ChatGPT, as a versatile large language model, has demonstrated remarkable potential in addressing inquiries across various domains. Its ability to analyze, comprehend, and synthesize information from both online sources and user inputs has garnered significant attention. Previous research has explored ChatGPT's competence in code generation and code reviews. In this paper, we delve into ChatGPT's capabilities in security-oriented program analysis, focusing on perspectives from both attackers and security analysts. We present a case study involving several security-oriented program analysis tasks while deliberately introducing challenges to assess ChatGPT's responses. Through an examination of the quality of answers provided by ChatGPT, we gain a clearer understanding of its strengths and limitations in the realm of security-oriented program analysis.

翻译：作为一款通用的大型语言模型，ChatGPT在回答各领域问题方面展现出显著潜力。其从在线资源和用户输入中分析、理解并综合信息的能力引发了广泛关注。已有研究探讨了ChatGPT在代码生成和代码审查方面的能力。本文深入研究了ChatGPT在面向安全的程序分析中的能力，重点关注攻击者与安全分析师两个视角。我们通过一项案例研究，在若干面向安全的程序分析任务中刻意引入挑战以评估ChatGPT的响应。通过分析ChatGPT提供答案的质量，我们更清晰地认识了其在面向安全的程序分析领域的优势与局限。