A new system that repairs dangerous software bugs by automatically importing functionality from other, more secure apps in just two minutes has been found, says researchers.
The study was done by researchers from Massachusetts Institute of Technology (MIT).
The system called CodePhage repairs software errors by transferring code from a "donor" application to the program it is repairing. Remarkably, it does not require access to the source code of the applications whose functionality it is borrowing, the study said.
Once it has imported code into a vulnerable application, CodePhage can provide a further layer of analysis that guarantees that the bug has been repaired.
"We have tons of source code available in open-source repositories, millions of projects, and a lot of these projects implement similar specifications," said research scientist Stelios Sidiroglou-Douskos, who led the development of CodePhage.
"Even though that might not be the core functionality of the program, they frequently have subcomponents that share functionality across a large number of projects," Sidiroglou-Douskos said.
Also Read
With CodePhage, he said: "over time, what you would be doing is building this hybrid system that takes the best components from all these implementations."
The scientist refer to the program CodePhage is repairing as the "recipient" and the program whose functionality it's borrowing as the "donor."
The researchers tested CodePhage on seven common open-source programs in which bugs were detected. In all instances, CodePhage was able to patch up the vulnerable code, and it generally took between two and 10 minutes per repair.
The findings were presented recently at the Association for Computing Machinery's Programming Language Design and Implementation conference in Oregon, US.