Why decompilation?

Today it is not uncommon for a software development company to use third-party components that are provided without source code. In such cases it is often desired to verify that these components do not include malicious code and have no security loopholes.

It is also a common situation when some legacy software is used for years, and its source code has been lost. In such a situation, a need may arise to fix errors in this software, improve its performance, or adapt it to the changed requirements.

Such problems are addressed by reverse engineering. Software reverse engineering may involve decompilation — translation of machine code or bytecode obtained from a compiler back into the source code in the original high-level language. Note that decompilation output will not be textually equivalent to the original source code, and is likely to be less comprehensible to a human.

What is SmartDec?

SmartDec is a native code to C/C++ decompiler. It is currently in its beta stage. However, most of the functionality is already in place and can be used. If you are interested in checking out the beta version, visit the downloads page.

How does it work?

SmartDec performs decompilation in several steps:

  1. Parsing of the input file.
  2. Disassembly of the file's code sections.
  3. Construction of the control flow graph.
  4. Isolation of functions.
  5. Analysis of functions:
    1. Joint reaching definitions and constant propagation analysis.
    2. Reconstruction of local variables, function's arguments and return values.
    3. Liveness analysis.
    4. Reconstruction of integral and composite types.
    5. Structural analysis, including the reconstruction of compound conditions and loops.
  6. High-level program generation, optimization, and output.

What about C++?

There is also some work done on reconstruction of the following C++ specific constructs.

  • Virtual functions.
  • Classes.
  • Class hierarchies, i.e. inheritance relations between classes.
  • Constructors and destructors.
  • Types of pointers to polymorphic classes.
  • Non-virtual member functions.
  • Layout and types of class members.
  • Calls to virtual functions.
  • Exception raising and handling statements.

What is supported?

SmartDec currently supports x86 and x86-x64 architectures. C++ reconstruction supports the 32-bit ABI used by MSVC compiler under Windows. C reconstruction is generic and can be used on a code produced by virtually any compiler for x86 and x86-x64 architectures. However, note that SmartDec will not decompile encrypted or compressed executables.