This program is tentative and subject to change.
OpenID Connect has revolutionized single sign-on (SSO)-based online authentication by providing a secure and convenient method for accessing multiple services with a single set of credentials. Despite its widespread adoption, critical security bugs in OpenID Connect have resulted in significant financial losses and security breaches, highlighting the need for robust mitigation strategies. Automated program repair presents a promising solution for generating candidate patches for OpenID programs. However, challenges such as domain-specific complexities and the necessity for precise fault localization and patch verification must be addressed. We propose AuthFix, a counter-example guided repair engine leveraging LLMs for automated OpenID bug fixing. AuthFix integrates three key components: fault localization, patch synthesis, and patch verification. By employing a novel Petri-net-based model checker, AuthFix ensures the correctness of patches through effective interaction modeling. Our evaluation on a dataset of OpenID bugs demonstrates that AuthFix successfully generates correct patches for 17 out of 23 bugs (74%), with a high percentage of semantic equivalence to manual developer patches.
This program is tentative and subject to change.
Wed 19 NovDisplayed time zone: Seoul change
11:00 - 12:30 | |||
11:00 10mTalk | Automated Repair of Ambiguous Problem Descriptions for LLM-Based Code Generation Research Papers Haoxiang Jia Peking University, Robbie Morris University College London, He Ye University College London (UCL), Federica Sarro University College London, Sergey Mechtaev Peking University | ||
11:10 10mTalk | Fixing Broken Graphs: LLM-Powered Automatic Code Optimization for DNN Programs Research Papers Haotian Wang Nankai University, Yicheng Sui Nankai University, Yudong Xie Nankai University, Yicong Liu Nankai University, Yufei Sun Nankai University, Changqing Shi Nankai University, Yuzhi Zhang Nankai University | ||
11:20 10mTalk | SemGuard: Real-Time Semantic Evaluator for Correcting LLM-Generated Code Research Papers Qinglin Wang Shandong Normal University, Zhihong Sun Shandong Normal University, Ruyun Wang Institute of Information Engineering, Chinese Academy of Sciences, Tao Huang Shandong Normal University, Zhi Jin Peking University, Ge Li Peking University, Chen Lyu Shandong Normal University | ||
11:30 10mTalk | Amur: Fixing Multi-Resource Leaks Guided by Resource Flow Analysis Research Papers | ||
11:40 10mTalk | Automated Repair of OpenID Connect Programs Research Papers Tamjid Al Rahat University of Virginia, Yanju Chen University of California, San Diego, Yu Feng University of California at Santa Barbara, Yuan Tian | ||
11:50 10mTalk | FlakyGuard: Automatically Fixing Flaky Tests at Industry Scale Research Papers Chengpeng Li University of Texas at Austin, Farnaz Behrang Uber Technologies, August Shi The University of Texas at Austin, Peng Liu Uber Technologies | ||
12:00 10mTalk | LLMPort: Cross-file Patch Porting via Task Decomposition and Self-correction Research Papers Bofei Chen Fudan University, Lei Zhang Fudan University, Peng Deng Fudan University, Nan Wang Fudan University, Haoyu Xu Fudan University, Mingda Guo Fudan Universityv, Yuan Zhang Fudan University, Min Yang Fudan University | ||
12:10 10mTalk | Repairing Leaks in Resource Wrappers Research Papers Sanjay Malakar University of California, Riverside, Martin Kellogg New Jersey Institute of Technology, Michael D. Ernst University of Washington, Manu Sridharan University of California at Riverside | ||
12:20 10mTalk | Automatic Fixing of Missing Dependency Errors Research Papers Jun Lyu Nanjing University, He Zhang Nanjing University, Lanxin Yang Nanjing University, Yue Li Nanjing University, Chenxing Zhong Nanjing University, Manuel Rigger National University of Singapore | ||