Message-ID:	<37A52432.60703C94@megsinet.net>
From:	David Oppenheimer <davidopp AT megsinet DOT net>
X-Mailer:	Mozilla 4.61 [en] (Win98; U)
X-Accept-Language:	en
MIME-Version:	1.0
Newsgroups:	comp.os.msdos.djgpp
Subject:	Re: Decompiler Question.
References:	<Pine DOT SUN DOT 3 DOT 91 DOT 990801120011 DOT 20304b-100000 AT is>
Lines:	67
Date:	Mon, 02 Aug 1999 00:53:07 -0400
NNTP-Posting-Host:	216.214.125.9
X-Trace:	news.corecomm.net 933569579 216.214.125.9 (Sun, 01 Aug 1999 23:52:59 CDT)
NNTP-Posting-Date:	Sun, 01 Aug 1999 23:52:59 CDT
To:	djgpp AT delorie DOT com
DJ-Gateway:	from newsgroup comp.os.msdos.djgpp
Reply-To:	djgpp AT delorie DOT com

I must strenuously disagree here.  First, if disassembly were impossible, then
why would programmers waste their time programming disassemlers?!  Secondly,
if it were impossible, then why would people pay good money for these
disassembler programs?!

Follow this link to a page where you will find a disassembler written by J
Delorie.  Does that name sound familiar?!
http://www.suddendischarge.com/Disassemblers.html

On this following link you'll find information on Interactive DisAssembler Pro
(supposedly the best available).  You can contact the company to get FTP
access to download the free 9.8 megabyte Demo from here.

http://www.ccso.com/ida.html

Or if you just want to get a good idea of how IDA works, click on the
following link for a Free Ware version which lacks several significant
features that a professional developer needs, but hey, its free:

http://www.ccso.com/update/ida37fw.zip

So let's lay to rest once and for all the LIE that you cannot disassemble an
executable program file.  Let's keep in mind that the CPU of your computer is
a disassembler that you use every time you run a program.

Another example: When computer specialists analyze a computer virus, they do
what with it?  They disassemble it (or you could agree with Mr. Z that
disassembly is impossible and infer that computer scientists work some kind of
"magic" on a virus to unravel the inner workings of it or perhaps they just
make educated guesses as to how it works...LOL).

No disassembly is not impossible, but it is complicated.  A disassembler is
much more complex than a compiler because for it to be useful for general
purposes, it must be able to properly recognize and identify the libraries
referenced in the code so that it can correctly disassemble code written in a
number of higher level languages.  If you had a program that translated
English into Spanish (metaphorical example: compiling C++ code into 1's and
0's with DJGPP) it would be much less complex than a program which could
translate any major language into English (i.e. a program like IDA Pro 3.8
which can convert 1's and 0's from many different compilers into useable
higher level code).

If anyone is still unclear as to whether decompilation is possible, please
write me and I'll provide you with links to other decompiler pages.

Sincerely,

David Oppenheimer

Eli Zaretskii wrote:

> On Sat, 31 Jul 1999, sephiroth wrote:
>
> > Is it possible to decompile a DJGPP .exe file, I ask this because I
> > think noticed looking through the .exe file, function names. Which could
> > make it possible to decompile.
>
> What you see is the debug info.  It tells the debugger the addresses of
> the functions and how to convert the address of an instruction to a
> source-level line number.  But it doesn't say anything about converting
> the instructions into C code.
>
> > I know everyone says it's not possible to
> > decompile, but is DJGPP an exception?
>
> No.

- Raw text -