Search⌘ K
AI Features
Home
Courses
Debugging, Disassembly & Reversing in Linux for x64 Architecture

Reconstructing C/C++ Code

Explore how to reconstruct C and C++ programs from disassembled assembly and pseudocode. Learn the process of interpreting address calculations, pointer assignments, and arithmetic operations to transform mixed assembly into readable C/C++ code.

We'll cover the following...

Reconstructing mixed assembly / pseudocode code

Let’s reconstruct the line-by-line pseudocode, shown as comments against the assembly language code.

Assembly (GAS x86)
lea 0x2ef9(%rip), %rax       # 0x555555558030 <a>
# address a -> rax
mov %rax, 0x2efa(%rip)       # 0x555555558038 <pa>
# rax -> (pa)
lea 0x2eef(%rip), %rax       # 0x555555558034 <b>
# address b -> rax
mov %rax, 0x2ef4(%rip)       # 0x555555558040 <pb>
# rax -> (pb)

This code calculates the effective address of a, which it stores in register %rax. It then assigns the %rax register value to the integer pointer pa. We do the same process for b and store the %rax register value to the integer pointer pb.

Assembly (GAS x86)
mov 0x2ee5(%rip), %rax       # 0x555555558038 <pa>
# (pa) -> rax
movl $0x1, (%rax)
# 1 -> (rax)
mov 0x2ee0(%rip), %rax       # 0x555555558040 <pb>
# (pb) -> rax
movl $0x1, (%rax)
# 1 -> (rax)

The code snippet above assigns 1 to the indirect ...