Fixing Security Vulnerabilities with AI in OSS-Fuzz

TL;DR

This paper explores using AI, specifically LLM agents like AutoCodeRover, to automate security vulnerability fixing in open source software validated by OSS-Fuzz, emphasizing dynamic testing over static code similarity for patch correctness.

Contribution

It demonstrates the adaptation of LLM agents for security patching using exploit test executions, highlighting the limitations of code similarity metrics in ensuring patch correctness.

Findings

LLM agents can effectively automate security vulnerability patches.

Code similarity metrics like CodeBLEU are insufficient for patch quality assessment.

Dynamic test execution is crucial for verifying security patch correctness.

Abstract

Critical open source software systems undergo significant validation in the form of lengthy fuzz campaigns. The fuzz campaigns typically conduct a biased random search over the domain of program inputs, to find inputs which crash the software system. Such fuzzing is useful to enhance the security of software systems in general since even closed source software may use open source components. Hence testing open source software is of paramount importance. Currently OSS-Fuzz is the most significant and widely used infrastructure for continuous validation of open source systems. Unfortunately even though OSS-Fuzz has identified more than 10,000 vulnerabilities across 1000 or more software projects, the detected vulnerabilities may remain unpatched, as vulnerability fixing is often manual in practice. In this work, we rely on the recent progress in Large Language Model (LLM) agents for autonomous program improvement including bug fixing. We customise the well-known AutoCodeRover agent for fixing security vulnerabilities. This is because LLM agents like AutoCodeRover fix bugs from issue descriptions via code search. Instead for security patching, we rely on the test execution of the exploit input to extract code elements relevant to the fix. Our experience with OSS-Fuzz vulnerability data shows that LLM agent autonomy is useful for successful security patching, as opposed to approaches like Agentless where the control flow is fixed. More importantly our findings show that we cannot measure quality of patches by code similarity of the patch with reference codes (as in CodeBLEU scores used in VulMaster), since patches with high CodeBLEU scores still fail to pass given the given exploit input. Our findings indicate that security patch correctness needs to consider dynamic attributes like test executions as opposed to relying of standard text/code similarity metrics.