Saved in:
Bibliographic Details
Main Authors: Li, Siyuan, Zheng, Yaowen, Li, Hong, Guo, Jingdong, Dong, Chaopeng, Yan, Chunpeng, Wang, Weijie, Ren, Yimo, Sun, Limin, Zhu, Hongsong
Format: Preprint
Published: 2025
Subjects:
Online Access:https://arxiv.org/abs/2511.01252
Tags: Add Tag
No Tags, Be the first to tag this record!
_version_ 1866909883128872960
author Li, Siyuan
Zheng, Yaowen
Li, Hong
Guo, Jingdong
Dong, Chaopeng
Yan, Chunpeng
Wang, Weijie
Ren, Yimo
Sun, Limin
Zhu, Hongsong
author_facet Li, Siyuan
Zheng, Yaowen
Li, Hong
Guo, Jingdong
Dong, Chaopeng
Yan, Chunpeng
Wang, Weijie
Ren, Yimo
Sun, Limin
Zhu, Hongsong
contents In modern software ecosystems, 1-day vulnerabilities pose significant security risks due to extensive code reuse. Identifying vulnerable functions in target binaries alone is insufficient; it is also crucial to determine whether these functions have been patched. Existing methods, however, suffer from limited usability and accuracy. They often depend on the compilation process to extract features, requiring substantial manual effort and failing for certain software. Moreover, they cannot reliably differentiate between code changes caused by patches or compilation variations. To overcome these limitations, we propose Lares, a scalable and accurate method for patch presence testing. Lares introduces Code Slice Semantic Search, which directly extracts features from the patch source code and identifies semantically equivalent code slices in the pseudocode of the target binary. By eliminating the need for the compilation process, Lares improves usability, while leveraging large language models (LLMs) for code analysis and SMT solvers for logical reasoning to enhance accuracy. Experimental results show that Lares achieves superior precision, recall, and usability. Furthermore, it is the first work to evaluate patch presence testing across optimization levels, architectures, and compilers. The datasets and source code used in this article are available at https://github.com/Siyuan-Li201/Lares.
format Preprint
id arxiv_https___arxiv_org_abs_2511_01252
institution arXiv
publishDate 2025
record_format arxiv
spellingShingle Lares: LLM-driven Code Slice Semantic Search for Patch Presence Testing
Li, Siyuan
Zheng, Yaowen
Li, Hong
Guo, Jingdong
Dong, Chaopeng
Yan, Chunpeng
Wang, Weijie
Ren, Yimo
Sun, Limin
Zhu, Hongsong
Software Engineering
In modern software ecosystems, 1-day vulnerabilities pose significant security risks due to extensive code reuse. Identifying vulnerable functions in target binaries alone is insufficient; it is also crucial to determine whether these functions have been patched. Existing methods, however, suffer from limited usability and accuracy. They often depend on the compilation process to extract features, requiring substantial manual effort and failing for certain software. Moreover, they cannot reliably differentiate between code changes caused by patches or compilation variations. To overcome these limitations, we propose Lares, a scalable and accurate method for patch presence testing. Lares introduces Code Slice Semantic Search, which directly extracts features from the patch source code and identifies semantically equivalent code slices in the pseudocode of the target binary. By eliminating the need for the compilation process, Lares improves usability, while leveraging large language models (LLMs) for code analysis and SMT solvers for logical reasoning to enhance accuracy. Experimental results show that Lares achieves superior precision, recall, and usability. Furthermore, it is the first work to evaluate patch presence testing across optimization levels, architectures, and compilers. The datasets and source code used in this article are available at https://github.com/Siyuan-Li201/Lares.
title Lares: LLM-driven Code Slice Semantic Search for Patch Presence Testing
topic Software Engineering
url https://arxiv.org/abs/2511.01252