ReF Decompile: Relabeling and Function Call Enhanced Decompile

TL;DR

ReF Decompile introduces relabeling and function call strategies to improve decompilation accuracy of binary code into high-level language, leveraging large language models and achieving state-of-the-art results.

Contribution

The paper presents novel relabeling and function call strategies that enhance control flow preservation and variable recovery in LLM-based decompilation.

Findings

Achieves 61.43% accuracy on Humaneval-Decompile Benchmark.

Surpasses existing baselines in decompilation performance.

Effectively preserves control flow and variable information.

Abstract

The goal of decompilation is to convert compiled low-level code (e.g., assembly code) back into high-level programming languages, enabling analysis in scenarios where source code is unavailable. This task supports various reverse engineering applications, such as vulnerability identification, malware analysis, and legacy software migration. The end-to-end decompile method based on large langauge models (LLMs) reduces reliance on additional tools and minimizes manual intervention due to its inherent properties. However, previous end-to-end methods often lose critical information necessary for reconstructing control flow structures and variables when processing binary files, making it challenging to accurately recover the program's logic. To address these issues, we propose the \textbf{ReF Decompile} method, which incorporates the following innovations: (1) The Relabelling strategy replaces jump target addresses with labels, preserving control flow clarity. (2) The Function Call strategy infers variable types and retrieves missing variable information from binary files. Experimental results on the Humaneval-Decompile Benchmark demonstrate that ReF Decompile surpasses comparable baselines and achieves state-of-the-art (SOTA) performance of $61.43\%$.