this paper is structured in the following way: a thorough description of the structure of a decompiler, followed by the description of our implementation of an # An idiom is a sequence of instruction that forms a logical entity and has a meaning that cannot be derived by considering the primary meanings of the individual instructions # # # # HLL program (language dependent) Back-end (analysis) UDM (machine dependent) Front-end binary program Figure 1. Decompiler modules automatic decompiling system, and conclusions. The paper is followed by the definitions of graph theoretical concepts used throughout the paper (Appendix I), and sample output from different phases of the decompilation of a program (Appendix II)

. A structuring algorithm for arbitrary control flow graphs is presented. Graphs are structured into functional, semantical and structural equivalent graphs, without code replication or introduction of new variables. The algorithm makes use of a set of generic high-level language structures that includes different types of loops and conditionals. Gotos are used only when the graph cannot be structured with the structures in the generic set. This algorithm is adequate for the control flow analysis required when decompiling programs, given that a pure binary program does not contain information on the high-level structures used by the initial high-level language program (i.e. before compilation). The algorithm has been implemented as part of the dcc decompiler, an i80286 decompiler of DOS binary programs, and has proved successful in its aim of structuring decompiled graphs. 1 Introduction A decompiler is a software tool that reverses the compilation process by translating a pure binar...

Reverse engineering of software systems has traditionally centered upon the generation of high-level abstractions or specifications from high-level code or databases. In this paper we report on a reverse engineering environment for low-level executable code: a reverse compilation or decompilation environment that aids in the understanding of the underlying executable program. The reverse compilation process recovers high-level code from executable programs at a higher representation level than that produced by disassemblers; in fact, disassembly is part of the first stage in this process. Several tools aid in the process of reverse compilation, these are: loaders, signature generators, library prototype generators, disassemblers, library bindings, and language to language translators. The integration of these tools in the whole process is presented in this paper. The results obtained by the prototype reverse compilation system dcc are encouraging: high-level code is regenerated with c...

ion in a Higher-Order Logic Framework Marco Benini Sara Kalvala Dirk Nowotka ? Department of Computer Science University of Warwick, Coventry, CV4 7AL, United Kingdom Abstract. We present a hybrid approach to program verification: a higher-order logic, used as a specification language, and a human-driven proof environment, with a process-algebraic engine to allow the use of process simulation as an abstraction technique. The domain of application is the validation of object code, and our intent is to adapt and mix existing formalisms to make possible the verification of representative programs. In this paper, we describe the logic in question and an underlying semantics given in terms of a process algebra. 1 Introduction Software validation through formal verification has been a topic of much research over the years, but widespread adoption of developed techniques is still elusive. One may attribute this to many factors --- two of them being the difficulty in performing the verificat...