System and method for obfuscating constants in a computer program
First Claim
1. A method comprising:
- generating, via a processor, a table of constants;
compiling source code to produce a compiled binary having an array and compiled constants, each constant in the table of constants corresponding to a compiled constant;
constructing an indirection table, wherein each entry contains a first reference to a data representation of a set of instructions in the compiled binary that is equivalent to a compiled constant corresponding to a constant in the table of constants;
removing from the compiled binary each compiled constant corresponding to a constant in the table of constants by replacing, in the compiled binary, each compiled constant corresponding to a constant in the table of constants with a respective second reference to an entry in the indirection table that is equivalent to the compiled constant; and
storing the indirection table in the array in the compiled binary.
1 Assignment
0 Petitions
Accused Products
Abstract
Disclosed herein are systems, computer-implemented methods, and tangible computer-readable media for obfuscating constants in a binary. The method includes generating a table of constants, allocating an array in source code, compiling the source code to a binary, transforming the table of constants to match Pcode entries in an indirection table so that each constant in the table of constants can be fetched by an entry in the indirection table. A Pcode is a data representation of a set of instructions populating the indirection table with offsets toward the table of constants storing the indirection table in the allocated array in the compiled binary. The method further includes populating the indirection table with offsets equivalent to the table of constants, and storing the indirection table in the allocated array in the compiled binary. Constants can be of any data type. Constants can be one byte each or more than one byte each. In one aspect, the method further includes splitting constants into two or more segments, treating each segment as a separate constant when transforming the table of constants, and generating a function to retrieve and reconstruct the split constants.
17 Citations
20 Claims
-
1. A method comprising:
-
generating, via a processor, a table of constants; compiling source code to produce a compiled binary having an array and compiled constants, each constant in the table of constants corresponding to a compiled constant; constructing an indirection table, wherein each entry contains a first reference to a data representation of a set of instructions in the compiled binary that is equivalent to a compiled constant corresponding to a constant in the table of constants; removing from the compiled binary each compiled constant corresponding to a constant in the table of constants by replacing, in the compiled binary, each compiled constant corresponding to a constant in the table of constants with a respective second reference to an entry in the indirection table that is equivalent to the compiled constant; and storing the indirection table in the array in the compiled binary. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A system comprising:
-
a processor; a memory storing instructions for controlling the processor to perform steps comprising; generating a table of constants; compiling source code to produce a compiled binary having an array and compiled constants, each constant in the table of constants corresponding to a compiled constant; constructing an indirection table, wherein each entry contains a first reference to a data representation of a set of instruction in the compiled binary that is equivalent to a compiled constant corresponding to a constant in the table of constants; removing from the compiled binary each compiled constant corresponding to a constant in the table of constants by replacing, in the compiled binary, each compiled constant corresponding to a constant in the table of constants with a respective second reference to an entry in the indirection table that is equivalent to the compiled constant; and storing the indirection table in the array in the compiled binary. - View Dependent Claims (9, 10, 11, 12, 13, 14)
-
-
15. A non-transitory computer-readable storage medium storing instructions which, when executed by a computing device, cause the computing device to perform steps comprising:
-
generating a table of constants; compiling source code to produce a compiled binary having an array and compiled constants, each constant in the table of constants corresponding to a compiled constant; constructing an indirection table, wherein each entry contains a first reference to a data representation of a set of instructions in the compiled binary that is equivalent to a compiled constant corresponding to a constant in the table of constants; removing from the complied binary each compiled constant corresponding to a constant in the table of constants by replacing, in the compiled binary, each compiled constant corresponding to a constant in the table of constants with a respective second reference to an entry in the indirection table that is equivalent to the compiled constant; and storing the indirection table in the array in the compiled binary. - View Dependent Claims (16, 17, 18, 19, 20)
-
Specification