Refinement-based CFG reconstruction from unstructured programs

• Published in: Proceedings of the 12th international conference on Verification, model checking, and abstract interpretation pp. 54 - 69
• Main Authors: Bardin, Sébastien, Herrmann, Philippe, Védrine, Franck
• Format: Conference Proceeding
• Language: English
• Published: Berlin, Heidelberg Springer-Verlag 23.01.2011
• Series: ACM Other Conferences
• ISBN: 9783642182747; 3642182747
• DOI: 10.5555/1946284.1946290

This paper addresses the issue of recovering a both safe and precise approximation of the Control Flow Graph (CFG) of an unstructured program, typically an executable file. The problem is tackled in an original way, with a refinement-based static analysis working over finite sets of constant values. Requirement propagation allows the analysis to automatically adjust the domain precision only where it is needed, resulting in precise CFG recovery at moderate cost. First experiments, including an industrial case study, show that the method outperforms standard analyses in terms of precision, efficiency or robustness.