The reviewed record of science sign in
Pith

arxiv: 2307.12465 · v1 · pith:TLXPSRF5 · submitted 2023-07-24 · cs.SE

StaticFixer: From Static Analysis to Static Repair

Reviewed by Pith T0 review T1 audit T2 compute T3 formal T4 kernel pith:TLXPSRF5record.jsonopen to challenge →

classification cs.SE
keywords staticsysnameanalysisflowinformationpropertyrepairrepairs
0
0 comments X
read the original abstract

Static analysis tools are traditionally used to detect and flag programs that violate properties. We show that static analysis tools can also be used to perturb programs that satisfy a property to construct variants that violate the property. Using this insight we can construct paired data sets of unsafe-safe program pairs, and learn strategies to automatically repair property violations. We present a system called \sysname, which automatically repairs information flow vulnerabilities using this approach. Since information flow properties are non-local (both to check and repair), \sysname also introduces a novel domain specific language (DSL) and strategy learning algorithms for synthesizing non-local repairs. We use \sysname to synthesize strategies for repairing two types of information flow vulnerabilities, unvalidated dynamic calls and cross-site scripting, and show that \sysname successfully repairs several hundred vulnerabilities from open source {\sc JavaScript} repositories, outperforming neural baselines built using {\sc CodeT5} and {\sc Codex}. Our datasets can be downloaded from \url{http://aka.ms/StaticFixer}.

This paper has not been read by Pith yet.

discussion (0)

Sign in with ORCID, Apple, or X to comment. Anyone can read and Pith papers without signing in.

Forward citations

Cited by 1 Pith paper

Reviewed papers in the Pith corpus that reference this work. Sorted by Pith novelty score.

  1. CodeCureAgent: Automatic Classification and Repair of Static Analysis Warnings

    cs.SE 2025-09 conditional novelty 7.0

    CodeCureAgent achieves 96.8% plausible fixes and 86.3% correct fixes for 1,000 SonarQube warnings across 106 Java projects using an agentic LLM framework.