摘要: 为准确刻画程序的控制流和正确地提取程序控制结构,给出可执行代码控制流分析的整体架构和算法,阐述可执行代码反汇编结果的抽象表示、程序控制流构造等技术。反汇编结果抽象表示采用简化汇编语言中间表示(SAIR)以保证分析的简洁性和严密性。基于SAIR给出程序控制流构造函数,设计程序控制流构造算法并给出分析实例。
关键词:
逆向分析,
中间表示,
控制流,
抽象表示
Abstract: In order to analyze program control flow precisely and depict program control structure correctly, this paper introduces an overall architecture for control flow analysis and proposes an algorithm to generate the control flow of executable code. Key techniques such as abstraction of executable code and program control flow generation are described. Simple Assembly language Intermediate Representation(SAIR) is presented. Without changing semantics of the disassembly code, SAIR ensures thesimplicity and stringentness of analysis. The functions that create program control flow are defined based on SAIR and the algorithm that generates the control flow is proposed. The example of analyzing program control flow is given.
Key words:
reverse analysis,
intermediate representation,
control flow,
abstract representation
中图分类号:
窦增杰, 王震宇, 陈楠, 王瑞敏, 田佳. 基于可执行代码中间表示的控制流分析[J]. 计算机工程, 2010, 36(21): 31-33,36.
DOU Ceng-Jie, WANG Shen-Yu, CHEN Nan, WANG Rui-Min, TIAN Jia. Control Flow Analysis Based on Intermediate Representation of Executable Code[J]. Computer Engineering, 2010, 36(21): 31-33,36.