Careful with those optimisations

I was looking over some older computer magazines today and found a promising series of articles on anticracking in a Slovak IT magazine called InfoWare. I didn’t really have much time to read the whole series, so I just peeked at the enclosed source codes.

One code snippet caught my attention in particular. The code went like this:

float sumOfNumbers = 90 - 1 + 0.03 + 50 + 300 + 0.3 - 50;
if (sumOfNumbers == 389.33) {
    // everything's all right
} else {
    // now confuse the cracker
}

The text around this snippet was talking something about making constants in programs more confusing.

Well – in source code, this is really terrifying and confusing. It works well, if you want to protect your source code against modifications by the mystified programmers (or by you). It will hardly confuse a cracker, who sees only the binary version. The reason? Compiler optimizations.

I made a little experiment with this code:

float f = 3.1 + 5.8 + 1.1;

if (f == 10)
    printf("Aloha");

I compiled it in Visual C++ with full compiler optimizations (the “release mode”) and glanced at the produced code. The above code was compiled into this:

push Test.004020E4                       ; /format = "Aloha"
call dword ptr ds:[<&MSVCR80.printf>]    ; \printf

Only the printf call was left from the original code. Not very confusing anymore, is it?

Built with Hugo
Theme Stack designed by Jimmy