{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,3,14]],"date-time":"2026-03-14T21:04:20Z","timestamp":1773522260165,"version":"3.50.1"},"publisher-location":"New York, NY, USA","reference-count":41,"publisher":"ACM","license":[{"start":{"date-parts":[[2024,4,20]],"date-time":"2024-04-20T00:00:00Z","timestamp":1713571200000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2024,4,20]]},"DOI":"10.1145\/3643788.3648013","type":"proceedings-article","created":{"date-parts":[[2024,9,11]],"date-time":"2024-09-11T15:29:37Z","timestamp":1726068577000},"page":"26-33","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":2,"title":["BOSS: A dataset to train ML-based systems to repair programs with out-of-bounds write flaws"],"prefix":"10.1145","author":[{"ORCID":"https:\/\/orcid.org\/0009-0005-7611-2329","authenticated-orcid":false,"given":"Anurag Swarnim","family":"Yadav","sequence":"first","affiliation":[{"name":"University of Florida, Gainesville, Florida, USA"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-5833-8499","authenticated-orcid":false,"given":"Joseph N.","family":"Wilson","sequence":"additional","affiliation":[{"name":"University of Florida, Gainesville, Florida, USA"}],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"320","published-online":{"date-parts":[[2024,9,11]]},"reference":[{"key":"e_1_3_2_1_1_1","volume-title":"Proceedings of the 36th International Conference on Software Engineering. 1083--1094","author":"Avgerinos Thanassis","year":"2014","unstructured":"Thanassis Avgerinos, Alexandre Rebert, Sang Kil Cha, and David Brumley. 2014. Enhancing symbolic execution with veritesting. In Proceedings of the 36th International Conference on Software Engineering. 1083--1094."},{"key":"e_1_3_2_1_2_1","doi-asserted-by":"publisher","DOI":"10.1145\/3475960.3475985"},{"key":"e_1_3_2_1_3_1","volume-title":"2016 IEEE International Conference on Software Quality, Reliability and Security (QRS). IEEE, 175--182","author":"Bojanova Irena","year":"2016","unstructured":"Irena Bojanova, Paul E Black, Yaacov Yesha, and Yan Wu. 2016. The bugs framework (BF): A structured approach to express bugs. In 2016 IEEE International Conference on Software Quality, Reliability and Security (QRS). IEEE, 175--182."},{"key":"e_1_3_2_1_4_1","volume-title":"2022 IEEE International Conference on Software Analysis, Evolution and Reengineering (SANER). IEEE, 235--239","author":"Chan Nicholas","year":"2022","unstructured":"Nicholas Chan and John A Chandy. 2022. Extracting Vulnerabilities from GitHub Commits. In 2022 IEEE International Conference on Software Analysis, Evolution and Reengineering (SANER). IEEE, 235--239."},{"key":"e_1_3_2_1_5_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2018.00046"},{"key":"e_1_3_2_1_6_1","volume-title":"Steve James Kommrusch, and Martin Monperrus","author":"Chen Zimin","year":"2022","unstructured":"Zimin Chen, Steve James Kommrusch, and Martin Monperrus. 2022. Neural transfer learning for repairing security vulnerabilities in c code. IEEE Transactions on Software Engineering (2022)."},{"key":"e_1_3_2_1_7_1","volume-title":"USENIX security symposium","author":"Cowan Crispan","unstructured":"Crispan Cowan, Calton Pu, Dave Maier, Jonathan Walpole, Peat Bakke, Steve Beattie, Aaron Grier, Perry Wagle, Qian Zhang, and Heather Hinton. 1998. Stackguard: automatic adaptive detection and prevention of buffer-overflow attacks.. In USENIX security symposium, Vol. 98. San Antonio, TX, 63--78."},{"key":"e_1_3_2_1_8_1","volume-title":"Stack-based buffer overflow detection using recurrent neural networks. arXiv preprint arXiv:2012.15116","author":"Dahl William Arild","year":"2020","unstructured":"William Arild Dahl, Laszlo Erdodi, and Fabio Massimo Zennaro. 2020. Stack-based buffer overflow detection using recurrent neural networks. arXiv preprint arXiv:2012.15116 (2020)."},{"key":"e_1_3_2_1_9_1","volume-title":"Evaluating Bug Finders-Test and Measurement of Static Code Analyzers. In 2015 IEEE\/ACM 1st International Workshop on Complex Faults and Failures in Large Software Systems (COUFLESS). IEEE, 14--20","author":"Delaitre Aurelien","year":"2015","unstructured":"Aurelien Delaitre, Bertrand Stivalet, Elizabeth Fong, and Vadim Okun. 2015. Evaluating Bug Finders-Test and Measurement of Static Code Analyzers. In 2015 IEEE\/ACM 1st International Workshop on Complex Faults and Failures in Large Software Systems (COUFLESS). IEEE, 14--20."},{"key":"e_1_3_2_1_10_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2016.15"},{"key":"e_1_3_2_1_11_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2016.15"},{"key":"e_1_3_2_1_12_1","doi-asserted-by":"publisher","DOI":"10.1145\/3379597.3387501"},{"key":"e_1_3_2_1_13_1","doi-asserted-by":"publisher","DOI":"10.1145\/3540250.3549098"},{"key":"e_1_3_2_1_14_1","doi-asserted-by":"publisher","DOI":"10.1145\/3196398.3196454"},{"key":"e_1_3_2_1_15_1","unstructured":"Eric Haugh and Matt Bishop. 2003. Testing C Programs for Buffer Overflow Vulnerabilities.. In NDSS. Citeseer 8."},{"key":"e_1_3_2_1_16_1","doi-asserted-by":"crossref","unstructured":"Yu Hu Zekun Shen and Brendan Dolan-Gavitt. 2022. Characterizing and Improving Bug-Finders with Synthetic Bugs. (2022).","DOI":"10.1109\/SANER53432.2022.00115"},{"key":"e_1_3_2_1_17_1","doi-asserted-by":"publisher","DOI":"10.1016\/j.procs.2020.04.217"},{"key":"e_1_3_2_1_18_1","volume-title":"Proceedings of the 16th ACM SIGSOFT International Symposium on Foundations of software engineering. 272--282","author":"Le Wei","year":"2008","unstructured":"Wei Le and Mary Lou Soffa. 2008. Marple: a demand-driven path-sensitive buffer overflow detector. In Proceedings of the 16th ACM SIGSOFT International Symposium on Foundations of software engineering. 272--282."},{"key":"e_1_3_2_1_19_1","volume-title":"Vuldeepecker: A deep learning-based system for vulnerability detection. arXiv preprint arXiv:1801.01681","author":"Li Zhen","year":"2018","unstructured":"Zhen Li, Deqing Zou, Shouhuai Xu, Xinyu Ou, Hai Jin, Sujuan Wang, Zhijun Deng, and Yuyi Zhong. 2018. Vuldeepecker: A deep learning-based system for vulnerability detection. arXiv preprint arXiv:1801.01681 (2018)."},{"key":"e_1_3_2_1_20_1","unstructured":"Daniel Marjam\u00e4ki. Accessed 2022-06-09. Cppcheck: a tool for static C\/C++ code analysis. https:\/\/cppcheck.sourceforge.io"},{"key":"e_1_3_2_1_21_1","unstructured":"MITRE. Accessed 2022-06-09. Common Vulnerabilities and Exposures. https:\/\/cve.mitre.org"},{"key":"e_1_3_2_1_22_1","unstructured":"MITRE. Accessed 2022-06-09. Common weakness enumeration. https:\/\/cwe.mitre.org (accessed06.29.2022)"},{"key":"e_1_3_2_1_23_1","doi-asserted-by":"publisher","DOI":"10.1145\/503272.503286"},{"key":"e_1_3_2_1_24_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2018.00056"},{"key":"e_1_3_2_1_25_1","doi-asserted-by":"crossref","first-page":"142879","DOI":"10.1109\/ACCESS.2021.3120349","article-title":"Characterizing Buffer Overflow Vulnerabilities in Large C\/C++ Projects","volume":"9","author":"D'Abruzzo Pereira Jos\u00e9","year":"2021","unstructured":"Jos\u00e9 D'Abruzzo Pereira, Naghmeh Ivaki, and Marco Vieira. 2021. Characterizing Buffer Overflow Vulnerabilities in Large C\/C++ Projects. IEEE Access 9 (2021), 142879--142892.","journal-title":"IEEE Access"},{"key":"e_1_3_2_1_26_1","doi-asserted-by":"publisher","DOI":"10.1145\/2991079.2991103"},{"key":"e_1_3_2_1_27_1","first-page":"1","article-title":"VUzzer: Application-aware Evolutionary Fuzzing","volume":"17","author":"Rawat Sanjay","year":"2017","unstructured":"Sanjay Rawat, Vivek Jain, Ashish Kumar, Lucian Cojocar, Cristiano Giuffrida, and Herbert Bos. 2017. VUzzer: Application-aware Evolutionary Fuzzing.. In NDSS, Vol. 17. 1--14.","journal-title":"NDSS"},{"key":"e_1_3_2_1_28_1","doi-asserted-by":"publisher","DOI":"10.1090\/S0002-9947-1953-0053041-6"},{"key":"e_1_3_2_1_29_1","doi-asserted-by":"publisher","DOI":"10.1109\/ICMLA.2018.00120"},{"key":"e_1_3_2_1_30_1","volume-title":"Proceedings of the 16th Annual Computer Security Applications Conference. 257--269","author":"Viega John","year":"2001","unstructured":"John Viega, JT Bloch, Yoshi Kohno, and Gary McGraw. 2001. A static vulnerability scanner for C and C++ code. In Proceedings of the 16th Annual Computer Security Applications Conference. 257--269."},{"key":"e_1_3_2_1_31_1","first-page":"0","article-title":"A first step towards automated detection of buffer overrun vulnerabilities","volume":"20","author":"Wagner David A","year":"2000","unstructured":"David A Wagner, Jeffrey S Foster, Eric A Brewer, and Alexander Aiken. 2000. A first step towards automated detection of buffer overrun vulnerabilities.. In NDSS, Vol. 20. 0.","journal-title":"NDSS"},{"key":"e_1_3_2_1_32_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2010.37"},{"key":"e_1_3_2_1_33_1","unstructured":"Tielei Wang Tao Wei Zhiqiang Lin and Wei Zou. 2009. IntScope: Automatically Detecting Integer Overflow Vulnerability in X86 Binary Using Symbolic Execution.. In NDSS. Citeseer."},{"key":"e_1_3_2_1_34_1","unstructured":"David Wheeler. Accessed 2022-06-09. Flawfinder home page. http:\/\/www.dwheeler.com\/flawfinder"},{"key":"e_1_3_2_1_35_1","doi-asserted-by":"publisher","DOI":"10.1016\/j.infsof.2021.106653"},{"key":"e_1_3_2_1_36_1","volume-title":"Proceedings of the 9th European software engineering conference held jointly with 11th ACM SIGSOFT international symposium on Foundations of software engineering. 327--336","author":"Xie Yichen","year":"2003","unstructured":"Yichen Xie, Andy Chou, and Dawson Engler. 2003. Archer: using symbolic, path-sensitive analysis to detect memory access errors. In Proceedings of the 9th European software engineering conference held jointly with 11th ACM SIGSOFT international symposium on Foundations of software engineering. 327--336."},{"key":"e_1_3_2_1_37_1","volume-title":"Proceedings of the 2008 international symposium on Software testing and analysis. 27--38","author":"Xu Ru-Gang","year":"2008","unstructured":"Ru-Gang Xu, Patrice Godefroid, and Rupak Majumdar. 2008. Testing for buffer overflows with length abstraction. In Proceedings of the 2008 international symposium on Software testing and analysis. 27--38."},{"key":"e_1_3_2_1_38_1","volume-title":"Accessed","author":"Yadav Anurag Swarnin","year":"2024","unstructured":"Anurag Swarnin Yadav and Joseph N. Wilson. Accessed 2024. BOSS : A dataset to train ML-based systems to repair programs with out-of-bounds write flaws. https:\/\/github.com\/Anurag-Swarnim-Yadav\/BOSS"},{"key":"e_1_3_2_1_39_1","doi-asserted-by":"publisher","DOI":"10.1145\/2508859.2516665"},{"key":"e_1_3_2_1_40_1","doi-asserted-by":"publisher","DOI":"10.1109\/TSE.2021.3058985"},{"key":"e_1_3_2_1_41_1","volume-title":"Devign: Effective vulnerability identification by learning comprehensive program semantics via graph neural networks. Advances in neural information processing systems 32","author":"Zhou Yaqin","year":"2019","unstructured":"Yaqin Zhou, Shangqing Liu, Jingkai Siow, Xiaoning Du, and Yang Liu. 2019. Devign: Effective vulnerability identification by learning comprehensive program semantics via graph neural networks. Advances in neural information processing systems 32 (2019)."}],"event":{"name":"APR '24: 5th ACM\/IEEE International Workshop on Automated Program Repair","location":"Lisbon Portugal","acronym":"APR '24","sponsor":["SIGSOFT ACM Special Interest Group on Software Engineering","IEEE CS","Faculty of Engineering of University of Porto"]},"container-title":["Proceedings of the 5th ACM\/IEEE International Workshop on Automated Program Repair"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3643788.3648013","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3643788.3648013","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,19]],"date-time":"2025-06-19T00:57:45Z","timestamp":1750294665000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3643788.3648013"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2024,4,20]]},"references-count":41,"alternative-id":["10.1145\/3643788.3648013","10.1145\/3643788"],"URL":"https:\/\/doi.org\/10.1145\/3643788.3648013","relation":{},"subject":[],"published":{"date-parts":[[2024,4,20]]},"assertion":[{"value":"2024-09-11","order":3,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}