High-Level Composite Type Reconstruction During Decompilation from Assembly Programs
نویسندگان
چکیده
This paper presents a method for automatic reconstruction of high-level composite types during decompilation of C programs from assembly code. The proposed method is based on expressing memory access operations as pairs (base+offset), then building sets of equivalence for all memory access bases used in the program and accumulating sets of offsets for all classes of equivalent bases. Experimental results obtained for a number of open-source programs are also presented. The method is an essential part of the tool for program decompilation being developed by authors.
منابع مشابه
C Decompilation: Is It Possible?
Decompilation is reconstruction of a program in a high-level language from a program in a low-level language. Possibility and feasibility of decompilation is a subject of controversy over last years. We present several arguments supporting the idea that in spite of impossibility of full automatic decompilation there exist methods and techniques that cover most of decompilation process for wide ...
متن کاملTowards Modular Interpretive Decompilation of Low-Level Code to Prolog
Decompiling low-level code to a high-level intermediate representation facilitates the development of analyzers, model checkers, etc. which reason about properties of the low-level code (e.g., bytecode, .NET). Interpretive decompilation consists in partially evaluating an interpreter for the low-level language (written in the high-level language) w.r.t. the code to be decompiled. There have bee...
متن کاملType-Based Decompilation (or Program Reconstruction via Type Reconstruction)
We describe a system which decompiles (reverse engineers) C programs from target machine code by type-inference techniques. This extends recent trends in the converse process of compiling high-level languages whereby type information is preserved during compilation. The algorithms remain independent of the particular architecture by virtue of treating target instructions as register-transfer sp...
متن کاملComparing Type-Based and Proof-Directed Decompilation
In the past couple of years interest in decompilation has widened from its initial concentration on reconstruction of control flow into well-founded-in-theory methods to reconstruct type information. Mycroft described Type-Based Decompilation and Katsumata and Ohori described ProofDirected Decompilation. This note summarises the two approaches and identifies their commonality, strengths and wea...
متن کاملAdvanced Static Analysis for Decompilation Using Scattered Context Grammars
Reverse program compilation (i.e. decompilation) is a process heavily exploited in reverse engineering. The task of decompilation is to transform a platform-specific executable into a high-level language representation, which is usually the C language. Such a process can be used for source code reconstruction, compiler testing, malware analysis, etc. In present, there are several existing decom...
متن کامل