I have this funny idea: write some data (say variable of integer type) to the end of the executable itself and then read it on the next run.
Is this possible? Is it a bad thing to do (I'm pretty sure it's :) )? How one would approach this problem?
Additional:
I would prefer to do this with C under Linux OS, but answers with any combination of programming language/OS would be appreciated.
EDIT:
After some time playing with the idea, it became apparent that Linux won't allow to write to a file while it's being executed. However, it allows to delete it.
My vision of the writing process at this point:
make a copy of the program from withing a program
append data to the end of the copy
make a program to delete itself
rename copy to the original name
Will try to implement that as soon as I have some time.
If anyone is interested about how "delete itself" works under Linux - look for info about inode. It's not possible to do this under Windows, as far as I know (might be wrong).
EDIT 2:
Have implemented a working example under Linux with C.
It basically use a strategy described above, i.e. appending bits of data to the end of the copy program, deletes itself and renaming program to the original name. It accepts integers to save as single argument in the CLI, and prints old data as well.
This surely won't work under Windows (although I found some options on a quick search), but I'm curious how it's gonna behave under OS X.
Efficiency thoughts:
Obviously copying whole executable isn't efficient. I guess that something faster is possible with another helper executable that will do the same after program stops executing.
It's not reusing old space but just appending new data to the end on each run. This can be fixed with some footer reservation process (maybe will try to implement this in the future)
EDIT 3:
Surprisingly, it works with OS X! (ver. 10.11.5, default gcc).
Related
Currently, I am taking some measurements and saving the data in a txt file. My C program is supposed to run without interruptions and it writes several files, one after the other. On another machine I want to have a routine to copy the files that are done writing and are ready to be analysed. To distinguish between them, I want the files to be written with a tag, something like: *.part.txt.
I was thinking of using the rename() function. My problem is, I do not know how to easily change the string from *.part.txt to just *.txt.
This would be much easier using Python, but I have to use C for this one and sadly, I lack the necessary experience to solve this by myself.
I'm working on a project in golang that needs to index recently added file content (using framework called bleve), and I'm looking for a solution to get content of a file since last modification. My current work-around is to record the last indexed position of each file, and during indexing process later on I only retrieve file content starting from the previous recorded position.
So I wonder if there's any library or built-in functionality for this? (doesn't need to be restricted to go, any language could work)
I'll really appreciate it if anyone has a better idea than my work-around as well!
Thanks
It depends on how the files change.
If the files are append-only, then you only need to record the last offset where you stopped indexing, and start from there.
If the changes can happen anywhere, and the changes are mostly replacing old bytes with new bytes (like changing pixels of an image), then perhaps you can consider computing checksum for small chucks, and only index those chunks that has different checksums.
You can check out crypto package in Go standard library for computing hashes.
If the changes are line insertion/deletion to text files (like changes to source code), then maybe a diff algorithm can help you find the differences. Something like https://github.com/octavore/delta.
If you're running in a Unix-like system, you could just use tail. If you specify to follow the file, the process will keep waiting after reaching end of file. You can invoke this in your program with os/exec and pipe the Stdout to your program. Your program can then read from it periodically or with blocking.
The only way I can think of to do this natively in Go is like how you described. There's also a library that tries to emulate tail in Go here: https://github.com/hpcloud/tail
I have a c code with a character array initialized to "hello world".
I would like to know if there is a possibility to re-initialize this character array upon each execution of the code, to some other random string. If not C, may I know if such an implementation is possible in any other programming language?
In detail, let's say my code looks like:
char c[] = "hello world";
.
.
After executing this code once, I want the char array c to be initialized automatically to some other random string (and not "hello world") and this should be a permanent change. This need is for security reasons. May I know if such a thing is even possible?
If not, may I know if it is possible to let the code self-destroy after executing it once?
It would be much easier to answer this question if you could describe what you are trying to achieve, rather than a particular mechanism you thought of to achieve it.
Modifying the running executable is typically prevented by modern operating systems, and for good reasons (security, integrity, etc). And modifying the executable on-disk is also inadvisable, for similar reasons. I'm sure there are other ways to achieve what you wish without resorting to self-modifying code.
I have a c code with a character array initialized to "hello world'. I would like to know if there is a possibility to re-initialize a this character array upon each execution of the code, to some other random string.
Yes, it's possible, but you would need to give the user write access to the executable to do so, find the correct offset in the binary, patch the file and save it intact atomically, etc, etc. There are many ways this can go wrong. Don't do it this way.
Instead of a statically allocated string in the executable itself, just have a separate resource file that contains the string(s) and whatever other state is required. You can change this resource file (INI file, data file, whatever) to modify the string as and when required (or even delete it). To provide security, you can digitally sign the file, which allows you to verify the contents are legitimate. If the signature fails, the software can refuse to work. You can also encrypt the contents so that it cannot be read out by an inquisitive user. (Unless they are handy with a debugger!)
If not C, may I know if such an implementation is possible in any other programming language?
It's mainly an OS restriction, including a regular user being able to write to an installed app in a system folder (typically something you do not want to allow). And if you can't do it in C, you probably can't do it in another language!
After executing this code once, I want the char array c to be initialized automatically to some other random string (and not "hello world") and this should be a permanent change. ... May I know if such a thing is even possible?
Yes indeed, but use a separate file as described above. Don't modify the executable itself.
This need is for security reasons.
The reason self-modifying code is disallowed in the first place is for security reasons. If you are attempting to implement some kind of copy protection, you would do well to research existing methods and tools and best practices, and possibly even use an off-the-shelf solution. This stuff is hard, and there are people who crack software for fun who could easily get around all but the most sophisticated protection schemes.
If not, may I know if it is possible to let the code self-destroy after executing it once?
You might be able to get the executable to delete itself, but this would typically require elevated privileges too.
Just get the program to check the signature on the resource file and refuse to run if it isn't valid.
You can self modify a EXE file, but you need to know:
You are basically reinventing the wheel doing it that way
Self modifying code is usually (in fact, most likely) flagged by antivirus software. Destroying the EXE after it is executed is even more shady.
How EXE (and ELF) files are executed
What the assembly language is
I'm making a program and one of the things it needs to do is transfer files. I would like to be able to check before I start moving files if the File system supports files of size X. What is the best way of going about this?
Go on with using a function like ftruncate to create a file of the desired size in advance, before the moving, and do the appropriate error-handling in case it fails.
There's no C standard generic API for this. You could simply try creating a file and writing junk to it until it is the size you want, then deleting it, but even that isn't guaranteed to give you the info you need - for instance another process might have come and written a large file in between your test and your transfer, taking up space you were hoping to use.
How to protect c++ output file(pe file) from editing using crc(Cyclic Redundancy Check)?
**Best Regards**
You can use CRC's to effectively check to see if a file was accidentally altered, but they are not effective for copy protection, or preventing cheats on a game.
Usually, when I program has some sort of CRC check, I find the code which does the check, and change the assembly instruction from a conditional branch to an unconditional branch. This is usually quite easy to find, because normally after a CRC fail, the program displays a message and exits. I place a break point when the message occurs, and examine all the frames in the stack. I then put break points on each point in the stack, run the program again, and see which one does the CRC check.
This isn't particularly difficult, and people often bundle little programs which will apply the same changes to the software of your choice.
You need a static variable in your code. The variable needs to be initialized to a value that can easily found with an hex editor (e.g. DEADBEEF)
you need a crc-algorithm (try searching google)
The tricky part. You need to get pointer in memory to the start and to the end of your exe. You can parse the pe file header for the code location and run the crc-algorithm from start of code to end of code. Then you have the value.
Of course you have to check the calculated value with the one in the static variable.
Inserting the value - depending on how often you build, you might want to programm a tool. You can always run your program and set a breakpoint on the comparison. Then you note down the value and hex-edit it into the executable. Or you create a standalone program that parses the pe-header as well, uses the same function (this time on the file) and patches it in. This could be complicated though, because I don't know what is changed by the OS during loading.