Ninth Working Conference on Reverse Engineering, 2002. Proceedings. (2002)
Oct. 29, 2002 to Nov. 1, 2002
The University of Queensland Binary Translator (UQBT ) is a static binary translation framework that allows for the translation of binary, executable programs, from one architecture to another one. Using different specification files, the UQBT can be easily tailored for either a new source or target architecture. UQBT employs sophisticated analyses in order to abstract the binary code from the features of the source architecture.<div></div> In static binary translation, it is not always possible to decode and translate all paths of a program statically, as instructions like computed jumps and indexed calls rely on runtime values. An interpreter is commonly used at run-time to translate such pieces of code, at the expense of run-time.<div></div> In this paper we present a technique to statically recover the code of virtual method dispatchers, which enhances the abstraction from the binary code. We also show how the statically recovered information is then used by a dynamic environment to analyse virtual tables in order to increase the code coverage for the binary translator. The technique has been tested on SPARC(R) and Pentium machines using binaries of different C++ compilers, and preliminary results are presented.
C. Cifuentes and J. Tröger, "Analysis of Virtual Method Invocation for Binary Translation," Ninth Working Conference on Reverse Engineering, 2002. Proceedings.(WCRE), Richmond, Virginia, 2002, pp. 0065.