String analysis for x86 binaries
Mihai Christodorescu, Nicholas Kidd, and Wen-Han Goh.
In 6th Workshop on Program Analysis for Software Tools and Engineering (PASTE).
Lisbon, Portugal, March 2005.
All student authors.Information about string values at key points in a program can help program understanding, reverse engineering, and forensics. We present a static-analysis technique for recovering possible string values in an executable program, when no debug information or source code is available. The result of our analysis is a regular language that describes a superset of the string values possible at a given program point. We also impart some of the lessons learned in the process of implementing our analysis as a tool for recovering C-style strings in x86 executables.
Paper: [pdf]