Recovery of Object Oriented Features from C++ Binaries

Reverse engineering is the process of examining and probing a program to determine the original design. Over the past ten years researchers have produced a number of capabilities to explore, manipulate, analyze, summarize, hyperlink, synthesize, componentize, and visualize software artifacts. Many reverse engineering tools focus on non-object-oriented software binaries with the goal of transferring discovered information into the software engineers trying to reengineer or reuse it. In this paper, we present a method that recovers object-oriented features from stripped C++ binaries. We discover RTTI information, class hierarchies, member functions of classes, and member variables of classes. The information obtained can be used for reengineering legacy software, and for understanding the architecture of software systems. Our method works for stripped binaries, i.e., Without symbolic or relocation information. Most deployed binaries are stripped. We compare our method with the same binaries with symbolic information to measure the accuracy of our techniques. In this manner we find our methods are able to identify 80% of virtual functions, 100% of the classes, 78% of member functions, and 55% of member variables from stripped binaries, compared to the total number of those artifacts in symbolic information in equivalent non-stripped binaries.