RetDec v3.3 releases: retargetable machine-code decompiler
The decompiler is not limited to any particular target architecture, operating system, or executable file format:
- Supported file formats: ELF, PE, Mach-O, COFF, AR (archive), Intel HEX, and raw machine code.
- Supported architectures (32b only): Intel x86, ARM, MIPS, PIC32, and PowerPC.
- Static analysis of executable files with detailed information.
- Compiler and packer detection.
- Loading and instruction decoding.
- Signature-based removal of statically linked library code.
- Extraction and utilization of debugging information (DWARF, PDB).
- Reconstruction of instruction idioms.
- Detection and reconstruction of C++ class hierarchies (RTTI, vtables).
- Demangling of symbols from C++ binaries (GCC, MSVC, Borland).
- Reconstruction of functions, types, and high-level constructs.
- Integrated disassembler.
- Output in two high-level languages: C and a Python-like language.
- Generation of call graphs, control-flow graphs, and various statistics.
- Added basic support of 64-bit x86 architecture.
newLLVM IR to BIR converter is now the default (and only) back-end’s converter.
- Reduced the needed stack space in
For more details, see the full changelog
This repository contains the following libraries:
bin2llvmir— library of LLVM passes for translating binaries into LLVM IR modules.
debugformat— library for uniform representation of DWARF and PDB debugging information.
dwarfparser— library for high-level representation of DWARF debugging information.
llvm-support— set of LLVM related utility functions.
llvmir2hll— library for translating LLVM IR modules to high-level source codes (C, Python-like language).
This repository contains the following tools:
bin2llvmirtool— frontend for the
llvm2hlltool— frontend for the
This repository contains the following scripts:
decompile.sh— the main decompilation script binding it all together. This is the tool to use for full binary-to-C decompilations.
- Support scripts used by
color-c.py— decorates output C sources with IDA color tags — syntax highlighting for IDA.
config.sh— decompiler’s configuration file.
decompile-archive.sh— decompiles objects in the given AR archive.
fileinfo.sh— a Fileinfo tool wrapper.
signature-from-library.sh— extracts function signatures from the given library.
unpack.sh— tries to unpack the given executable file by using any of the supported unpackers.
- Other utility scripts:
decompile-all.sh— decompiles all executables in the given directory and subdirectories.
run-unit-test.sh— run all tests in the unit test directory.
utils.sh— a collection of bash utilities.
Copyright (c) 2017 Avast Software