Prompt Fix: Vulnerability Automatic Repair Technology Based on Prompt Engineering
The results show that reasonable prompt templates can effectively improve the efficiency of automatic vulnerability repair, which is significantly improved compared with neural machine translation technology.
Abstract
With the emergence of large-scale language models (LLM), the powerful capabilities of LLM in natural language processing have attracted attention. Based on programming language LLM (Programming Language Model, PLM), we use prompt templates to explore its potential in the field of automatic vulnerability repair, and combine it with a special workflow to improve its efficiency in automatic vulnerability repair tasks. Specifically, we design four prompt templates for handling vulner-able code, and design an iterative reasoning method to improve the efficiency of vulnerability fixing. We selected multiple typical LLMs for evaluation on multiple data sets. The results show that reasonable prompt templates can effectively improve the efficiency of automatic vulnerability repair, which is significantly improved compared with neural machine translation technology. In addition, we also discussed previous bug fixing related work and our work, and pointed out some of our shortcomings and directions for future improvements.