IntRepair : Informed Repairing of Integer Overflows

• Integer overflows have threatened software applications for decades. Thus, in this paper, we propose a novel technique to provide automatic repairs of integer overflows in C source code. Our technique, based on static symbolic execution, fuses detection, repair generation and validation. This technique is implemented in a prototype named IntRepair. We applied IntRepair to 2,052 C programs (approx. 1 million lines of code) contained in SAMATE's Juliet test suite and 50 synthesized programs that range up to 20 KLOC. Our experimental results show that IntRepair is able to effectively detect integer overflows and successfully repair them, while only increasing the source code (LOC) and binary (Kb) size by around 1%, respectively. Furthermore, we present the results of a user study with 30 participants showing that IntRepair repairs are more efficient than manual repairs. 

Ämnesord

TEKNIK OCH TEKNOLOGIER  -- Elektroteknik och elektronik (hsv//swe)

ENGINEERING AND TECHNOLOGY  -- Electrical Engineering, Electronic Engineering, Information Engineering (hsv//eng)

Nyckelord

Engines

Fault detection

Fuses

integer overflow

Maintenance engineering

Program repair

Runtime

Software

software bug

source code refactoring

static program analysis

symbolic execution

Tools

Application programs

Computer software

Electric fuses

Integer programming

Maintainability

Model checking

Repair

Runtimes

Source codes

C (programming language)

Publikations- och innehållstyp

ref (ämneskategori)

art (ämneskategori)