IA-32反编译中的多分支语句恢复技术

Recovery technique of n-conditional branch statements in IA-32 decompilation

对IA-32反编译后多分支结构的各种实现模式进行了系统的研究分析,并对复杂条件下典型的多分支结构实现模式进行了形式化的描述。在多分支结构的识别过程中,通过对索引表和跳转表调用指令的格式分析,提出了双特征指令匹配算法。通过程序切片建立了索引表和跳转表调用的表达式标准型,消除了多分支语句恢复过程中编译器类型和版本差异带来的影响,提高了算法通用性,对于进行程序反解及软件逆向工程具有重要的参考价值。

This paper had a systemic research on the compiling strategy of n-conditional branch statements in IA-32 architecture, and offered a formal description to the typical realization strategy of n-conditional branch statements under intricacy mode. By analyzing the formats of calling instructions to the indexed table and the jump table, proposed a novel recognition algorithm based on character instruction matching. To eliminate the influence caused by type and edition varieties of different compilers, it established two standard calling expressions to the indexed table and the jump table, which improved the universality of the algorithm greatly. The work of this paper has great reference value to program disassembling as well as software reverse engineering.