Hello, Jacques. Jacques G. wrote... >From one horror story I read on the site about a >programmer that had sabotaged source code: > >"The company used the SRS on the object code they were >running. In addition, they compiled the suspect source >code and used the SRS on that set. By comparing the >two source code result sets they figured out which >programs had been sabotaged." > >Why not simply compare the binaries ? Unix has a >small program called: "cmp" that can compare two files >and Windows has "comp". >You can tell which ones have been changed that way.
There are several challenges with binary comparison of object code. Different releases of a compiler may generate slightly different object code. The code will execute properly, but the differences foil the comparison. Here are some of the most frequent differences encountered: 1) The way the UV compiler allocates temporary registers has changed many times over the releases. 2) The way the UV compiler issues NOP instructions to maintain alignment has changed from release to release. 3) Newer op-codes may be used by later compilers. 4) The flavor of the account, the $OPTIONS that are set, or the compiler command line options may cause the use of different op-codes. 5) The path to the original source code, stored in the object code may be different and cause the comparison to fail otherwise identical object code. I have been developing a program that analyzes all of the source code, object code and cataloged programs on a system, trying to determine if any of the object code or cataloged programs are missing their source code. For the reasons listed above, this is not a trivial exercise. If any end-users are interested in being an alpha site come February 2006, drop me a note off-list. >You can also know when the files were last compiled by >looking at the dates with ls -al on the binary. That works as long as the files have not been touched. >Still I think the decompiler can be a useful tool. >I've worked with a client who purchased a package some >years back and they only have the binaries. If the >supplier ever goes out of business they are in >trouble. We provide the source recovery service to help end-users when their application supplier is unable, for whatever reason. Some of our customers are actually application suppliers. They bring us in when they are unable to help the client. They work with us to help the customer become whole or self-sufficient. Best regards, Gyle www.srs4uv.com ------- u2-users mailing list [email protected] To unsubscribe please visit http://listserver.u2ug.org/
