Analysis of Program Patches Nature and Searching for Unpatched Code Fragments

2019 Ivannikov Memorial Workshop (IVMEM) Pub Date : 2019-09-01 DOI:10.1109/IVMEM.2019.00014

Mariam Arutunian, H. Aslanyan, V. Vardanyan, V. Sirunyan, S. Kurmangaleev, S. Gaissaryan

{"title":"Analysis of Program Patches Nature and Searching for Unpatched Code Fragments","authors":"Mariam Arutunian, H. Aslanyan, V. Vardanyan, V. Sirunyan, S. Kurmangaleev, S. Gaissaryan","doi":"10.1109/IVMEM.2019.00014","DOIUrl":null,"url":null,"abstract":"Software developers often copy and paste code within a project. Due to the possible existence of defects in the initial code fragment, this can lead to defects propagation across the project. Software changes in new version (patches) usually contain bug fixes, which can be used for detecting similar defects in a project. The purpose of this work is to develop method for analyzing the nature of patches between versions of executables and finding unpatched code fragments. At first, two versions of executables are compared for finding common and changed parts of code. Then, the method determines patches that can possibly be fixes of bugs. The final step is detection of unpatched code fragments. It is based on finding all clones of the buggy code fragments found in previous step which are not patched in the new version of the program. These fragments possibly contain defects. Developed tool allows to analyze programs of several architectures (x86, x86-64, arm, mips, powerpc). The experimental results show that the average percentage of true positive rate on the CoreBench test suite is 73%.","PeriodicalId":166102,"journal":{"name":"2019 Ivannikov Memorial Workshop (IVMEM)","volume":"10 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2019-09-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"3","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2019 Ivannikov Memorial Workshop (IVMEM)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/IVMEM.2019.00014","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 3

Abstract

Software developers often copy and paste code within a project. Due to the possible existence of defects in the initial code fragment, this can lead to defects propagation across the project. Software changes in new version (patches) usually contain bug fixes, which can be used for detecting similar defects in a project. The purpose of this work is to develop method for analyzing the nature of patches between versions of executables and finding unpatched code fragments. At first, two versions of executables are compared for finding common and changed parts of code. Then, the method determines patches that can possibly be fixes of bugs. The final step is detection of unpatched code fragments. It is based on finding all clones of the buggy code fragments found in previous step which are not patched in the new version of the program. These fragments possibly contain defects. Developed tool allows to analyze programs of several architectures (x86, x86-64, arm, mips, powerpc). The experimental results show that the average percentage of true positive rate on the CoreBench test suite is 73%.

查看原文

微信好友朋友圈 QQ好友复制链接

本刊更多论文

程序补丁性质分析及未修补代码片段搜索

软件开发人员经常在项目中复制和粘贴代码。由于在初始代码片段中可能存在缺陷，这可能导致缺陷在整个项目中传播。新版本(补丁)中的软件更改通常包含错误修复，可用于检测项目中类似的缺陷。这项工作的目的是开发一种方法来分析可执行文件版本之间补丁的性质，并找到未打补丁的代码片段。首先，比较两个版本的可执行文件，以查找代码的公共部分和更改部分。然后，该方法确定可能是错误修复的补丁。最后一步是检测未打补丁的代码片段。它是基于查找在前一步中发现的错误代码片段的所有克隆，这些代码片段在新版本的程序中没有修补。这些片段可能包含缺陷。开发的工具允许分析多种体系结构(x86, x86-64, arm, mips, powerpc)的程序。实验结果表明，CoreBench测试套件的平均真阳性率为73%。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文去求助

来源期刊

2019 Ivannikov Memorial Workshop (IVMEM)

自引率

0.00%

发文量