UPX

From Wikipedia, the free encyclopedia

Jump to: navigation, search
This article is about the computer software UPX. For the private for-profit institution of higher learning with the same abbreviation, see University of Phoenix.
UPX
the Ultimate Packer for eXecutables
Initial release May 26, 1998
Stable release 3.04 / September 27, 2009
Written in C++, Assembly
Operating system Windows, Linux, DOS, Atari
Type Executable compression
License GPL
Website upx.sf.net

UPX, the Ultimate Packer for eXecutables, is a free and open source executable packer supporting a number of file formats from different operating systems.

Contents

[edit] Compression

UPX uses a compression algorithm called UCL, which is an open source implementation of portions of the proprietary NRV - Not Really Vanished - algorithm.

UCL has been designed to be simple enough that a decompressor can be implemented in just a few hundred bytes of code. UCL requires no additional memory to be allocated for decompression, a considerable advantage that means that a UPX packed executable usually requires no additional memory.

UPX (since 2.90 beta) can use LZMA on most platforms; however, this is disabled by default for 16-bit due to slow decompression speed on older computers (use—lzma to force it on).

[edit] Decompression

UPX supports two mechanisms for decompression - an in-place technique and extraction to temporary file.

The in-place technique, which decompresses the executable into memory, is not possible on all supported platforms. The rest use extraction to temporary file. This procedure involves additional overhead and other disadvantages; however, it allows any executable file format to be packed. The executable is extracted to a temporary location, and then open() is used to obtain a file descriptor.

Once a file descriptor is obtained, the temporary file can be unlink()ed, the stub then uses execve() on the file handle (via /proc) to overwrite the stub with the executable image of the temporary file.

The extraction to temporary file method has several disadvantages:

  • special permissions are ignored, such as suid.
  • argv[0] will not be meaningful.
  • applications will be unable to share common segments.

Unmodified UPX packing is often detected and unpacked by anti-virus scanners. UPX also has a built-in feature for unpacking unmodified executables packed with itself. The default license for the existing stubs explicitly forbids modification that prevent manual unpacking / repacking with newer UPX versions.

[edit] Supported formats

[edit] External links

Free software portal
v  d  e
Data compression software implementations
Video compression
(Comparison)
Others
Audio compression
(Comparison)
Archivers
(Comparison)
7-Zip · Ark · bzip2 · compress · File Roller · gzip · Info-ZIP · KGB Archiver · lzop · PAQ · PeaZip · The Unarchiver · tar · Xarchiver
7zX · DGCA · Filzip · IZArc · LHA · StuffIt Expander (decompression only)  · TUGZip · UHarc/WinUHA · Zipeg · ZipGenius
ARC · ARJ · JAR · Info-ZIP · LHA · lzop · PAQ · PKZIP · RAR · UPX · UHarc · tar
See Compression methods for methods and Compression formats for formats
Retrieved from "http://en.wikipedia.org/wiki/UPX"