original source code as closely as possible (though sometimes simply under-
standing the machine code might be enough). Because the C compiler alters so
little about the program, relatively speaking, it is fairly easy to reconstruct a
good approximation of the C source code from a program’s binaries. Except
where noted, the high-level language code samples in this book were all writ-
ten in C.
C++
The C++ programming language is an extension of C, and shares C’s basic syn-
tax. C++ takes C to the next level in terms of flexibility and sophistication by
introducing support for object-oriented programming. The important thing is
that C++ doesn’t impose any new limits on programmers. With a few minor
exceptions, any program that can be compiled under a C compiler will com-
pile under a C++ compiler.
The core feature introduced in C++ is the class. A class is essentially a data
structure that can have code members, just like the object constructs described
earlier in the section on code constructs. These code members usually manage
the data stored within the class. This allows for a greater degree of encapsula-
tion, whereby data structures are unified with the code that manages them. C++
also supports inheritance, which is the ability to define a hierarchy of classes that
enhance each other’s functionality. Inheritance allows for the creation of base
classes that unify a group of functionally related classes. It is then possible to
define multiple derived classes that extend the base class’s functionality.
The real beauty of C++ (and other object-oriented languages) is polymor-
phism (briefly discussed earlier, in the “Common Code Constructs” section).
Polymorphism allows for derived classes to override members declared in the
base class. This means that the program can use an object without knowing its
exact data type—it must only be familiar with the base class. This way, when a
member function is invoked, the specific derived object’s implementation is
called, even though the caller is only aware of the base class.
Reversing code written in C++ is very similar to working with C code,
except that emphasis must be placed on deciphering the program’s class hier-
archy and on properly identifying class method calls, constructor calls, etc.
Specific techniques for identifying C++ constructs in assembly language code
are presented in Appendix C.
In case you’re not familiar with the syntax of C, C++ draws its name from the C
syntax, where specifying a variable name followed by ++ incdicates that the
variable is to be incremented by 1. C++is the equivalent of C = C + 1.Low-Level Software 35