System and method for obfuscating constants in a computer program

US 8,874,928 B2
Filed: 10/31/2008
Issued: 10/28/2014
Est. Priority Date: 10/31/2008
Status: Active Grant

First Claim

Patent Images

1. A method comprising:

generating, via a processor, a table of constants;

compiling source code to produce a compiled binary having an array and compiled constants, each constant in the table of constants corresponding to a compiled constant;

constructing an indirection table, wherein each entry contains a first reference to a data representation of a set of instructions in the compiled binary that is equivalent to a compiled constant corresponding to a constant in the table of constants;

removing from the compiled binary each compiled constant corresponding to a constant in the table of constants by replacing, in the compiled binary, each compiled constant corresponding to a constant in the table of constants with a respective second reference to an entry in the indirection table that is equivalent to the compiled constant; and

storing the indirection table in the array in the compiled binary.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Disclosed herein are systems, computer-implemented methods, and tangible computer-readable media for obfuscating constants in a binary. The method includes generating a table of constants, allocating an array in source code, compiling the source code to a binary, transforming the table of constants to match Pcode entries in an indirection table so that each constant in the table of constants can be fetched by an entry in the indirection table. A Pcode is a data representation of a set of instructions populating the indirection table with offsets toward the table of constants storing the indirection table in the allocated array in the compiled binary. The method further includes populating the indirection table with offsets equivalent to the table of constants, and storing the indirection table in the allocated array in the compiled binary. Constants can be of any data type. Constants can be one byte each or more than one byte each. In one aspect, the method further includes splitting constants into two or more segments, treating each segment as a separate constant when transforming the table of constants, and generating a function to retrieve and reconstruct the split constants.

17 Citations

View as Search Results

20 Claims

1. A method comprising:
- generating, via a processor, a table of constants;
  
  compiling source code to produce a compiled binary having an array and compiled constants, each constant in the table of constants corresponding to a compiled constant;
  
  constructing an indirection table, wherein each entry contains a first reference to a data representation of a set of instructions in the compiled binary that is equivalent to a compiled constant corresponding to a constant in the table of constants;
  
  removing from the compiled binary each compiled constant corresponding to a constant in the table of constants by replacing, in the compiled binary, each compiled constant corresponding to a constant in the table of constants with a respective second reference to an entry in the indirection table that is equivalent to the compiled constant; and
  
  storing the indirection table in the array in the compiled binary.
- View Dependent Claims (2, 3, 4, 5, 6, 7)
- - 2. The method of claim 1, wherein constants can be of any data type.
  - 3. The method of claim 1, the method further comprising:
    - splitting constants into two or more segments;
      
      treating each segment as a separate constant; and
      
      generating instructions to retrieve and reconstruct the split constants.
  - 4. The method of claim 1, wherein bits in the table of constants are masked.
  - 5. The method of claim 1, wherein bits in the table of constants are complementary.
  - 6. The method of claim 1, the method further comprising adding a missing instructions table containing at least one missing byte value if the compiled binary does not contain at least one data representation of a set of instructions equivalent to a compiled constant corresponding to a constant in the table of constants.
  - 7. The method of claim 1, the method further comprising applying a position tracker when the data representations of a set of instructions and the constants are different sizes of bits.

8. A system comprising:
- a processor;
  
  a memory storing instructions for controlling the processor to perform steps comprising;
  
  generating a table of constants;
  
  compiling source code to produce a compiled binary having an array and compiled constants, each constant in the table of constants corresponding to a compiled constant;
  
  constructing an indirection table, wherein each entry contains a first reference to a data representation of a set of instruction in the compiled binary that is equivalent to a compiled constant corresponding to a constant in the table of constants;
  
  removing from the compiled binary each compiled constant corresponding to a constant in the table of constants by replacing, in the compiled binary, each compiled constant corresponding to a constant in the table of constants with a respective second reference to an entry in the indirection table that is equivalent to the compiled constant; and
  
  storing the indirection table in the array in the compiled binary.
- View Dependent Claims (9, 10, 11, 12, 13, 14)
- - 9. The system of claim 8, wherein constants can be of any data type.
  - 10. The system of claim 8, the steps further comprising:
    - splitting constants into two or more segments;
      
      treating each segment as a separate constant; and
      
      generating instructions to retrieve and reconstruct the split constants.
  - 11. The system of claim 8, wherein bits in the table of constants are masked.
  - 12. The system of claim 8, wherein bits in the table of constants are complementary.
  - 13. The system of claim 8, the steps further comprising adding a missing instructions table containing at least one missing byte value if the compiled binary does not contain at least one data representation of a set of instructions equivalent to a compiled constant corresponding to a constant in the table of constants.
  - 14. The system of claim 8, the steps further comprising applying a position tracker when the data representations of a set of instructions and the constants are different sizes of bits.

15. A non-transitory computer-readable storage medium storing instructions which, when executed by a computing device, cause the computing device to perform steps comprising:
- generating a table of constants;
  
  compiling source code to produce a compiled binary having an array and compiled constants, each constant in the table of constants corresponding to a compiled constant;
  
  constructing an indirection table, wherein each entry contains a first reference to a data representation of a set of instructions in the compiled binary that is equivalent to a compiled constant corresponding to a constant in the table of constants;
  
  removing from the complied binary each compiled constant corresponding to a constant in the table of constants by replacing, in the compiled binary, each compiled constant corresponding to a constant in the table of constants with a respective second reference to an entry in the indirection table that is equivalent to the compiled constant; and
  
  storing the indirection table in the array in the compiled binary.
- View Dependent Claims (16, 17, 18, 19, 20)
- - 16. The non-transitory computer-readable storage medium of claim 15, wherein constants can be of any data type.
  - 17. The non-transitory computer-readable storage medium of claim 15, the instructions further comprising:
    - splitting constants into two or more segments;
      
      treating each segment as a separate; and
      
      generating instructions to retrieve and reconstruct the split constants.
  - 18. The non-transitory computer-readable storage medium of claim 15, wherein bits in the table of constants are masked.
  - 19. The non-transitory computer-readable storage medium of claim 15, wherein bits in the table of constants are complementary.
  - 20. The non-transitory computer-readable storage medium of claim 15, the instructions further comprising adding a missing instructions table containing at least one missing byte value if the compiled binary does not contain at least one data representation of a set of instructions equivalent to a compiled constant corresponding to a constant in the table of constants.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Apple Inc.
Original Assignee
Apple Inc.
Inventors
Betouin, Pierre, Ciet, Mathieu, Farrugia, Augustin J.
Primary Examiner(s)
CHOUDHURY, AZIZUL Q

Application Number

US12/263,183
Publication Number

US 20100115287A1
Time in Patent Office

2,188 Days
Field of Search
US Class Current

713/189
CPC Class Codes

G06F 21/125   by manipulating the program...

G06F 8/41   Compilation

G06F 8/42   Syntactic analysis

G06F 8/427   Parsing

G06F 8/433   Dependency analysis; Data o...

G06F 8/434   Pointers; Aliasing

System and method for obfuscating constants in a computer program

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

17 Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

System and method for obfuscating constants in a computer program

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

17 Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links