Publication Details
Advanced Preprocessing of Binary Executable Files and its Usage in Retargetable Decompilation
reverse engineering, decompilation, packer detection, unpacking, executable file,
Lissom
Retargetable machine-code decompilation is used for a platform-independent
transformation of executable files into a high level language (HLL)
representation (e.g., C language). It is a complex task that must deal with a lot
of different platform-specific features and missing information. Accurate
preprocessing of input executable files is one of the necessary prerequisites in
order to achieve the best results. Furthermore, we can use gathered information
to achieve higher quality of decompilation. This paper presents an extended
version of our previous system for an accurate code preprocessing. It is
implemented as a generic preprocessing system that consists of a precise compiler
and packer detector, plugin-based unpacker, converter into an internal
platform-independent file format, and debugging information gathering library. We
also describe an utilization of the collected information in a problem of
automatic data-type reconstruction. This system has been adopted and tested in an
existing retargetable decompiler. According to our experimental results, the
proposed retargetable solution is fully competitive with existing
platform-dependent tools.
@article{BUT111534,
author="Jakub {Křoustek} and Peter {Matula} and Dušan {Kolář} and Milan {Zavoral}",
title="Advanced Preprocessing of Binary Executable Files and its Usage in Retargetable Decompilation",
journal="International Journal on Advances in Software",
year="2014",
volume="7",
number="1",
pages="112--122",
issn="1942-2628",
url="http://www.iariajournals.org/software/tocv7n12.html"
}