|
Boost : |
Subject: Re: [boost] Is there any interest in getting pseudo random number generation using preprocessor at compile time into the Preprocessor library?
From: Alexander Stoyan (alexander.stoyan_at_[hidden])
Date: 2012-07-13 08:45:53
Well, just for example you're working on a secure app and you want to wrap
each function with anti-debugging tricks, and let's say you have 10 inline
functions that implement different anti-debugging tricks, and you want a
random calls would be inserted with each new release of the app. Will you
change calls manually with each new build all across the code manually, or
it'll be easier to change PP_RAND_SEED value?
VC example:
//--------------------------------------------------------------------------
------
// main.cpp
#define PP_RAND_SEED 34523
inline void PreventDebugging_1() { puts(__FUNCTION__); }
inline void PreventDebugging_2() { puts(__FUNCTION__); }
inline void PreventDebugging_3() { puts(__FUNCTION__); }
inline void PreventDebugging_4() { puts(__FUNCTION__); }
inline void PreventDebugging_5() { puts(__FUNCTION__); }
inline void PreventDebugging_6() { puts(__FUNCTION__); }
inline void PreventDebugging_7() { puts(__FUNCTION__); }
inline void PreventDebugging_8() { puts(__FUNCTION__); }
inline void PreventDebugging_9() { puts(__FUNCTION__); }
inline void PreventDebugging_10() { puts(__FUNCTION__); }
class SecretLogic
{
public:
void DoStuff1()
{
#include "abdg.h"
// ...
#include "abdg.h"
}
void DoStuff2()
{
#include "abdg.h"
// ...
#include "abdg.h"
}
void DoStuff3()
{
#include "abdg.h"
// ...
#include "abdg.h"
}
void DoStuff4()
{
#include "abdg.h"
// ...
#include "abdg.h"
}
};
int _tmain(int argc, _TCHAR* argv[])
{
SecretLogic logic;
logic.DoStuff1();
logic.DoStuff2();
logic.DoStuff3();
logic.DoStuff4();
return 0;
}
//--------------------------------------------------------------------------
------
// adbg.h
#pragma push_macro("PP_RAND_MIN")
#pragma push_macro("PP_RAND_MAX")
#ifdef PP_RAND_MIN
#undef PP_RAND_MIN
#endif
#ifdef PP_RAND_MAX
#undef PP_RAND_MAX
#endif
#define PP_RAND_MIN 1
#define PP_RAND_MAX 10
#include "pprand.h"
#define PREVENT_DEBUGGING_(n) PreventDebugging_ ## n()
#define PREVENT_DEBUGGING(n) PREVENT_DEBUGGING_(n)
PREVENT_DEBUGGING(PP_RAND);
#undef PP_RAND_MIN
#undef PP_RAND_MAX
#pragma pop_macro("PP_RAND_MAX")
#pragma pop_macro("PP_RAND_MIN")
//--------------------------------------------------------------------------
------
// Output for PP_RAND_SEED=34523
//--------------------------------------------------------------------------
------
PreventDebugging_6
PreventDebugging_3
PreventDebugging_7
PreventDebugging_4
PreventDebugging_9
PreventDebugging_8
PreventDebugging_4
PreventDebugging_5
//--------------------------------------------------------------------------
------
// Output for PP_RAND_SEED=876
//--------------------------------------------------------------------------
------
PreventDebugging_4
PreventDebugging_5
PreventDebugging_9
PreventDebugging_6
PreventDebugging_2
PreventDebugging_6
PreventDebugging_6
PreventDebugging_2
//--------------------------------------------------------------------------
------
// Output for PP_RAND_SEED=9879
//--------------------------------------------------------------------------
------
PreventDebugging_4
PreventDebugging_3
PreventDebugging_7
PreventDebugging_1
PreventDebugging_6
PreventDebugging_2
PreventDebugging_4
PreventDebugging_4
In fact, it is possible to create a simple shell script for C++ compiler
response file generation where PP_RAND_SEED would take new random value
prior to each new build.
Thanks.
-----Original Message-----
From: boost-bounces_at_[hidden] [mailto:boost-bounces_at_[hidden]]
On Behalf Of Steven Watanabe
Sent: Thursday, July 12, 2012 11:46 PM
To: boost_at_[hidden]
Subject: Re: [boost] Is there any interest in getting pseudo random number
generation using preprocessor at compile time into the Preprocessor library?
AMDG
On 07/12/2012 01:02 PM, Alexander Stoyan wrote:
> For example, a protected code has to be surrounded by
> PROTECTION_START(level) ... PROTECTION_END() macros, where 'level' is
> a good candidate for being random at compile time.
I don't have a clue what this macro does.
> In general, this feature is very
> useful for many code obfuscation mechanisms.
Like what? Is the preprocessor really
the best tool for obfuscating code?
> This is similar to __COUNTER__,
> though not everybody use __COUNTER__ but it doesn't make it useless.
>
In preprocessor programming it's not uncommon to need /unique/ variable
names, for which __COUNTER__ works quite well. I just don't really
understand the need for a full PRNG.
In Christ,
Steven Watanabe
_______________________________________________
Unsubscribe & other changes:
http://lists.boost.org/mailman/listinfo.cgi/boost
Boost list run by bdawes at acm.org, gregod at cs.rpi.edu, cpdaniel at pacbell.net, john at johnmaddock.co.uk