{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,6,1]],"date-time":"2026-06-01T18:29:58Z","timestamp":1780338598403,"version":"3.54.1"},"publisher-location":"New York, NY, USA","reference-count":41,"publisher":"ACM","license":[{"start":{"date-parts":[[2024,7,10]],"date-time":"2024-07-10T00:00:00Z","timestamp":1720569600000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"funder":[{"name":"National Science Foundation","award":["2026928"],"award-info":[{"award-number":["2026928"]}]}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2024,7,10]]},"DOI":"10.1145\/3664646.3664770","type":"proceedings-article","created":{"date-parts":[[2024,7,10]],"date-time":"2024-07-10T19:39:56Z","timestamp":1720640396000},"page":"103-111","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":26,"title":["A Case Study of LLM for Automated Vulnerability Repair: Assessing Impact of Reasoning and Patch Validation Feedback"],"prefix":"10.1145","author":[{"ORCID":"https:\/\/orcid.org\/0009-0005-6466-6076","authenticated-orcid":false,"given":"Ummay","family":"Kulsum","sequence":"first","affiliation":[{"name":"North Carolina State University, Raleigh, USA"}],"role":[{"vocabulary":"crossref","role":"author"}]},{"ORCID":"https:\/\/orcid.org\/0009-0007-2520-8309","authenticated-orcid":false,"given":"Haotian","family":"Zhu","sequence":"additional","affiliation":[{"name":"Singapore Management University, Singapore, Singapore"}],"role":[{"vocabulary":"crossref","role":"author"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-1006-8493","authenticated-orcid":false,"given":"Bowen","family":"Xu","sequence":"additional","affiliation":[{"name":"North Carolina State University, Raleigh, USA"}],"role":[{"vocabulary":"crossref","role":"author"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-1323-8769","authenticated-orcid":false,"given":"Marcelo","family":"d'Amorim","sequence":"additional","affiliation":[{"name":"North Carolina State University, Raleigh, USA"}],"role":[{"vocabulary":"crossref","role":"author"}]}],"member":"320","published-online":{"date-parts":[[2024,7,10]]},"reference":[{"key":"e_1_3_2_1_1_1","unstructured":"2023. ExtractFix Benchmark Download Link. https:\/\/drive.google.com\/drive\/folders\/1xJ-z2Wvvg7JSaxfTQdxayXFEmoF3y0ET"},{"key":"e_1_3_2_1_2_1","doi-asserted-by":"publisher","DOI":"10.48550\/arXiv.2206.01335"},{"key":"e_1_3_2_1_3_1","doi-asserted-by":"publisher","DOI":"10.1145\/3524842.3528482"},{"key":"e_1_3_2_1_4_1","doi-asserted-by":"publisher","DOI":"10.1109\/TSE.2022.3147265"},{"key":"e_1_3_2_1_5_1","doi-asserted-by":"publisher","DOI":"10.1109\/ICSE48619.2023.00022"},{"key":"e_1_3_2_1_6_1","unstructured":"CVE-2014-8128. [n. d.]. EF0201. https:\/\/github.com\/vadz\/libtiff\/commit\/3206e0c"},{"key":"e_1_3_2_1_7_1","unstructured":"CVE-2016-1838. [n. d.]. EF15. https:\/\/gitlab.gnome.org\/GNOME\/libxml2\/-\/commit\/db07dd6"},{"key":"e_1_3_2_1_8_1","unstructured":"CVE-2016-3623. [n. d.]. EF09. https:\/\/github.com\/vadz\/libtiff\/commit\/bd024f0"},{"key":"e_1_3_2_1_9_1","unstructured":"CVE-2016-5321. [n. d.]. EF01. https:\/\/github.com\/vadz\/libtiff\/commit\/d9783e4"},{"key":"e_1_3_2_1_10_1","unstructured":"CVE-2017-5969. [n. d.]. EF18. https:\/\/gitlab.gnome.org\/GNOME\/libxml2\/-\/commit\/94691dc8"},{"key":"e_1_3_2_1_11_1","unstructured":"CVE-2017-7601. [n. d.]. EF08. https:\/\/github.com\/vadz\/libtiff\/commit\/0a76a8"},{"key":"e_1_3_2_1_12_1","doi-asserted-by":"publisher","DOI":"10.48550\/arXiv.2204.05999"},{"key":"e_1_3_2_1_13_1","doi-asserted-by":"publisher","DOI":"10.1145\/3540250.3549098"},{"key":"e_1_3_2_1_14_1","doi-asserted-by":"publisher","DOI":"10.1145\/3418461"},{"key":"e_1_3_2_1_15_1","doi-asserted-by":"publisher","DOI":"10.1016\/j.infsof.2013.02.006"},{"key":"e_1_3_2_1_16_1","unstructured":"Jacob A. Harer Onur Ozdemir Tomo Lazovich Christopher P. Reale Rebecca L. Russell Louis Y. Kim and Peter Chin. 2018. Learning to Repair Software Vulnerabilities with Generative Adversarial Networks. In Neural Information Processing Systems."},{"key":"e_1_3_2_1_17_1","doi-asserted-by":"crossref","unstructured":"Jie Huang and Kevin Chen-Chuan Chang. 2022. Towards reasoning in large language models: A survey. arXiv preprint arXiv:2212.10403.","DOI":"10.18653\/v1\/2023.findings-acl.67"},{"key":"e_1_3_2_1_18_1","volume-title":"Repairing Security Vulnerabilities Using Pre-trained Programming Language Models. In 2022 52nd Annual IEEE\/IFIP International Conference on Dependable Systems and Networks Workshops (DSN-W). 111\u2013116","author":"Huang Kai","year":"2022","unstructured":"Kai Huang, Su Yang, Hongyu Sun, Chengyi Sun, Xuejun Li, and Yuqing Zhang. 2022. Repairing Security Vulnerabilities Using Pre-trained Programming Language Models. In 2022 52nd Annual IEEE\/IFIP International Conference on Dependable Systems and Networks Workshops (DSN-W). 111\u2013116."},{"key":"e_1_3_2_1_19_1","doi-asserted-by":"publisher","DOI":"10.1109\/ICSE43902.2021.00107"},{"key":"e_1_3_2_1_20_1","volume-title":"Machel Reid, Yutaka Matsuo, and Yusuke Iwasawa.","author":"Kojima Takeshi","year":"2022","unstructured":"Takeshi Kojima, Shixiang Shane Gu, Machel Reid, Yutaka Matsuo, and Yusuke Iwasawa. 2022. Large language models are zero-shot reasoners. Advances in neural information processing systems, 35 (2022), 22199\u201322213."},{"key":"e_1_3_2_1_21_1","doi-asserted-by":"publisher","DOI":"10.1145\/3377811.3380345"},{"key":"e_1_3_2_1_22_1","doi-asserted-by":"publisher","DOI":"10.1145\/3395363.3397369"},{"key":"e_1_3_2_1_23_1","volume-title":"European Symposium on Research in Computer Security.","author":"Ma Siqi","unstructured":"Siqi Ma, Ferdian Thung, D. Lo, Cong Sun, and Robert H. Deng. 2017. VuRLE: Automatic Vulnerability Detection and Repair by Learning from Examples. In European Symposium on Research in Computer Security."},{"key":"e_1_3_2_1_24_1","unstructured":"NIST. 2023. CVE vulnerability CVE-2017-7601. https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2017-7601"},{"key":"e_1_3_2_1_25_1","unstructured":"OpenAI. 2023. ChatGPT Plugins. https:\/\/openai.com\/blog\/chatgpt-plugins"},{"key":"e_1_3_2_1_26_1","unstructured":"OpenAI. 2023. OpenAI Codex. https:\/\/openai.com\/blog\/openai-codex"},{"key":"e_1_3_2_1_27_1","unstructured":"OWASP. 2023. Vulnerability Disclosure Cheat Sheet. https:\/\/cheatsheetseries.owasp.org\/cheatsheets\/Vulnerability_Disclosure_Cheat_Sheet.html"},{"key":"e_1_3_2_1_28_1","volume-title":"Examining Zero-Shot Vulnerability Repair with Large Language Models. In 2023 IEEE Symposium on Security and Privacy (SP). 1\u201318","author":"Pearce Hammond","year":"2022","unstructured":"Hammond Pearce, Benjamin Tan, Baleegh Ahmad, Ramesh Karri, and Brendan Dolan-Gavitt. 2022. Examining Zero-Shot Vulnerability Repair with Large Language Models. In 2023 IEEE Symposium on Security and Privacy (SP). 1\u201318."},{"key":"e_1_3_2_1_29_1","doi-asserted-by":"publisher","DOI":"10.1109\/ISSRE52982.2021.00031"},{"key":"e_1_3_2_1_30_1","unstructured":"Jessica Shieh. 2023. Best practices for prompt engineering with OpenAI API. https:\/\/help.openai.com\/en\/articles\/6654000-best-practices-for-prompt-engineering-with-openai-api"},{"key":"e_1_3_2_1_31_1","unstructured":"LLVM team. 2023. CLang 17 git documentation: Address Sanitizer. https:\/\/clang.llvm.org\/docs\/AddressSanitizer.html"},{"key":"e_1_3_2_1_32_1","unstructured":"LLVM team. 2023. CLang 17 git documentation: Undefined Behavior Sanitizer. https:\/\/clang.llvm.org\/docs\/UndefinedBehaviorSanitizer.html"},{"key":"e_1_3_2_1_33_1","unstructured":"OpenAI team. 2022. ChatGPT API. https:\/\/platform.openai.com\/docs\/api-reference\/introduction"},{"key":"e_1_3_2_1_34_1","unstructured":"OpenAI team. 2022. ChatGPT: Optimizing Language Models for Dialogue. https:\/\/openai.com\/blog\/chatgpt"},{"key":"e_1_3_2_1_35_1","first-page":"24824","article-title":"Chain-of-thought prompting elicits reasoning in large language models","volume":"35","author":"Wei Jason","year":"2022","unstructured":"Jason Wei, Xuezhi Wang, Dale Schuurmans, Maarten Bosma, Fei Xia, Ed Chi, Quoc V Le, and Denny Zhou. 2022. Chain-of-thought prompting elicits reasoning in large language models. Advances in Neural Information Processing Systems, 35 (2022), 24824\u201324837.","journal-title":"Advances in Neural Information Processing Systems"},{"key":"e_1_3_2_1_36_1","volume-title":"Thibaud Lutellier, Jordan Davis, Lin Tan, Petr Babkin, and Sameena Shah.","author":"Wu Yi","year":"2023","unstructured":"Yi Wu, Nan Jiang, Hung Viet Pham, Thibaud Lutellier, Jordan Davis, Lin Tan, Petr Babkin, and Sameena Shah. 2023. How Effective Are Neural Networks for Fixing Security Vulnerabilities. arXiv preprint arXiv:2305.18607."},{"key":"e_1_3_2_1_37_1","doi-asserted-by":"publisher","DOI":"10.1109\/ICSE48619.2023.00129"},{"key":"e_1_3_2_1_38_1","unstructured":"Chunqiu Steven Xia and Lingming Zhang. 2023. Keep the Conversation Going: Fixing 162 out of 337 bugs for $0.42 each using ChatGPT. arXiv preprint arXiv:2304.00385."},{"key":"e_1_3_2_1_39_1","volume-title":"React: Synergizing reasoning and acting in language models. arXiv preprint arXiv:2210.03629.","author":"Yao Shunyu","year":"2022","unstructured":"Shunyu Yao, Jeffrey Zhao, Dian Yu, Nan Du, Izhak Shafran, Karthik Narasimhan, and Yuan Cao. 2022. React: Synergizing reasoning and acting in language models. arXiv preprint arXiv:2210.03629."},{"key":"e_1_3_2_1_40_1","unstructured":"Shizhuo Dylan Zhang Talia Ringer and Emily First. 2023. Getting More out of Large Language Models for Proofs. arxiv:2305.04369."},{"key":"e_1_3_2_1_41_1","doi-asserted-by":"publisher","DOI":"10.1145\/3533767.3534387"}],"event":{"name":"AIware '24: 1st ACM International Conference on AI-Powered Software","location":"Porto de Galinhas Brazil","acronym":"AIware '24","sponsor":["SIGSOFT ACM Special Interest Group on Software Engineering"]},"container-title":["Proceedings of the 1st ACM International Conference on AI-Powered Software"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3664646.3664770","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3664646.3664770","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,19]],"date-time":"2025-06-19T00:03:45Z","timestamp":1750291425000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3664646.3664770"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2024,7,10]]},"references-count":41,"alternative-id":["10.1145\/3664646.3664770","10.1145\/3664646"],"URL":"https:\/\/doi.org\/10.1145\/3664646.3664770","relation":{},"subject":[],"published":{"date-parts":[[2024,7,10]]},"assertion":[{"value":"2024-07-10","order":2,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}