Abstract: Reverse engineering of binary programs is a fundamental task for specialists in the fields of computer security, system verification, cryptography, and other related fields. The decompilation of C++ is a very difficult problem in reverse engineering, especially the type recovering. This paper presents a technique to recover data type based on C++ exception handling. It can find out all the local objects in a function and analyze the addresses of the object’s constructor and destructor. In specific environment, this approach is a good solution of recovering data type information in C++ decompilation.

Key words: Reverse engineering, Decompilation, Type recovery, Exception handling

摘要： 二进制代码的逆向工程是一个底层的技术，被应用于计算机安全、系统验证、加密解密等相关领域。在逆向工程中，C++的反编译技术是一个难点，尤其是其类型信息的恢复。该文提出了一种利用异常处理机制的类型恢复方法，该方法可以用来分析出每个函数的所有局部类变量，还能分析出这个类的构造函数和析构函数的地址。该方法在特定的环境下可以准确高效地解决C++反编译中的一个难点。

关键词: 逆向工程, 反编译, 类型恢复, 异常处理

CLC Number: 

• TP311