A Study of Vulnerability Repair in JavaScript Programs with Large Language Models
arxiv(2024)
摘要
In recent years, JavaScript has become the most widely used programming
language, especially in web development. However, writing secure JavaScript
code is not trivial, and programmers often make mistakes that lead to security
vulnerabilities in web applications. Large Language Models (LLMs) have
demonstrated substantial advancements across multiple domains, and their
evolving capabilities indicate their potential for automatic code generation
based on a required specification, including automatic bug fixing. In this
study, we explore the accuracy of LLMs, namely ChatGPT and Bard, in finding and
fixing security vulnerabilities in JavaScript programs. We also investigate the
impact of context in a prompt on directing LLMs to produce a correct patch of
vulnerable JavaScript code. Our experiments on real-world software
vulnerabilities show that while LLMs are promising in automatic program repair
of JavaScript code, achieving a correct bug fix often requires an appropriate
amount of context in the prompt.
更多查看译文
AI 理解论文
溯源树
样例
生成溯源树,研究论文发展脉络
Chat Paper
正在生成论文摘要