Abstract
Although the slicing of programs written in a high-level language has been widely studied in the literature, relatively few papers have been published on the slicing of binary executable programs. The lack of existing solutions for the latter is really hard to understand since the application domain for slicing binaries is similar to that for slicing high-level languages. Furthermore, there are special applications of the slicing of programs without source code like source code recovery, code transformation and the detection of security critical code fragments. In this paper, in addition to describing the method of interprocedural static slicing of binaries, we discuss how the set of the possible targets of indirect call sites can be reduced by dynamically gathered information. Our evaluation of the slicing method shows that, if indirect function calls are extensively used, both the number of edges in the call graph and the size of the slices can be significantly reduced.
This is a preview of subscription content, log in via an institution to check access.
Similar content being viewed by others
References
Agrawal, H. 1994. On slicing programs with jump statements, In Proc. ACM SIGPLAN Conference on Programming Languages, Design and Implementation, pp. 302–312.
Antoniol, G., Calzolari, F., and Tonella, P. 1999. Impact of function pointers on the call graph, In Proc. of the 3rd European Conference on Software Maintenance and Reengineering (CSMR), pp. 51–59.
Ball, T. and Horwitz, S. 1993. Slicing program with arbitrary control-flow, In Proc. International Workshop on Automated and Algorithmic Debugging, pp. 206–222.
Bergeron, J., Debbabi, M., Erhioui, M.M., and Ktari, B. 1999. Static analysis of binary code to isolate malicious behaviors, In Proc. IEEE International Workshop on Enterprise Security.
Beszédes, Á., Faragó, C., Szabó, Z.M., Csirik, J., and Gyimóthy, T. 2002, Union slices for program maintenance. In Proc. IEEE International Conference on Software Maintenance (ICSM 2002) pp. 12–21.
Beszédes, Á., Gergely, T., Szabó, Z.M., Csirik, J., and Gyimóthy, T. 2001. Dynamic slicing method for maintenance of large C programs, In Proc. Fifth European Conference on Software Maintenance and Reengineering (CSMR 2001), pp. 105–113.
Binkley, D. and Gallagher, K.B. 1996. Program slicing, Advances in Computers 43: 1–50.
Canfora, G., Cimitile, A., and De Lucia, A. 1998. Conditioned program slicing, In Information and Software Technology Special Issue on Program Slicing, Vol. 40, pp. 595–607.
Choi, J. and Ferrante, J. 1994. Static slicing in the presence of goto statements, ACM Trans. Program. Lang. Syst. 16(4): 1097–1113.
Cifuentes, C. and Fraboulet, A. 1997. Intraprocedural static slicing of binary executables, In Proc. International Conference on Software Maintenance, pp. 188–195.
Debray, S.K., Evans, W., Muth, R., and Sutter, B.D. 2000. Compiler techniques for code compaction, ACM Trans. Program. Lang. Syst. 22(2): 378–415.
Ferrante, J., Ottenstein, K.J., and Warren, J.D. 1987. The program dependence graph and its use in optimization, ACM Trans. Program. Lang. Syst. 9(3): 319–349.
Harman, M., Binkley, D.W., and Danicic, S. 2003. Amorphous program slicing, Journal of Systems and Software 68(1): 45–64.
Horwitz, S., Reps, T., and Binkley, D. 1990. Interprocedural slicing using dependence graphs, ACM Trans. Program. Lang. Syst. 12(1): 26–61.
Kiss, Á., Jász, J., Lehotai, G., and Gyimóthy, T. 2003. Interprocedural static slicing of binary executables, in Proc. Third IEEE International Workshop on Source Code Analysis and Manipulation (SCAM 2003), pp. 118–127.
Korel, B. and Laski, J. 1988. Dynamic program slicing, Information Processing Letters 29(2): 155–163.
Krinke, J. 2003. Advanced slicing of sequential and concurrent programs, Ph.D. thesis, Universität Passau.
Kumar, S. and Horwitz, S. 2002. Better slicing of programs with jumps and switches, In Proc. FASE 2002: Fundamental Approaches to Software Engineering.
Larus, J.R. and Schnarr, E. 1995. EEL: Machine-independent executable editing, ACM SIGPLAN Notices 30(6): 291–300.
Lee, C., Potkonjak, M., and Mangione-Smith, W.H. 1997. MediaBench: A tool for evaluating and synthesizing multimedia and communicatons Systems, In Proc. International Symposium on Microarchitecture, pp. 330–335.
Lengauer, T. and Tarjan, R.E. 1979. A fast algorithm for finding dominators in a flowgraph, ACM Trans. Program. Lang. Syst. 1(1): 121–141.
Microsoft Corporation. 1999. Microsoft portable executable and common object file format specification version 6.0. http://www.microsoft.com/hwdev/hardware/PECOFF.asp.
Mock, M., Atkinson, D.C., Chambers, C., and Eggers, S.J. 2002. Improving program slicing with dynamic points-to data, In Proc. 10th ACM SIGSOFT Symposium on the Foundations of Software Engineering, pp. 71–80.
Ottenstein, K.J. and Ottenstein, L.M. 1984. The program dependence graph in a software development environment, In Proc. ACM SIGSOFT/SIGPLAN Software Engineering Symposium on Practical Software Development Environments, pp. 177–184.
Reps, T., Horwitz, S., Sagiv, M., and Rosay, G. 1994. Speeding up slicing, In Proc. ACM SIGSOFT Symposium on the Foundations of Software Engineering, pp. 11–20.
Shapiro, M. and Horwitz, S. 1997. Fast and accurate flow-insensitive points-to analysis, In Proc. 24th ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages.
Standard Performance Evaluation Corporation (SPEC). 2000. SPEC CINT2000 Benchmarks. http://www.spec.org/osg/cpu2000/CINT2000/.
Tip, F. 1995. A survey of program slicing techniques, Journal of Programming Languages 3, 121–189.
TIS Committee. 1995. Tool interface Standard (TIS) executable and Linking Format (ELF) version 1.2. http://www.x86.org/ftp/manuals/tools/elf.pdf.
Weiser, M. 1984. Program slicing, IEEE Trans. Software Eng. 10(4): 352–357.
Author information
Authors and Affiliations
Corresponding author
Additional information
Ákos Kiss obtained his M.Sc. in Computer Science from the University of Szeged in 2000. He is currently working on his Ph.D. thesis and his chosen field of research is the analysis and optimization of binary executables. He was the chief programmer of a code compaction project which sought to reduce ARM binaries. He is also interested in GCC and in open source development
Judit Jász obtained her M.Sc. in Computer Science recently from the University of Szeged and is currently a Ph.D student. Her main research interest is adapting slicing methods—originally intended for high-level languages—to binary executables. She is also actively working on improving the GCC compiler.
Tibor Gyimóthy is the head of the Software Engineering Department at the University of Szeged in Hungary. His research interests include program comprehension, slicing, reverse engineering and compiler optimization. He has published over 60 papers in these areas and was the leader of several software engineering R&D projects. He is the Program Co-Chair of the 21th International Conference on Software Maintenance, which will be held in Budapest, Hungary in 2005.
Rights and permissions
About this article
Cite this article
Kiss, Á., Jász, J. & Gyimóthy, T. Using Dynamic Information in the Interprocedural Static Slicing of Binary Executables. Software Qual J 13, 227–245 (2005). https://doi.org/10.1007/s11219-005-1751-x
Issue Date:
DOI: https://doi.org/10.1007/s11219-005-1751-x