Interprocedural Data Flow Recovery of High-Level Language Code from Assembly

Source: CiteSeer

ABSTRACT We evaluate a CISC interprocedural data flow technique for the recovery of high-level language code from assembly code

  • Source
    [Show abstract] [Hide abstract]
    ABSTRACT: An algorithm for the automatic reconstruction of data types from the assembler code produced by a C compiler is described. The types of the variables that are placed on the stack and in the static memory are reconstructed using an iterative algorithm that uses a lattice over the properties of the data types. The derived data types are reconstructed by constructing the set of possible offsets of the elements of these types (fields in the case of structures and array elements in the case of arrays). This algorithm is used in the tool for decompiling assembler codes into C that is currently developed by the authors.
    Programming and Computer Software 03/2009; 35(2):105-119. DOI:10.1134/S0361768809020066 · 0.23 Impact Factor
  • Source
    [Show abstract] [Hide abstract]
    ABSTRACT: What You See Is Not What You eXecute: computers do not execute source-code programs; they execute machine-code programs that are generated from source code. Not only can the WYSINWYX phenomenon create a mismatch between what a programmer intends and what is actually executed by the processor, it can cause analyses that are performed on source code to fail to detect certain bugs and vulnerabilities. This issue arises regardless of whether one’s favorite approach to assuring that programs behave as desired is based on theorem proving, model checking, or abstract interpretation.
    06/2008: pages 202-213;
  • Source
    [Show abstract] [Hide abstract]
    ABSTRACT: This paper presents an algorithm for automatic type reconstruction from target assembly code compiled by a C compiler. The primitive language types are recovered by an iterative algorithm, which operates over the lattice of primitive types' properties. Layout of composite types is reconstructed by building set of accessible offsets for each composite type. The algorithm is the essential part of a tool for program decompilation being developed by the authors.
    Reverse Engineering, 2008. WCRE '08. 15th Working Conference on; 11/2008


1 Download
Available from