bug fix

Author: francespi

_site/admin/panel.html

@@ -1552,21 +1552,26 @@
       const newKey = newEntries[0]?.key || editingBibKey;
       const singleBib = newBib.trim() + '\n';
       if (newKey === editingBibKey) {
-        // Same key — update in place; fetch fresh SHA from branch
-        const oldPath = `${cat.dir}/${editingBibKey}.bib`;
+        // Same key — update in place; use stored path or derive safe filename
+        const oldFileObj = s.files.find(f => (f.entry?.key || f.name.replace(/\.bib$/, '')) === editingBibKey);
+        const oldPath = oldFileObj ? oldFileObj.path : `${cat.dir}/${safeKey(editingBibKey)}.bib`;
         const shaRes = await fetch(`${GH}/contents/${oldPath}?ref=${encodeURIComponent(branch)}`, { headers: ghH() });
         if (!shaRes.ok) await parseGhError(shaRes, 'Failed to read file SHA from branch');
         const oldSha = (await shaRes.json()).sha;
         const upRes = await fetch(`${GH}/contents/${oldPath}`, { method: 'PUT', headers: ghH(),
           body: JSON.stringify({ message: `Edit ${editingBibKey} in ${cat.dir}`, content: b64e(singleBib), sha: oldSha, branch }) });
         if (!upRes.ok) await parseGhError(upRes, 'Failed to update file');
       } else {
-        // Key changed — create new file, delete old file
-        const newPath = `${cat.dir}/${newKey}.bib`;
+        // Key changed — create new file with safe unique name, delete old file
+        const oldFileObj2 = s.files.find(f => (f.entry?.key || f.name.replace(/\.bib$/, '')) === editingBibKey);
+        const oldPath = oldFileObj2 ? oldFileObj2.path : `${cat.dir}/${safeKey(editingBibKey)}.bib`;
+        const existingNamesForRename = new Set(s.files.filter(f => f.path !== oldPath).map(f => f.name.replace(/\.bib$/, '')));
+        let newBaseName = safeKey(newKey), newName = newBaseName, newSuffix = 2;
+        while (existingNamesForRename.has(newName)) { newName = `${newBaseName}_${newSuffix++}`; }
+        const newPath = `${cat.dir}/${newName}.bib`;
         const crRes = await fetch(`${GH}/contents/${newPath}`, { method: 'PUT', headers: ghH(),
-          body: JSON.stringify({ message: `Rename ${editingBibKey} → ${newKey} in ${cat.dir}`, content: b64e(singleBib), branch }) });
+          body: JSON.stringify({ message: `Rename ${editingBibKey} -> ${newKey} in ${cat.dir}`, content: b64e(singleBib), branch }) });
         if (!crRes.ok) await parseGhError(crRes, 'Failed to create new file');
-        const oldPath = `${cat.dir}/${editingBibKey}.bib`;
         const shaRes = await fetch(`${GH}/contents/${oldPath}?ref=${encodeURIComponent(branch)}`, { headers: ghH() });
         if (!shaRes.ok) await parseGhError(shaRes, 'Failed to read old file SHA');
         const oldSha = (await shaRes.json()).sha;
@@ -1575,9 +1580,14 @@
         if (!delRes.ok) await parseGhError(delRes, 'Failed to delete old file');
       }
     } else {
-      // New entries — create one file per entry
+      // New entries — create one file per entry, using safe unique filenames
+      const existingNames = new Set(s.files.map(f => f.name.replace(/\.bib$/, '')));
+      const usedNames = new Set(existingNames);
       for (const entry of newEntries) {
-        const filePath = `${cat.dir}/${entry.key}.bib`;
+        let baseName = safeKey(entry.key), name = baseName, suffix = 2;
+        while (usedNames.has(name)) { name = `${baseName}_${suffix++}`; }
+        usedNames.add(name);
+        const filePath = `${cat.dir}/${name}.bib`;
         const singleBib = (extractRawBibEntry(newBib, entry.key) || newBib).trim() + '\n';
         const crRes = await fetch(`${GH}/contents/${filePath}`, { method: 'PUT', headers: ghH(),
           body: JSON.stringify({ message: `Add ${entry.key} to ${cat.dir}`, content: b64e(singleBib), branch }) });
@@ -1799,7 +1809,7 @@
       body: JSON.stringify({ ref: `refs/heads/${branch}`, sha: baseSha }) });
     if (!branchRes.ok) await parseGhError(branchRes, 'Failed to create branch');
     // Fetch fresh SHA of the file from the new branch
-    const filePath = fileObj ? fileObj.path : `${cat.dir}/${key}.bib`;
+    const filePath = fileObj ? fileObj.path : `${cat.dir}/${safeKey(key)}.bib`;
     const shaRes = await fetch(`${GH}/contents/${filePath}?ref=${encodeURIComponent(branch)}`, { headers: ghH() });
     if (!shaRes.ok) await parseGhError(shaRes, 'Failed to read file SHA from branch');
     const fileSha = (await shaRes.json()).sha;
@@ -1908,12 +1918,19 @@
   validateInput();
 }
 
+function safeKey(key) { return key.replace(/[^\w\-]/g, '_'); }
+
 function parseBib(raw) {
   const out = [];
   const re = /@(\w+)\s*\{\s*([^,\s]+)\s*,([^@]*)/gs;
   let m;
-  while ((m = re.exec(raw)) !== null)
+  while ((m = re.exec(raw)) !== null) {
+    // Validate brace balance: body should have exactly one more } than {
+    let depth = 0;
+    for (const c of m[3]) { if (c === '{') depth++; else if (c === '}') depth--; }
+    if (depth !== -1) continue; // unbalanced — missing closing brace, skip
     out.push({ type: m[1].toLowerCase(), key: m[2].trim(), fields: parseFields(m[3]) });
+  }
   return out;
 }
 function parseFields(body) {

…b/conference/10.1145/3722041.3723097.bib …b/conference/10_1145_3722041_3723097.bibbib/conference/10.1145/3722041.3723097.bib renamed to _site/bib/conference/10_1145_3722041_3723097.bib bib/conference/10.1145/3722041.3723097.bib renamed to _site/bib/conference/10_1145_3722041_3723097.bib

@@ -0,0 +1,10 @@
+@INPROCEEDINGS{Dellapenna2025CTI-HAL,
+  author={Della Penna, Sofia and Natella, Roberto and Orbinato, Vittorio and Parracino, Lorenzo and Pianese, Luciano},
+  booktitle={2025 IEEE European Symposium on Security and Privacy Workshops (EuroS&PW)}, 
+  title={CTI-HAL: A Human-Annotated Dataset for Cyber Threat Intelligence Analysis}, 
+  year={2025},
+  volume={},
+  number={},
+  pages={69-78},
+  keywords={Performance evaluation;Accuracy;Large language models;Natural languages;Blogs;Organizations;Cyber threat intelligence;Reliability;Data mining;Computer security;Cyber Threat Intelligence;MITRE ATT&CK;Advanced Persistent Threats;Large Language Models;Cybersecurity},
+  doi={10.1109/EuroSPW67616.2025.00014}}

_site/bib/conference/Dellapenna2025CTI-HAL.bib

@@ -0,0 +1,10 @@
+@inproceedings{cti-hal,
+  author={Della Penna, Sofia and Natella, Roberto and Orbinato, Vittorio and Parracino, Lorenzo and Pianese, Luciano},
+  booktitle={2025 IEEE European Symposium on Security and Privacy Workshops (EuroS&PW)}, 
+  title={CTI-HAL: A Human-Annotated Dataset for Cyber Threat Intelligence Analysis}, 
+  year={2025},
+  volume={},
+  number={},
+  pages={69-78},
+  keywords={Performance evaluation;Accuracy;Large language models;Natural languages;Blogs;Organizations;Cyber threat intelligence;Reliability;Data mining;Computer security;Cyber Threat Intelligence;MITRE ATT&CK;Advanced Persistent Threats;Large Language Models;Cybersecurity},
+  doi={10.1109/EuroSPW67616.2025.00014}}

_site/bib/conference/cti-hal.bib

@@ -0,0 +1,16 @@
+@ARTICLE{11091601,
+author={Feng, Ruijun and Pearce, Hammond and Liguori, Pietro and Sui, Yulei},
+journal={ IEEE Transactions on Software Engineering },
+title={{ CGP-Tuning: Structure-Aware Soft Prompt Tuning for Code Vulnerability Detection }},
+year={2025},
+volume={51},
+number={09},
+ISSN={1939-3520},
+pages={2533-2548},
+abstract={ Large language models (LLMs) have been proposed as powerful tools for detecting software vulnerabilities, where task-specific fine-tuning is typically employed to provide vulnerability-specific knowledge to the LLMs. However, existing fine-tuning techniques often treat source code as plain text, losing the graph-based structural information inherent in code. Graph-enhanced soft prompt tuning addresses this by translating the structural information into contextual cues that the LLM can understand. However, current methods are primarily designed for general graph-related tasks and focus more on adjacency information, they fall short in preserving the rich semantic information (e.g., control/data flow) within code graphs. They also fail to ensure computational efficiency while capturing graph-text interactions in their cross-modal alignment module. This paper presents CGP-Tuning, a new code graph-enhanced, structure-aware soft prompt tuning method for vulnerability detection. CGP-Tuning introduces type-aware embeddings to capture the rich semantic information within code graphs, along with an efficient cross-modal alignment module that achieves linear computational costs while incorporating graph-text interactions. It is evaluated on the latest DiverseVul dataset and three advanced open-source code LLMs, CodeLlama, CodeGemma, and Qwen2.5-Coder. Experimental results show that CGP-Tuning delivers model-agnostic improvements and maintains practical inference speed, surpassing the best graph-enhanced soft prompt tuning baseline by an average of four percentage points and outperforming non-tuned zero-shot prompting by 15 percentage points. },
+keywords={Codes;Tuning;Source coding;Semantics;Computational efficiency;Graph neural networks;Large language models;Computational modeling;Training;Static analysis},
+doi={10.1109/TSE.2025.3591934},
+url = {https://doi.ieeecomputersociety.org/10.1109/TSE.2025.3591934},
+publisher={IEEE Computer Society},
+address={Los Alamitos, CA, USA},
+month=sep}}

_site/bib/journal/11091601.bib

@@ -0,0 +1,10 @@
+@ARTICLE{11121437,
+  author={Cinque, Marcello and Cotroneo, Domenico and De Rosa, Giuseppe and De Simone, Luigi and Farina, Giorgio},
+  journal={IEEE Transactions on Dependable and Secure Computing}, 
+  title={COSMOS: A Fault Injection Framework to Assess Hardware-Assisted Hypervisors}, 
+  year={2025},
+  volume={22},
+  number={6},
+  pages={7448-7462},
+  keywords={Virtual machine monitors;Virtual machines;Hardware;Software;Transient analysis;Robustness;Switches;Fault tolerant systems;Fault tolerance;Training;Cloud computing;virtualization;software fault injection;robustness;intel VT-x},
+  doi={10.1109/TDSC.2025.3597103}}

_site/bib/journal/11121437.bib

@@ -1552,21 +1552,26 @@
       const newKey = newEntries[0]?.key || editingBibKey;
       const singleBib = newBib.trim() + '\n';
       if (newKey === editingBibKey) {
-        // Same key — update in place; fetch fresh SHA from branch
-        const oldPath = `${cat.dir}/${editingBibKey}.bib`;
+        // Same key — update in place; use stored path or derive safe filename
+        const oldFileObj = s.files.find(f => (f.entry?.key || f.name.replace(/\.bib$/, '')) === editingBibKey);
+        const oldPath = oldFileObj ? oldFileObj.path : `${cat.dir}/${safeKey(editingBibKey)}.bib`;
         const shaRes = await fetch(`${GH}/contents/${oldPath}?ref=${encodeURIComponent(branch)}`, { headers: ghH() });
         if (!shaRes.ok) await parseGhError(shaRes, 'Failed to read file SHA from branch');
         const oldSha = (await shaRes.json()).sha;
         const upRes = await fetch(`${GH}/contents/${oldPath}`, { method: 'PUT', headers: ghH(),
           body: JSON.stringify({ message: `Edit ${editingBibKey} in ${cat.dir}`, content: b64e(singleBib), sha: oldSha, branch }) });
         if (!upRes.ok) await parseGhError(upRes, 'Failed to update file');
       } else {
-        // Key changed — create new file, delete old file
-        const newPath = `${cat.dir}/${newKey}.bib`;
+        // Key changed — create new file with safe unique name, delete old file
+        const oldFileObj2 = s.files.find(f => (f.entry?.key || f.name.replace(/\.bib$/, '')) === editingBibKey);
+        const oldPath = oldFileObj2 ? oldFileObj2.path : `${cat.dir}/${safeKey(editingBibKey)}.bib`;
+        const existingNamesForRename = new Set(s.files.filter(f => f.path !== oldPath).map(f => f.name.replace(/\.bib$/, '')));
+        let newBaseName = safeKey(newKey), newName = newBaseName, newSuffix = 2;
+        while (existingNamesForRename.has(newName)) { newName = `${newBaseName}_${newSuffix++}`; }
+        const newPath = `${cat.dir}/${newName}.bib`;
         const crRes = await fetch(`${GH}/contents/${newPath}`, { method: 'PUT', headers: ghH(),
-          body: JSON.stringify({ message: `Rename ${editingBibKey} → ${newKey} in ${cat.dir}`, content: b64e(singleBib), branch }) });
+          body: JSON.stringify({ message: `Rename ${editingBibKey} -> ${newKey} in ${cat.dir}`, content: b64e(singleBib), branch }) });
         if (!crRes.ok) await parseGhError(crRes, 'Failed to create new file');
-        const oldPath = `${cat.dir}/${editingBibKey}.bib`;
         const shaRes = await fetch(`${GH}/contents/${oldPath}?ref=${encodeURIComponent(branch)}`, { headers: ghH() });
         if (!shaRes.ok) await parseGhError(shaRes, 'Failed to read old file SHA');
         const oldSha = (await shaRes.json()).sha;
@@ -1575,9 +1580,14 @@
         if (!delRes.ok) await parseGhError(delRes, 'Failed to delete old file');
       }
     } else {
-      // New entries — create one file per entry
+      // New entries — create one file per entry, using safe unique filenames
+      const existingNames = new Set(s.files.map(f => f.name.replace(/\.bib$/, '')));
+      const usedNames = new Set(existingNames);
       for (const entry of newEntries) {
-        const filePath = `${cat.dir}/${entry.key}.bib`;
+        let baseName = safeKey(entry.key), name = baseName, suffix = 2;
+        while (usedNames.has(name)) { name = `${baseName}_${suffix++}`; }
+        usedNames.add(name);
+        const filePath = `${cat.dir}/${name}.bib`;
         const singleBib = (extractRawBibEntry(newBib, entry.key) || newBib).trim() + '\n';
         const crRes = await fetch(`${GH}/contents/${filePath}`, { method: 'PUT', headers: ghH(),
           body: JSON.stringify({ message: `Add ${entry.key} to ${cat.dir}`, content: b64e(singleBib), branch }) });
@@ -1799,7 +1809,7 @@
       body: JSON.stringify({ ref: `refs/heads/${branch}`, sha: baseSha }) });
     if (!branchRes.ok) await parseGhError(branchRes, 'Failed to create branch');
     // Fetch fresh SHA of the file from the new branch
-    const filePath = fileObj ? fileObj.path : `${cat.dir}/${key}.bib`;
+    const filePath = fileObj ? fileObj.path : `${cat.dir}/${safeKey(key)}.bib`;
     const shaRes = await fetch(`${GH}/contents/${filePath}?ref=${encodeURIComponent(branch)}`, { headers: ghH() });
     if (!shaRes.ok) await parseGhError(shaRes, 'Failed to read file SHA from branch');
     const fileSha = (await shaRes.json()).sha;
@@ -1908,12 +1918,19 @@
   validateInput();
 }
 
+function safeKey(key) { return key.replace(/[^\w\-]/g, '_'); }
+
 function parseBib(raw) {
   const out = [];
   const re = /@(\w+)\s*\{\s*([^,\s]+)\s*,([^@]*)/gs;
   let m;
-  while ((m = re.exec(raw)) !== null)
+  while ((m = re.exec(raw)) !== null) {
+    // Validate brace balance: body should have exactly one more } than {
+    let depth = 0;
+    for (const c of m[3]) { if (c === '{') depth++; else if (c === '}') depth--; }
+    if (depth !== -1) continue; // unbalanced — missing closing brace, skip
     out.push({ type: m[1].toLowerCase(), key: m[2].trim(), fields: parseFields(m[3]) });
+  }
   return out;
 }
 function parseFields(body) {

admin/panel.html

@@ -0,0 +1,17 @@
+@inproceedings{10.1145/3722041.3723097,
+author = {Cotroneo, Domenico and Grasso, Francesco C. and Natella, Roberto and Orbinato, Vittorio},
+title = {Can Neural Decompilation Assist Vulnerability Prediction on Binary Code?},
+year = {2025},
+isbn = {9798400715631},
+publisher = {Association for Computing Machinery},
+address = {New York, NY, USA},
+url = {https://doi.org/10.1145/3722041.3723097},
+doi = {10.1145/3722041.3723097},
+abstract = {Vulnerability prediction is valuable in identifying security issues efficiently, even though it requires the source code of the target software system, which is a restrictive hypothesis. This paper presents an experimental study to predict vulnerabilities in binary code without source code or complex representations of the binary, leveraging the pivotal idea of decompiling the binary file through neural decompilation and predicting vulnerabilities through deep learning on the decompiled source code. The results outperform the state-of-the-art in both neural decompilation and vulnerability prediction, showing that it is possible to identify vulnerable programs with this approach concerning bi-class (vulnerable/non-vulnerable) and multi-class (type of vulnerability) analysis.},
+booktitle = {Proceedings of the 18th European Workshop on Systems Security},
+pages = {26–32},
+numpages = {7},
+keywords = {Binary Analysis, Deep Learning, Neural Decompilation, Security, Vulnerability Prediction},
+location = {Rotterdam, Netherlands},
+series = {EuroSec'25}
+}