From 13ec3a8d4ee8fe247153c2398f0e33201b45d592 Mon Sep 17 00:00:00 2001
From: Ethan Lazaro <elazaro@Kessel.com>
Date: Wed, 25 Mar 2026 15:42:30 -0400
Subject: [PATCH 1/4] Vulnerability.hpp: Updating variable name to reflect
 usage.

---
 resolve-cveassert/src/Vulnerability.hpp | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/resolve-cveassert/src/Vulnerability.hpp b/resolve-cveassert/src/Vulnerability.hpp
index 8ef9178f..85066288 100644
--- a/resolve-cveassert/src/Vulnerability.hpp
+++ b/resolve-cveassert/src/Vulnerability.hpp
@@ -52,8 +52,8 @@ struct Vulnerability {
       return std::nullopt;
     }
 
-    auto vulnType = jsonObj->getString("cwe-id");
-    if (!vulnType) {
+    auto vulnID = jsonObj->getString("cwe-id");
+    if (!vulnID) {
       llvm::errs() << "[CVEAssert] Error: No 'cwe-id' field found in JSON.\n";
       return std::nullopt;
     }
@@ -95,7 +95,7 @@ struct Vulnerability {
 
     Vulnerability vuln{
         targetFile->str(),   targetFunction->str(),
-        static_cast<uint32_t>(std::stoi(vulnType->str())),
+        static_cast<uint32_t>(std::stoi(vulnID->str())),
         undesirableFunction, strategy,
     };
     return std::make_optional(vuln);

From 3e5f2500174cd2dbfdc7d77ecd0da0a4db507292 Mon Sep 17 00:00:00 2001
From: Ethan Lazaro <elazaro@Kessel.com>
Date: Wed, 25 Mar 2026 15:46:41 -0400
Subject: [PATCH 2/4] CVEAssert.cpp: Changed WeaknessID field to a string.
 Added logic to parse into uint32 to test if it still works.

---
 resolve-cveassert/src/CVEAssert.cpp     | 6 ++++--
 resolve-cveassert/src/Vulnerability.hpp | 4 ++--
 2 files changed, 6 insertions(+), 4 deletions(-)

diff --git a/resolve-cveassert/src/CVEAssert.cpp b/resolve-cveassert/src/CVEAssert.cpp
index 59d3df65..9dd5d258 100644
--- a/resolve-cveassert/src/CVEAssert.cpp
+++ b/resolve-cveassert/src/CVEAssert.cpp
@@ -219,7 +219,8 @@ struct LabelCVEPass : public PassInfoMixin<LabelCVEPass> {
       return result;
     }
 
-    switch (vuln.WeaknessID) {
+    uint32_t cwe_id = static_cast<uint32_t>(std::stoi(vuln.WeaknessID));
+    switch (cwe_id) {
     case VulnID::STACK_BASED_BUF_OVERFLOW: /* Stack-based buffer overflow */
     case VulnID::HEAP_BASED_BUF_OVERFLOW:  /* Heap-base buffer overflow */
     case VulnID::OOB_WRITE:                /* OOB Write */
@@ -289,7 +290,8 @@ struct LabelCVEPass : public PassInfoMixin<LabelCVEPass> {
         continue;
       }
 
-      switch (vuln.WeaknessID) {
+      uint32_t cwe_id = static_cast<uint32_t>(std::stoi(vuln.WeaknessID));
+      switch (cwe_id) {
       // 121 stack-based
       case VulnID::STACK_BASED_BUF_OVERFLOW:
         instrument_mem_inst.instrumentAlloca = true;
diff --git a/resolve-cveassert/src/Vulnerability.hpp b/resolve-cveassert/src/Vulnerability.hpp
index 85066288..06da7cd2 100644
--- a/resolve-cveassert/src/Vulnerability.hpp
+++ b/resolve-cveassert/src/Vulnerability.hpp
@@ -31,7 +31,7 @@ struct Vulnerability {
 
   std::string TargetFileName;
   std::string TargetFunctionName;
-  uint32_t WeaknessID;
+  std::string WeaknessID;
   std::optional<std::string> UndesirableFunction;
   RemediationStrategies Strategy;
 
@@ -95,7 +95,7 @@ struct Vulnerability {
 
     Vulnerability vuln{
         targetFile->str(),   targetFunction->str(),
-        static_cast<uint32_t>(std::stoi(vulnID->str())),
+        vulnID->str(),
         undesirableFunction, strategy,
     };
     return std::make_optional(vuln);

From c58ae3037af64d1577100e9e220b0becd6ea3417 Mon Sep 17 00:00:00 2001
From: Ethan Lazaro <elazaro@Kessel.com>
Date: Mon, 30 Mar 2026 09:17:18 -0400
Subject: [PATCH 3/4] CVEAssert.cpp: WIP adding support to apply multiple
 sanitizers at the same time.

---
 resolve-cveassert/src/CVEAssert.cpp     | 23 ++++++++++++++++++-----
 resolve-cveassert/src/Vulnerability.hpp |  4 ++--
 2 files changed, 20 insertions(+), 7 deletions(-)

diff --git a/resolve-cveassert/src/CVEAssert.cpp b/resolve-cveassert/src/CVEAssert.cpp
index 9dd5d258..aa5987f3 100644
--- a/resolve-cveassert/src/CVEAssert.cpp
+++ b/resolve-cveassert/src/CVEAssert.cpp
@@ -84,7 +84,8 @@ struct LabelCVEPass : public PassInfoMixin<LabelCVEPass> {
     NULL_PTR_DEREF = 476, /* NOTE: This ID has been found in OpenALPR, NASA CFS,
                              stb-convert CPs */
     STACK_FREE =
-        590 /* NOTE: This ID has been found in NASA CFS challenge problem */
+        590, /* NOTE: This ID has been found in NASA CFS challenge problem */
+    ALL = 999,
   };
 
   LabelCVEPass() {
@@ -174,6 +175,15 @@ struct LabelCVEPass : public PassInfoMixin<LabelCVEPass> {
     }
   }
 
+  void applyAutomaticSanitizers(Function &F, Vulnerability::RemediationStrategies strategy) {
+    /// applies all automatic sanitizers (operation masking excluded)
+    sanitizeFreeOfNonHeap(&F, strategy);
+    sanitizeMemInstBounds(&F, strategy);
+    sanitizeNullPointers(&F, strategy);
+    sanitizeDivideByZero(&F, strategy);
+    sanitizeIntOverflow(&F, strategy);
+  }
+
   /// For each function, if it matches the target function name, insert calls to
   /// the vulnerability handlers as specified in the JSON. Each call receives
   /// the triggering argument parsed from the JSON.
@@ -219,8 +229,7 @@ struct LabelCVEPass : public PassInfoMixin<LabelCVEPass> {
       return result;
     }
 
-    uint32_t cwe_id = static_cast<uint32_t>(std::stoi(vuln.WeaknessID));
-    switch (cwe_id) {
+    switch (vuln.WeaknessID) {
     case VulnID::STACK_BASED_BUF_OVERFLOW: /* Stack-based buffer overflow */
     case VulnID::HEAP_BASED_BUF_OVERFLOW:  /* Heap-base buffer overflow */
     case VulnID::OOB_WRITE:                /* OOB Write */
@@ -260,6 +269,11 @@ struct LabelCVEPass : public PassInfoMixin<LabelCVEPass> {
       result = PreservedAnalyses::none();
       break;
 
+    case VulnID::ALL:
+      applyAutomaticSanitizers(F, vuln.Strategy);
+      result = PreservedAnalyses::none();
+      break;
+
     default:
       errs() << "[CVEAssert] Error: CWE " << vuln.WeaknessID
              << " not implemented\n";
@@ -290,8 +304,7 @@ struct LabelCVEPass : public PassInfoMixin<LabelCVEPass> {
         continue;
       }
 
-      uint32_t cwe_id = static_cast<uint32_t>(std::stoi(vuln.WeaknessID));
-      switch (cwe_id) {
+      switch (vuln.WeaknessID) {
       // 121 stack-based
       case VulnID::STACK_BASED_BUF_OVERFLOW:
         instrument_mem_inst.instrumentAlloca = true;
diff --git a/resolve-cveassert/src/Vulnerability.hpp b/resolve-cveassert/src/Vulnerability.hpp
index 06da7cd2..85066288 100644
--- a/resolve-cveassert/src/Vulnerability.hpp
+++ b/resolve-cveassert/src/Vulnerability.hpp
@@ -31,7 +31,7 @@ struct Vulnerability {
 
   std::string TargetFileName;
   std::string TargetFunctionName;
-  std::string WeaknessID;
+  uint32_t WeaknessID;
   std::optional<std::string> UndesirableFunction;
   RemediationStrategies Strategy;
 
@@ -95,7 +95,7 @@ struct Vulnerability {
 
     Vulnerability vuln{
         targetFile->str(),   targetFunction->str(),
-        vulnID->str(),
+        static_cast<uint32_t>(std::stoi(vulnID->str())),
         undesirableFunction, strategy,
     };
     return std::make_optional(vuln);

From e7774da3d8cc98cc179955a145ed1a8152316ce0 Mon Sep 17 00:00:00 2001
From: Ethan Lazaro <elazaro@Kessel.com>
Date: Mon, 30 Mar 2026 09:18:52 -0400
Subject: [PATCH 4/4] CVEAssert.cpp: Use '0' as sentinel value to indicate
 instrument all.

---
 resolve-cveassert/src/CVEAssert.cpp | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/resolve-cveassert/src/CVEAssert.cpp b/resolve-cveassert/src/CVEAssert.cpp
index aa5987f3..fc6cbc6e 100644
--- a/resolve-cveassert/src/CVEAssert.cpp
+++ b/resolve-cveassert/src/CVEAssert.cpp
@@ -69,6 +69,7 @@ struct LabelCVEPass : public PassInfoMixin<LabelCVEPass> {
   std::vector<Vulnerability> vulnerabilities;
 
   enum VulnID {
+    ALL = 0,
     STACK_BASED_BUF_OVERFLOW = 121,
     HEAP_BASED_BUF_OVERFLOW = 122,
     WRITE_WHAT_WHERE = 123,
@@ -84,8 +85,7 @@ struct LabelCVEPass : public PassInfoMixin<LabelCVEPass> {
     NULL_PTR_DEREF = 476, /* NOTE: This ID has been found in OpenALPR, NASA CFS,
                              stb-convert CPs */
     STACK_FREE =
-        590, /* NOTE: This ID has been found in NASA CFS challenge problem */
-    ALL = 999,
+        590 /* NOTE: This ID has been found in NASA CFS challenge problem */
   };
 
   LabelCVEPass() {