Abstract: Disassembly is the foundation of code analysis, code detection and code instrumentation, by translating binary code into symbol form. Disassembly technology based on static analysis and dynamic emulation is presented in this paper, in order to improve the accuracy and coverage of code disassembly. Based on the static disassembly algorithms, dynamic identification algorithm of basic block is constructed by using code emulation environment, and the code disassembly is refined by monitoring the execution paths of code. Test results show that the technology is effective.

Key words: disassembly technology, linear scan, recursive traversal, basic block, QEMU emulator

摘要： 为在不修改二进制代码的情况下提高反汇编的准确性和覆盖率，提出一种静态分析与动态仿真相结合的反汇编技术。在传统静态反汇编算法的基础上，利用代码仿真环境构造动态基本块标记算法，通过监控代码的执行路径达到反汇编求精的目的。测试结果证明了该方法的有效性。

关键词: 反汇编技术, 线性扫描, 递归遍历, 基本块, QEMU仿真器

CLC Number: 

• TP309