Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Intrinsic function recognition method based on sub-graph isomorphism matching algorithm in decompilation

A subgraph isomorphism and matching algorithm technology, applied in the field of decompilation, can solve problems such as ineffective representation of the control flow relationship of instruction statements, incomplete decompilation results of intrinsic functions, and impact on the readability of high-level codes, etc., to achieve strong functionality. Extensibility, enhanced readability and accuracy, and the effect of increasing the level of abstraction

Inactive Publication Date: 2015-09-16
XI AN JIAOTONG UNIV
View PDF5 Cites 19 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

For example, the common library functions strlen, strcpy, strcmp, and memcmp in C language are also used as intrinsic functions of the compiler. Under the compiler optimization option, the function body statement is expanded inline at the function call point, and the Flirt algorithm is constructed. The signature of the byte stream function cannot effectively represent the control flow relationship between instruction statements, and cannot efficiently identify such functions, resulting in incomplete decompilation results of intrinsic functions, which affects the readability of the final high-level code sex

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Intrinsic function recognition method based on sub-graph isomorphism matching algorithm in decompilation
  • Intrinsic function recognition method based on sub-graph isomorphism matching algorithm in decompilation
  • Intrinsic function recognition method based on sub-graph isomorphism matching algorithm in decompilation

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0033] The present invention will be described in further detail below in conjunction with the accompanying drawings.

[0034] The intrinsic function identification method based on the subgraph isomorphism matching algorithm in the decompilation provided by the present invention comprises the following steps:

[0035] First, for a specific compiler, build the compiler’s intrinsic function template library: select a program with intrinsic function calls as a sample program, compile the sample program under the compiler optimization option to generate an executable file; use the IDA disassembler to disassemble Assemble the executable file, and use the generated assembly file as the input of the Boomerang decompiler. The Boomerang decompiler loads and decodes the assembly file. The decoding module uses continuous assembly instructions as basic blocks, and the control flow relationship as directed edges. Construct the assembly instruction control flow graph of the assembly file; e...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses an intrinsic function recognition method based on a sub-graph isomorphism matching algorithm in decompilation, and belongs to the technical field of decompilation. According to the method, an intrinsic function template library is established, sub-graph isomorphism matching is conducted on intrinsic function templates and target assembling files generated through decompilation on the basis of a control flow diagram, and intrinsic functions which are subjected to compiler optimization and inline expansion in target programs of the target assembling files are positioned. According to the intrinsic function recognition method, inline intrinsic functions in the decomplation process can be recognized automatically, meanwhile, the templates and prototypes of the intrinsic functions are analyzed, the function names, returned values, returned value types and function parameters of the intrinsic functions are recovered, and thus the purpose of promoting the semantics of the inline intrinsic functions is achieved. More type information is provided for type analysis in decompilation through the promoted inline intrinsic functions, the complexity of data flow analysis and control flow analysis is lowered, the level of abstraction of intermediate codes is improved, and the readability of decompilation results is enhanced.

Description

technical field [0001] The invention belongs to the technical field of decompilation, and relates to a method for identifying inline intrinsic functions in decompilation, in particular to a method for identifying intrinsic functions in decompilation based on a subgraph isomorphism matching algorithm. Background technique [0002] Decompilation technology first appeared in the 1960s, mainly to realize cross-platform porting of code, and has been widely used in various aspects such as program understanding, source code recovery, program debugging, and security analysis. Decompilation software includes front-end, middle-end and back-end. The front end includes loader, software parsing unit and decoder. The loader loads the executable file, disassembles to obtain the assembly code, and then the decompilation software organizes the assembly program into corresponding data structures, such as symbol table, symbol address table, process body entry address table, instruction chain ...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Applications(China)
IPC IPC(8): G06F9/44
Inventor 赵银亮张磊刘凯刘延昭
Owner XI AN JIAOTONG UNIV
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com