Professional Web Applications Themes

"Randomzing" filenames during compilation - UNIX Programming

When I compile a set of files and make them into a library they contain filenames of the original source files. Every compiler works like that including those running under unix/linux. You don't need to be very smart in order to use some dumping utilities which will extract this information on compiled objects or libraries. Since some of my files contain specific information (in their filenames) about algorithms I used, I know that some attackers might find it useful to investigate my files which I naturally have no interest in. What I'd like to do is to compile all files ...

  1. #1

    Default "Randomzing" filenames during compilation

    When I compile a set of files and make them into a library they contain
    filenames of the original source files. Every compiler works like that
    including those running under unix/linux.

    You don't need to be very smart in order to use some dumping utilities which
    will extract this information on compiled objects or libraries. Since some
    of my files contain specific information (in their filenames) about
    algorithms I used, I know that some attackers might find it useful to
    investigate my files which I naturally have no interest in.

    What I'd like to do is to compile all files as a sequence of pseudo random
    names. So my_super_cool_algorithm.c / .o will become "randomfile1".o and
    when made into a library the original name "my_super_cool_algorithm" won't
    be visible anymore.

    I know this is possible because I've already investigated other libraries
    where all object files were named a0, a1, a2, a3, a4, a5... etc.

    So I wrote a program which writes a "table" of new names. It takes the
    original filename as input and gives a new name as output (written to
    stdout). Additionally there is a lookup table in this program so if the
    input file is given twice, the same output file name will be printed out.

    My thought is to intergrate this utility with make tools (since I already
    use make for building) but so far I havn't figured out how or IF it's even
    possible.

    Anyone got a clue how to hide original filenames in library files?
    The alternative is to make a post-processing utility which will do a string
    based search and replacement. However I think some object files (on some
    platforms) have checksums and similar which I worry about will be changed if
    I do it this way.

    Any suggestions?

    Thanks in advance.
    -- John


    John Guest

  2. #2

    Default Re: "Randomzing" filenames during compilation

    "John Smith" <net> writes:
     

    man strip

    --
    Måns Rullgård
    se
    Måns Guest

  3. #3

    Default Re: "Randomzing" filenames during compilation

    "John Smith" <net> writes:
     

    Just have that utility create a new copy of your source tree (with
    files renamed), and a new Makefile.

    se (Måns Rullgård) writes: 

    John's final product is a linkable library (if I understood him
    correctly). A library composed from stripped objects will not do
    his customers much good.

    Cheers,
    --
    In order to understand recursion you must first understand recursion.
    Remove /-nsp/ for email.
    Paul Guest

  4. #4

    Default Re: "Randomzing" filenames during compilation

    > Just have that utility create a new copy of your source tree (with 

    Even though it's not really perfect it's surely a workable idea. Thanks for
    the suggestion. It's the best one I've gotten so far.
     
    >
    > John's final product is a linkable library (if I understood him
    > correctly). A library composed from stripped objects will not do
    > his customers much good.[/ref]

    Thats correct. I distribute libraries containing object files.

    -- John


    John Guest

  5. #5

    Default Re: "Randomzing" filenames during compilation

    Paul Pluzhnikov <net> writes:
     
    >
    > John's final product is a linkable library (if I understood him
    > correctly). A library composed from stripped objects will not do
    > his customers much good.[/ref]

    It's perfectly possible to link with stripped objects. The linker
    doesn't need to know the name of the source file or any other
    debugging information. If he's worried about the names of library
    entry points revealing information he should probably not be releasing
    it at all.

    --
    Måns Rullgård
    se
    Måns Guest

  6. #6

    Default Re: "Randomzing" filenames during compilation

    Paul Pluzhnikov wrote: 
    >
    >
    > Just have that utility create a new copy of your source tree (with
    > files renamed), and a new Makefile.[/ref]

    Another option would be to make one more C file called, say, wrapper.c.
    This file would simply #include all the other C files. Compile that and
    put it in a library which will show only wrapper.o. Of course linked
    binaries may get bigger as they'll take all the code from this library
    instead of just what they need. Depending on the size of the library
    that may or may not be a big deal.

    MB

    Mohun Guest

  7. #7

    Default Re: "Randomzing" filenames during compilation

    se (Måns Rullgård) writes:
     

    It is possible to link with *partially* stripped objects.
     

    On many systems 'strip' will remove both source/debug info, *and*
    symbol table, making the object unusable.

    Cheers,
    --
    In order to understand recursion you must first understand recursion.
    Remove /-nsp/ for email.
    Paul Guest

  8. #8

    Default Re: "Randomzing" filenames during compilation

    Paul Pluzhnikov <net> writes:
     
    >
    > It is possible to link with *partially* stripped objects.

    >
    > On many systems 'strip' will remove both source/debug info, *and*
    > symbol table, making the object unusable.[/ref]

    Those that I have used removed only as much as possible without
    damaging the usability of the files. There can obviously be strip
    programs with other behaviors out there.

    --
    Måns Rullgård
    se
    Måns Guest

  9. #9

    Default Re: "Randomzing" filenames during compilation

    > Another option would be to make one more C file called, say, wrapper.c. 
    Thanks alot for the suggestion.
    From all the possibilities this one is surely the easiest one because it
    works with any compiler and requires no extra tools.
    I did it on my code and to my surprise the library size went from 300 kb to
    100 kb. Yes the linked file will be larger but with 100 kb libraries I
    couldn't care less.

    -- John


    John Guest

Similar Threads

  1. Compilation errors using #include "PDSReadProcs.h"
    By Abhishek_Asthana@adobeforums.com in forum Adobe Acrobat SDK
    Replies: 5
    Last Post: October 23rd, 01:52 PM
  2. CFINPUT type="radio" w/ "value" requires "label"
    By Iceborer in forum Macromedia ColdFusion
    Replies: 2
    Last Post: February 21st, 06:16 PM
  3. compilation and/or getting to the "ASP" assembly
    By Miles Thompson in forum ASP.NET Building Controls
    Replies: 0
    Last Post: February 19th, 12:41 AM
  4. Can I stop PS from adding the word "copy" to filenames?
    By John_Prusinski@adobeforums.com in forum Adobe Photoshop 7, CS, CS2 & CS3
    Replies: 12
    Last Post: October 2nd, 07:52 PM

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139