Using a decompiler for real-world source recovery

Van Emmerik, Mike and Waddington, Trent (2004). Using a decompiler for real-world source recovery. In: B. Werner, Proceedings of the 11th Working Conference on Reverse Engineering. Working Conference on Reverse Engineering, Delft, Netherlands, (27-36). 8-12 November 2004. doi:10.1109/WCRE.2004.42

Attached Files (Some files may be inaccessible until you login with your UQ eSpace credentials)
Name Description MIMEType Size Downloads
experience.pdf experience.pdf application/pdf 91.09KB 698 Click to show the corresponding preview/stream application/postscript 117.02KB 366

Author Van Emmerik, Mike
Waddington, Trent
Title of paper Using a decompiler for real-world source recovery
Conference name Working Conference on Reverse Engineering
Conference location Delft, Netherlands
Conference dates 8-12 November 2004
Proceedings title Proceedings of the 11th Working Conference on Reverse Engineering
Journal name Proceedings - Working Conference on Reverse Engineering, WCRE
Place of Publication Los Alamitos, CA, U.S.A.
Publisher IEEE Computer Society
Publication Year 2004
Sub-type Fully published paper
DOI 10.1109/WCRE.2004.42
Open Access Status File (Author Post-print)
ISBN 0-7695-2243-2
ISSN 1095-1350
Editor B. Werner
Start page 27
End page 36
Total pages 10
Language eng
Abstract/Summary Despite their 40 year history, native executable decompilers have found very limited practical application in commercial projects. The success of Java decompilers is well known, and a few decompilers perform well by recognising patterns from specific compilers. This paper describes the experience gained from applying a native executable decompiler, assisted by a commercial disassembler and hand editing, to a real-world Windows-based application. The clients had source code for a prototype version of the program, and an executable that performed better, for which the source code was not available. The project was to recover the algorithm at the core of the program, and if time permitted, the recovery of other pieces of source code. Despite the difficulties, the core algorithm was successfully decompiled, and a portion of the rest of the program as well. There were surprises, including the ability to recover almost all original class names, and the complete class hierarchy.
Subjects 280302 Software Engineering
Keyword Reverse engineering
Program compilers
References [1] Boomerang web page. BSD licensed software, 2002. . [2] G. Caprino. REC - Reverse Engineering Compiler. Binaries free for any use, 1998. Retrieved Jan 2003 from [3] C. Cifuentes. Reverse Compilation Techniques. PhD dissertation, Queensland University of Technology, School of Computing Science, July 1994. . [4] C. Cifuentes. The dcc decompiler. GPL licensed software, 1996. Retrieved Mar 2002 from [5] C. Cifuentes and K.J. Gough. Decompilation of binary programs. Software - Practice and Experience, 25(7):811-829, 1995. [6] DataRescue. IDA Pro, 1998. Retrieved Jan 2003 from . [7] DeCompilation wiki page, 2001. . [8] T. Hoffman. Recovery firm hot on heels of missing source code. In Computer World, 24th March 1997. [9] Pentium Processor Family Developer's Manual, volume 3, chapter 25, pages 25-145 - 25-147. Intel Literature, 1995. [10] Intel Architecture Software Development Manual, 1997. Pages 3-182 - 3-185, retrieved July 2004 from . [11] A. Mycroft. Type-based decompilation. In S. Swierstra, editor, 8th European Symposium on Programming, volume 1576 of Lecture Notes in Computer Science, Amsterdam, Netherlands, March 1999. Springer-Verlag. [12] J. O'Gorman. Systematic Decompilation. PhD thesis, University of Limerick, 1991. Technical Report UL-CSIS-91-12 Retrieved Mar 2002 from . [13] Source Recovery's HP-UX C/C++ Decompiler, 2002. Retrieved Feb 2004 from . [14] The Source Recovery Company, 1996. Retrieved July 2004 from . [15] M. Van Emmerik. Identifying library functions in executable files using patterns. In Proc. Australian Software Engineering Conference, pages 90?97, Adelaide, Australia, Nov 1998. IEEE-CS Press. [16] L. Vinciguerra, L. Wills, N. Kejriwal, P. Martino, and R. Vinciguerra. An experimentation framework for evaluating disassembly and decompilation tools for C++ and Java. In Proc. Working Conference on Reverse Engineering, pages 14-23, Victoria, Canada, Nov 2003. IEEE-CS Press. [17] M. Ward. Assembler to C migration using the FermaT transformation system. In Proc. International Conference on Software Maintenance, pages 67-76, Oxford, England, 1999. [18] M. Ward. Pigs from sausages? Reengineering from assembler to C via FermaT transformations. Science of Computer Prgramming Special Issue: Transformations Everywhere, 52(1-3):213-255, 2004.
Q-Index Code E1
Q-Index Status Provisional Code
Institutional Status Unknown

Version Filter Type
Citation counts: Scopus Citation Count Cited 14 times in Scopus Article | Citations
Google Scholar Search Google Scholar
Created: Thu, 17 Feb 2005, 10:00:00 EST by Mike Van Emmerik on behalf of School of Information Technol and Elec Engineering