 |
Mihai Christodorescu
Doctoral Candidate
1210 W Dayton St
Office 7372
Madison, WI 53706-1685
|
This paper is a result of research work on string analysis and appeared in the Proceedings of the 6th ACM SIGPLAN-SIGSOFT Workshop on Program Analysis for Software Tools and Engineering (PASTE 2005) (co-located with ESEC/FSE 2005), September 5-6, 2005, Lisbon, Portugal.
The U.S. Government is authorized to reproduce and distribute reprints for Governmental purposes, notwithstanding any copyright notices affixed thereon. The views and conclusions contained herein are those of the authors and should not be interpreted as necessarily representing the official policies or endorsements, either expressed or implied, of the above government agencies or the U.S. Government.
Mihai Christodorescu was supported in part by the Office of Naval Research (ONR) under contracts N00014-01-1-0796 and N00014-01-1-0708, while working as a research assistant on the WiSA project. Nicholas Kidd was supported in part by the National Science Foundation under grant CCR-9986308.
Downloads:
Abstract
Information about string values at key points in a program can help program understanding, reverse engineering, and forensics. We present a static-analysis technique for recovering possible string values in an executable program, when no debug information or source code is available. The result of our analysis is a regular language that describes a superset of the string values possible at a given program point. We also impart some of the lessons learned in the process of implementing our analysis as a tool for recovering C-style strings in x86 executables.