With a new decompiler for C/C++, developers can gain insight into the workings of a program without looking at source code. That's the plan for Snowman, which the project's lead developer hopes to make akin to an LLVM for decompilation.
Snowman decompiles from machine code to C with minor support for C++, and the source code should be released within several months, said head developer Yegor Derevenets, a university student in Germany, in an emailed response to questions.
The technology is “highly modular,” Derevenets said. “It is based on a decompilation library that can be easily integrated into other systems. As an example, we provide three applications using it: a command-line decompiler, a GUI decompiler, and an IDA disassembler plug-in. Hopefully, after its source code is released, Snowman will eventually become the LLVM for decompilation.
“The purpose of a decompiler is to translate programs in a low-level representation, like machine code or bytecode, to programs in a high-level programming language, like C, C++ or Java and C#,” Derevenets said. “Such a translation may be useful for people that try to understand how a low-level program works without having access to its source code: security engineers, viral analysts, maintainers of old systems whose code is lost.”
Snowman’s current 0.0.5 release features C/C++ code editing, refactoring, code navigation, and GUI performance improvements. Six point releases have been published since June, including a mid-October release with a plug-in for the IDA disassembler.