I have an application that I'm trying to obfuscate. When unobfuscated, the program emits NLog logging messages, but after obfuscation, it doesn't generate any messages at all even though the rest of the application operates as expected. I've tried several obfuscators and they have the same symptoms. Does anyone have any suggestions of places to look. I generated the NLog internal logging facilities and they appear identical. My configuration is quite simple:
// enable internal logging to the console
InternalLogger.LogToConsole = true;
// enable internal logging to a file
InternalLogger.LogFile = "log.txt";
// set internal log level
InternalLogger.LogLevel = LogLevel.Trace;
LogTarget = new MemoryTarget();
LogTarget.Layout = "${message}";
NLog.Config.SimpleConfigurator.ConfigureForTargetLogging(LogTarget, LogLevel.Trace);
Most probably, NLog is using Reflection in some way which is causing the obfuscated assembly to fail to log.
Are you obfuscating the NLog assembly as well or just your own assembly?
Try turning of "Symbol Renaming" in your obfuscation tool to see if it makes a difference. If it works, then you know the cause and you can drill down to exclude from renaming the relevant classes/members.
Related
Previously, I asked and received advice on invoking Clang Static Analyzer for doing cross-translation-unit analysis. But this is now a separate issue.
What I want to ask here, do I need to include linker commands when using the newer CodeChecker?
CodeChecker dev here. Linker information is not used during the analysis. You can read about the CTU mode in this user guide: https://github.com/Ericsson/codechecker/blob/master/docs/analyzer/user_guide.md#cross-translation-unit-ctu-analysis-mode
The workflow when using CTU mode is more or less the same, like without it. The standard workflow is to do a CodeChecker log then a CodeChecker analyse then a CodeChecker parse or store to view the results, just add the --ctu flag to the analysis command.
Let me state upfront that I truly appreciate any assistance on this issue.
I have a C# (2.0) application. This is relatively simple application that executes stored procedures based on an XML file that is passed as a command line parameter.
We use it as a tool to call different stored procedures. This application does some logging and for the most part works very well.
The application reads the stored procedure name and parameters from an XML file. It sets up a connection string and SQL Command object (System.Data.SqlClient.SqlCommand).
Then it runs the stored procedure with the ExecuteReader method.
Unfortunately on a handful of occasions this application has generated the following error:
“Application popup: StoredProcLauncher.exe - Application Error : The instruction
at "0x7c82c912" referenced memory at "0x00000000". The memory could not be "read”
This error has appeared on multiple servers so it must be a code issue.
It seems that when our production server rolls a certain number it belches out this memory error.
The problem is I don’t see this issue on development. I can’t replicate it so I’m stuck.
Is there any way to simulate this error. Can I fill up the memory on my local PC somehow to attempt to replicate this error?
Does anyone know some common coding issues that might result in an error like this?
Does anyone have some rope I can borrow?
One way to do this is to wrap the offending code in a try catch block and writing the stack trace and error message to the windows application event log, text file, email, etc.
This will give you some line numbers and additional information.
Also note, you may need to deploy this in debug mode or at least copy the .pdb file with the application exe/dll so it can get the debug symbols. Can't remember off the top of my head how that works, but I think when you deploy in release mode you may loose some valuable debug information.
The instruction at "0x7c82c912" referenced memory at "0x00000000"
This is an access violation:
An access violation occurs in unmanaged or unsafe code when the code attempts to read or write to memory that has not been allocated, or to which it does not have access. This usually occurs because a pointer has a bad value.
Why does your program have unmanaged/unsafe code? For doing what you described it needs no native code.
Alas, the code crashes and now is not the time to wonder how is ending up calling native code. To solve the issue you're going to have to catch a dump and analyze the dump. See Capturing Application Crash Dumps. There are tools that specialize in this, like breakpad. there are also services that can help you collect and track crashes generated from your app, like crittercism.com or AirBrake. I even created one for myself and made it public bugcollect.com.
Is it possible to redirect the output of GWT.log() from the development console to a file? I need to debug a compiled GWT app and any logging or exception traces would be really nice.
GWT.log is compiled out, there is no way to get access to it when compiled to production.
On the other hand, GWT now has support for java.util.Logging, which can, when compiled in, send errors to the server for use however you want. It also can print these logging statements to a in-browser console, such as a popup or Firebug/Chrome Inspector. See http://code.google.com/webtoolkit/doc/latest/DevGuideLogging.html#Remote_Logging (and other sections on that page) for more details.
Keep in mind that unless you compile in full stack trace info, the exceptions will be very hard to read. See http://code.google.com/p/google-web-toolkit/wiki/WebModeExceptions#Emulated_Stack_Data for more info.
There is no way for a browser (without dev mode running) to write to a local file, for logging or other reasons. This is done for security reasons. Html5 might have support for some of these things, but they won't be supported in older browsers.
I have an application that uses LoadLibrary on Windows to dynamically load plugins. However some of the plugins have other dependent DLLs, such as database client DLLs.
When you attempt to load such a DLL and one of the dependent DLLs doesn't exist you get a nasty Windows dialog:
"The program can't start because xxx.ddl is missing from your computer. Try reinstalling the program to fix this problem."
Is there any easy way to avoid this dialog? I was hoping one could use LoadLibraryEx and pass a flag that says "don't give me that annoying dialog", but it doesn't seem like it.
What I'd like is for the application to handle that error, rather than Windows handling it for me, especially as the text of the message is incorrect (the problem isn't that the program can't start, the program is running quite happily, it just can't load this plugin).
What I'd like to avoid is having to rewrite the plugins that have these external dependencies to make them themselves do a dynamic load of any dependent modules and then query for any entry points.
Anyway, any suggestions would be gratefully received.
Use SetErrorMode(). Use it with SEM_NOOPENFILEERRORBOX | SEM_FAILCRITICALERRORS before you load the DLL and with 0 right after.
From MSDN:
To enable or disable error messages displayed by the loader during DLL loads, use the SetErrorMode function.
Link here
I'm creating a regular windows application that will be distributed to several users on my department. I'll need to include some connectivity passwords on the App.config file, and I obviously don't want end-users to just fire up notepad and look at the passwords.
Several articles point on how to encrypt/decrypt configuration sections, but it appears you have to share/ship some keys with the deployable solution.
Is there a simpler way, to just cipher some of the settings so that they are not user-readable, but that don't require extra steps or files when redistributing the program? Great plus would be that accessing the configuration settings is still transparent inside the .NET code. I could always just create a custom method to salt/cipher the string and in my custom code decrypt it, but I'm wondering if there's something simpler.
Any answers or links to articles on how to do this are greatly appreciated. Thanks
If you are trying to encrypt your connection string in your App.Config/Web.Config, you can do so using the Configuration class:
Configuration config = ConfigurationManager. OpenExeConfiguration(ConfigurationUserLevel.None);
ConfigurationSection section = config.GetSection("connectionStrings");
if (section != null)
{
if (!section.IsReadOnly())
{
section.SectionInformation.ProtectSection ("RsaProtectedConfigurationProvider");
section.SectionInformation.ForceSave = true;
config.Save(ConfigurationSaveMode.Full);
}
}
There are two methods: RsaProtectedConfigurationProvider and DPAPIProtectedConfigurationProvider
See this --> http://www.codeproject.com/KB/cs/Configuration_File.aspx and http://msdn.microsoft.com/en-us/library/89211k9b(VS.80).aspx.
In short, cryptography isn't a magic wand that can magically fix an insecure program.
An attacker will try to obtain passwords from memory using a Debugger while the application is running. The passwords will also exist in the binary and these can be easily obtained. The use of any encryption can be bypassed because the password must be in plain text at the time of use. Any time memory is used it can also be observed with a debugger.
The answer lies in anti-debugging: http://www.codeproject.com/KB/security/Intro_To_Win_Anti_Debug.aspx
More advanced windows Anti-Debugging:
http://www.veracode.com/blog/2008/12/anti-debugging-series-part-i/
http://www.veracode.com/blog/2008/12/anti-debugging-series-part-ii/
http://www.veracode.com/blog/2009/01/anti-debugging-series-part-iii/
http://www.veracode.com/blog/2009/02/anti-debugging-series-part-iv/
Either way, the encryption and decryption of the application configuration file is pointless as the .EXE can be examined by Reflector!
Sure you can obfuscate the code but that will make debugging a nightmare in a production environment where a strange unknown/undiscovered bug crept in as you would not be able to tell what/where/why/how to monitor for a strange bug that will only show up in release as the stacktrace and error messages would be obfuscated also...
That is something to bear in mind about and a potential pitfall...the user may not be tech savvy, but sure they could in theory, ask a friend/relative/partner to hack/break it without your knowledge..This answer is not meant to put you off, and hope you don't feel offended by my answer...
Hope this helps,
Best regards,
Tom.