods face significant scalability challenges when processing large volumes of commit histories.<n>We propose a novel two-stage framework that combines version-driven candidate filtering with large language model-based multi-round dialogue voting.
arXiv Detail & Related papers (2025-09-19T09:09:55Z)
Weakly Supervised Vulnerability Localization via Multiple Instance Learning [46.980136742826836]
We propose a novel approach called WAVES for WeAkly supervised Vulnerability localization via multiplE inStance learning.<n>WAVES has the capability to determine whether a function is vulnerable (i.e., vulnerability detection) and pinpoint the vulnerable statements.<n>Our approach achieves comparable performance in vulnerability detection and state-of-the-art performance in statement-level vulnerability localization.
arXiv Detail & Related papers (2025-09-14T15:11:39Z)
VulnRepairEval: An Exploit-Based Evaluation Framework for Assessing Large Language Model Vulnerability Repair Capabilities [41.85494398578654]
VulnRepairEval is an evaluation framework anchored in functional Proof-of-Concept exploits.<n>Our framework delivers a comprehensive, containerized evaluation pipeline that enables reproducible differential assessment.
arXiv Detail & Related papers (2025-09-03T14:06:10Z)
Repair Ingredients Are All You Need: Improving Large Language Model-Based Program Repair via Repair Ingredients Search [41.50068103527948]
We propose ReinFix, a framework that searches for repair ingredients throughout the reasoning and solution phases of bug fixing.<n>During the solution phase, ReinFix searches for external ingredients from historical bug fixes with similar bug patterns.<n> Evaluations on two popular benchmarks demonstrate the effectiveness of our approach over SOTA baselines.
arXiv Detail & Related papers (2025-06-29T06:02:11Z)
Fast and Accurate Silent Vulnerability Fix Retrieval [7.512949497610182]
Existing approaches to trace/retrieve the patching commit for fixing a CVE suffer from two major challenges.<n>We propose SITPatchTracer, a scalable and effective retrieval system for tracing known vulnerability patches.<n>Using SITPatchTracer, we have successfully traced and merged the patch links for 35 new CVEs in the GitHub Advisory database.
arXiv Detail & Related papers (2025-03-29T01:53:07Z)
ReF Decompile: Relabeling and Function Call Enhanced Decompile [50.86228893636785]
The goal of decompilation is to convert compiled low-level code (e.g., assembly code) back into high-level programming languages.<n>This task supports various reverse engineering applications, such as vulnerability identification, malware analysis, and legacy software migration.
arXiv Detail & Related papers (2025-02-17T12:38:57Z)
There are More Fish in the Sea: Automated Vulnerability Repair via Binary Templates [4.907610470063863]
We propose a template-based automated vulnerability repair approach for Java binaries.<n>Experiments on the Vul4J dataset demonstrate that TemVUR successfully repairs 11 vulnerabilities.<n>To assess the generalizability of TemVUR, we curate the ManyVuls4J dataset.
arXiv Detail & Related papers (2024-11-27T06:59:45Z)
Learning Graph-based Patch Representations for Identifying and Assessing Silent Vulnerability Fixes [5.983725940750908]
Software projects are dependent on many third-party libraries, therefore high-risk vulnerabilities can propagate through the dependency chain to downstream projects. Silent vulnerability fixes cause downstream software to be unaware of urgent security issues in a timely manner, posing a security risk to the software. We propose GRAPE, a GRAph-based Patch rEpresentation that aims to provide a unified framework for getting vulnerability fix patches representation.
arXiv Detail & Related papers (2024-09-13T03:23:11Z)
APPATCH: Automated Adaptive Prompting Large Language Models for Real-World Software Vulnerability Patching [24.958856670970366]
In this paper, we leverage the power and merits of pre-trained language language models (LLMs) to enable automated vulnerability patching.<n>To elicit LLMs to effectively reason about vulnerable code behaviors, we introduce vulnerability semantics reasoning and adaptive prompting.<n>Our evaluation of AP on 97 zero-day vulnerabilities and 20 existing vulnerabilities demonstrates its superior performance to both existing methods and state-of-theart non-LLM-based techniques.
arXiv Detail & Related papers (2024-08-24T14:51:50Z)
A Case Study of LLM for Automated Vulnerability Repair: Assessing Impact of Reasoning and Patch Validation Feedback [7.742213291781287]
We present VRpilot, a vulnerability repair technique based on reasoning and patch validation feedback. Our results show that VRpilot generates, on average, 14% and 7.6% more correct patches than the baseline techniques on C and Java.
arXiv Detail & Related papers (2024-05-24T16:29:48Z)

This list is automatically generated from the titles and abstracts of the papers in this site.