[LLVMdev] Reverse engineering for LLVM bit-code
Serge Pavlov
sepavloff at gmail.com
Mon Oct 14 21:01:20 PDT 2013
LLVM IR represents higher level than assembler code, it keeps some names
and it is easier to revert the IR to source code than a binary format.
The main task of LLVM IR is code generation. I don't think adding
obfuscation has particular worth, those who need it can use tools and
approaches specifically aimed at obfuscation. Even simple rename of
identifiers in source code makes C/C++ file very difficult to analyze. In
other cases one might use anti-debugger tricks or execution code in virtual
machine. Everything depends on the level of obfuscation, it is impractical
to make LLVM IR a tool for that.
Thanks,
--Serge
2013/10/15 Wan, Xiaofei <xiaofei.wan at intel.com>
> HI,
>
> I am interested in whether LLVM bit-code is ready for a distribution
> format(stored in software distribution package); is it easy to revert LLVM
> IR to C/C++ source code like Java byte code? My understanding is that.
> 1. LLVM IR is more like assembly code, so it is not easy for reverse
> engineering.
> 2. If it is easy for reverse engineering, does it mean it is not suitable
> for distribution format? Otherwise code obfuscation in IR level must be
> added.
>
> Thanks
> Wan Xiaofei
>
> _______________________________________________
> LLVM Developers mailing list
> LLVMdev at cs.uiuc.edu http://llvm.cs.uiuc.edu
> http://lists.cs.uiuc.edu/mailman/listinfo/llvmdev
>
--
Thanks,
--Serge
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.llvm.org/pipermail/llvm-dev/attachments/20131015/4309b77c/attachment.html>
More information about the llvm-dev
mailing list