Computer Engineering and Applications ›› 2010, Vol. 46 ›› Issue (23): 64-66.DOI: 10.3778/j.issn.1002-8331.2010.23.018
• 研发、设计、测试 • Previous Articles Next Articles
TANG He-ping,HUANG Shu-guang,WU Zhi-yong
Received:
Revised:
Online:
Published:
Contact:
唐和平,黄曙光,吴志勇
通讯作者:
Abstract: In order to analyze executable file,this paper proposes a method of understanding program by data flow analysis.It firstly translates disassemble results into data flow descriptive language and gets Reach In and Out definition,builds intra-procedur data flow equations,and then solves equations to refer relation between function input and output.The method has been validated by experiment on string copy function without extra clue.
Key words: sensitive data flow, disassemble, reach-definition, program understanding
摘要: 二进制程序数据流静态分析首先将被分析的程序转换成数据流描述标记,确定每个基本块的输入、输出定值集合,结合程序控制流图,建立模块内数据流方程组,通过迭代的方法解数据流方程并推导出函数输入与输出之间的联系,实现函数功能的静态理解。经过实验表明,在不需要额外提示的情况下,能够准确识别二进制形式的字符串拷贝函数。
关键词: 敏感数据流, 反汇编, 到达-定值, 程序理解
CLC Number:
TP393.08
TANG He-ping,HUANG Shu-guang,WU Zhi-yong. Method based on data flow analysis to understanding binary program[J]. Computer Engineering and Applications, 2010, 46(23): 64-66.
唐和平,黄曙光,吴志勇. 数据流分析的二进制程序理解方法[J]. 计算机工程与应用, 2010, 46(23): 64-66.
0 / Recommend
Add to citation manager EndNote|Ris|BibTeX
URL: http://cea.ceaj.org/EN/10.3778/j.issn.1002-8331.2010.23.018
http://cea.ceaj.org/EN/Y2010/V46/I23/64
