以前关于反编译的论文经常把GOTO语句的数量作为衡量所生成代码 "质量 "的标准。虽然质量经常被用作可读性的同义词,而且目前还不清楚这是否会对静态分析工具产生任何影响,但较少的GOTO数量也可以被认为是更先进的反编译器的标志。我们注意到,所有的工具都产生了包含许多GOTO的代码,范围从最小的84个(HexRays on ytnef)到最大的36,002个(HexRays on Wireshark)。平均来说,HexRays每60.3个LOCs(原始源代码)就产生一个GOTO,Ghidra每60.7个就产生一个,RetDec每11.2个就产生一个。
Accessed November 9, 2021. Avast Retargetable Decompiler IDA Plugin. https://blog.fpmurphy.com/2017/12/avast-retargetable-decompiler-ida-plugin.html.
Accessed November 9, 2021. Awesome Static Analysis. https://github.com/analysis-tools-dev/static-analysis.
Accessed November 9, 2021. C and C++ Source Code Analysis Tools. https://www.codeanalysistools.com/?cplusplus.
Accessed November 9, 2021. Code-QL. https://securitylab.github.com/tools/codeql.
Accessed November 9, 2021. Code-ql queries examples. https://help.semmle.com/QL/learn-ql/cpp/ql-for-cpp.html.
Accessed November 9, 2021. CPPCheck. http://cppcheck. sourceforge.net/.
Accessed November 9, 2021. CWE Checker. https: //github.com/fkie-cat/cwe-checker.
Accessed November 9, 2021. flawfinder. https://github.com/david-a-wheeler/flawfinder.
Accessed November 9, 2021. framac. https://frama-c.com/.
Accessed November 9, 2021. Ghidra. https://ghidra-sre.org/.
Accessed November 9, 2021. Hex-Rays Decompiler. https://www.hex-rays.com/products/decompiler/.
Accessed November 9, 2021. IKOS. https://github.com/NASA-SW-VnV/ikos.
Accessed November 9, 2021. Infer. https://fbinfer.com/.
Accessed November 9, 2021. Joern. https://joern.io/.
Accessed November 9, 2021. Joern queries examples. https://github.com/ShiftLeftSecurity/joern/tree/master/joern-cli/src/main/resources/scripts/c.
Accessed November 9, 2021. RATS. https://code.google.com/archive/p/rough-auditing-tool-for-security/.
Accessed November 9, 2021. Scan-build. https://clang-analyzer.llvm.org/.
Accessed November 9, 2021. Veracode. https://www.veracode.com/products/binary-static-analysis-sast.
Accessed November 9, 2021. What are the best sast tools?https://cybersecuritykings.com/2020/02/16/11-tips-on-sast-tool-selection/.
H.H. AlBreiki and Q.H. Mahmoud. 2014. Evaluation of static analysis tools for software security. In IIT.
A. Arusoaie, S. C., V. Craciun, D. Gavrilut, and D. Lucanu. 2017. A comparison of open-source static analysis tools for vulnerability detection in c/c++ code. In IEEE SYNASC.
Dirk Beyer and M Erkan Keremoglu. [n.d.]. CPAchecker: A tool for configurable software verification. In International Conference on Computer Aided Verification.
D. Brumley, J. Lee, E.J. Schwartz, and M. Woo. 2013. Native x86 decompilation using semantics-preserving structural analysis and iterative control-flow structuring. In {USENIX}.
G. Chatzieleftheriou and P. Katsaros. 2011. Test-driving static analysis tools in search of C code vulnerabilities. In IEEE COMPSAC.
B. Chess and G. McGraw. [n.d.]. Static analysis for security. 2004 IEEE S&P ([n. d.]).
C. Cifuentes and K. J. Gough. [n.d.]. Decompilation of binary programs. Software: Practice and Experience ([n. d.]).
Y. David, N. Partush, and E. Yahav. 2018. Firmup: Precise static detection of common vulnerabilities in firmware. ACM SIGPLAN Notices (2018).
A. Dinaburg and A. Ruef. 2014. Mcsema: Static translation of x86 instructions to llvm. In ReCon.
E.N. Dolgova and A.V. Chernov. 2009. Automatic reconstruction of data types in the decompilation problem. Programming and Computer Software (2009).
P. Emanuelsson and U. Nilsson. 2008. A comparative study of industrial static analysis tools. Electronic notes in theoretical computer science (2008).
A. Fatima, S. Bibi, and R. Hanif. 2018. Comparative study on static code analysis tools for c/c++. In IEEE IBCAST.
J. Feist, L. Mounier, S. Bardin, R. David, and M. Potet. 2019. Finding the needle in the heap: combining static analysis and dynamic symbolic execution to trigger use-after-free. In SSPREW.
C. Fu, H. Chen, H. Liu, X. Chen, Y. Tian, F. Koushanfar, and J. Zhao. 2019. Coda: An end-to-end neural program decompiler. In Advances in Neural Information Processing Systems. 3708–3719.
V. Ganapathy, S. Jha, D. Chandler, D. Melski, and David V. 2003. Buffer overrun detection using linear programming and static analysis. In ACM CCS.
A. Gussoni, A. Di Federico, P. Fezzardi, and G. Agosta. 2020. A Comb for Decompiled C Code. In ACM AsiaCCS.
B. Hackett, M. Das, D. Wang, and Z. Yang. 2006. Modular checking for buffer overflows in the large. In ICSE.
D. Hovemeyer and W. Pugh. 2007. Finding more null pointer bugs, but not too many. In ACM SIGPLAN-SIGSOFT PASTE.
D. Hovemeyer, J. Spacco, and W. Pugh. 2005. Evaluating and tuning a static analysis to find null pointer bugs. In ACM SIGPLAN-SIGSOFT PASTE.
D. S. Katz, J. Ruchti, and E. Schulte. 2018. Using recurrent neural networks for decompilation. In IEEE SANER.
O. Katz, Y. Olshaker, Y. Goldberg, and E. Yahav. 2019. Towards neural decompilation. arXiv preprint arXiv:1905.08325 (2019).
M. Kim, D. Kim, E. Kim, S. Kim, Y. Jang, and Y. Kim. 2020. FirmAE: Towards Large-Scale Emulation of IoT Firmware for Dynamic Analysis. In ACSAC.
Y. Kim, J. Lee, H. Han, and K. Choe. 2010. Filtering false alarms of buffer overflow analysis using SMT solvers. Information and Software Technology (2010).
K.J. Kratkiewicz. 2005. Evaluating static analysis tools for detecting buffer overflows in c code. Technical Report. HARVARD UNIV CAMBRIDGE MA.
J. Kˇroustek, P. Matula, and P. Zemek. 2017. Retdec: An open-source machine-code decompiler.
J. Lacomis, P. Yin, E. Schwartz, M. Allamanis, C. Le Goues, G. Neubig, and B. Vasilescu. 2019. Dire: A neural approach to decompiled identifier naming. In IEEE/ACM ASE.
J. Lee, T. Avgerinos, and D. Brumley. 2011. TIE: Principled reverse engineering of types in binary programs. (2011).
H. Liang, S. Liu, Y. Zhang, and M. Wang. 2017. Improving the precision of static analysis: Symbolic execution based on GCC abstract syntax tree. In SNPD.
Z. Liu and S. Wang. 2020. How far we have come: testing decompilation correctness of C decompilers. In SIGSOFT ISSTA.
Z. Liu, Y. Yuan, S. Wang, and Y. Bao. 2022. SoK: Demystifying Binary Lifters Through the Lens of Downstream Applications.In 2022 2022 IEEE Symposium on Security and Privacy (SP) (SP). IEEE Computer Society, Los Alamitos, CA, USA, 453–472. https://doi.org/10.1109/SP46214.2022.00027
S. Ma, M. Jiao, S. Zhang, W. Zhao, and D.W. Wang. 2015. Practical null pointer dereference detection via value-dependence analysis. In IEEE ISSREW.
R. Mahmood and Q.H. Mahmoud. 2018. Evaluation of static analysis tools for finding vulnerabilities in Java and C/C++ source code. arXiv preprint arXiv:1805.09040 (2018).
R. K McLean. 2012. Comparing static security analysis tools using open source software. In IEEE SERE.
M. Noonan, A. Loginov, and D. Cok. 2016. Polymorphic type inference for machine code. In ACM SIGPLAN PLDI.
J. Pewny, B. Garmany, R. Gawlik, C. Rossow, and T. Holz. 2015. Cross-architecture bug search in binary executables. In IEEE S&P.
S. Poeplau and A. Francillon. 2020. Symbolic execution with SymCC: Don’t interpret, compile!. In {USENIX}.
D. Pozza, R. Sisto, L. Durante, and A. Valenzano. 2006. Comparing lexical analysis tools for buffer overflow detection in network software. In COMSWARE.
E. Schulte, J. Ruchti, M. Noonan, D. Ciarletta, and A. Loginov. 2018. Evolving exact decompilation. In BAR.
S. Shiraishi, V. Mohan, and H. Marimuthu. 2015. Test suites for benchmarks of static analysis tools. In IEEE ISSREW.
E. S¨oderberg, T. Ekman, G. Hedin, and E. Magnusson. 2013. Extensible intraprocedural flow analysis at the abstract syntax tree level. Science of Computer Programming (2013).
J. Viega, J. Bloch, Y. Kohno, and G. McGraw. [n.d.]. ITS4: A static vulnerability scanner for C and C++ code. In 2000 ACSAC
D. A. Wagner, J. S Foster, E. A. Brewer, and A. Aiken. 2000. A first step towards automated detection of buffer overrun vulnerabilities..In NDSS.
R. Xu, P. Godefroid, and R. Majumdar. 2008. Testing for buffer overflows with length abstraction. In ISSTA.
K. Yakdan, S. Dechand, E. Gerhards-Padilla, and M. Smith. 2016. Helping johnny to analyze malware: A usability-optimized decompiler and malware analysis user study. In IEEE S&P.
K. Yakdan, S. Eschweiler, E. Gerhards-Padilla, and M. Smith. 2015. No More Gotos: Decompilation Using Pattern-Independent Control-Flow Structuring and Semantic-Preserving Transformations.. In NDSS.
F. Yamaguchi, N. Golde, D. Arp, and K. Rieck. [n.d.]. Modeling and discovering vulnerabilities with code property graphs. In 2014 IEEE S&P.
F. Yamaguchi, M. Lottmann, and K. Rieck. 2012. Generalized vulnerability extrapolation using abstract syntax trees. In ACSAC.
H. Yan, Y. Sui, S. Chen, and J. Xue. 2017. Machine-learning-guided typestate analysis for static use-after-free detection. In ACSAC.
H. Yan, Y. Sui, S. Chen, and J. Xue. 2018. Spatio-temporal context reduction: A pointer-analysis-based static approach for detecting use-after-free vulnerabilities. In ICSE.
J. Ye, C. Zhang, and X. Han. 2014. Poster: Uafchecker: Scalable static detection of use-after-free vulnerabilities. In ACM CCS.