Proceedings 1995 Asia Pacific Software Engineering Conference (1995)
Dec. 6, 1995 to Dec. 9, 1995
Cristina Cifuentes , University of Tasmania
Reverse engineering of software systems has traditionally centered upon the generation of high-level abstractions or specifications from high-level code or databases. In this paper we report on a reverse engineering environment for low-level executable code: a reverse compilation or decompilation environment that aids in the understanding of the underlying executable program. The reverse compilation process recovers high-level code from executable programs at a higher representation level than that produced by disassemblers; in fact, disassembly is part of the first stage in this process. Several tools aid in the process of reverse compilation, these are: loaders, signature generators, library prototype generators, disassemblers, library bindings, and language to language translators. The integration of these tools in the whole process is presented in this paper. The results obtained by the prototype reverse compilation system dcc are encouraging: high-level code is regenerated with correct use of expressions and control structures, and the complete elimination of registers and condition codes. An elimination rate of low-level instructions of over 75% was reached, representing the overall improvement this decompiler system has made over previous decompilers and disassemblers (where the rate tends to be nil). A sample decompilation program is given.
reverse engineering, reverse compiler, disassembler, signatures, dos, i80286, C language
C. Cifuentes, "An Environment for the Reverse Engineering of Executable Programs," Proceedings 1995 Asia Pacific Software Engineering Conference(APSEC), Brisbane, Australia, 1995, pp. 410.