py2exe how safe is my source ? 
Author Message
 py2exe how safe is my source ?

I want to distribute my end product to clients. How safe is my source code ?
Can you easily reverse-engineer pyc files ?


Thu, 27 Nov 2003 20:42:49 GMT  
 py2exe how safe is my source ?

Quote:
> I want to distribute my end product to clients. How safe is my source code
?
> Can you easily reverse-engineer pyc files ?

Yes!  Consider a typical tr.py such as:

def greet(name):
    print "Hello",name

def rept(n):
    for i in range(n):
        greet(i)

It's trivial, given its .pyc, to perform:

Quote:
>>> import tr
>>> import dis
>>> dis.dis(tr)

Disassembly of greet:
          0 SET_LINENO               1

          3 SET_LINENO               2
          6 LOAD_CONST               1 ('Hello')
          9 PRINT_ITEM
         10 LOAD_FAST                0 (name)
         13 PRINT_ITEM
         14 PRINT_NEWLINE
         15 LOAD_CONST               0 (None)
         18 RETURN_VALUE

Disassembly of rept:
          0 SET_LINENO               4

          3 SET_LINENO               5
          6 SETUP_LOOP              38 (to 47)
          9 LOAD_GLOBAL              0 (range)
         12 LOAD_FAST                0 (n)
         15 CALL_FUNCTION            1
         18 LOAD_CONST               1 (0)

    >>   21 SET_LINENO               5
         24 FOR_LOOP                19 (to 46)
         27 STORE_FAST               1 (i)

         30 SET_LINENO               6
         33 LOAD_GLOBAL              3 (greet)
         36 LOAD_FAST                1 (i)
         39 CALL_FUNCTION            1
         42 POP_TOP
         43 JUMP_ABSOLUTE           21
    >>   46 POP_BLOCK
    >>   47 LOAD_CONST               0 (None)
         50 RETURN_VALUE

I don't know if anybody has bothered pattern-recognizing
the output of dis.dis back into python source, but at least
for one fixed Python version it should be rather doable.

From a .pyc you even get the line numbers to help you
reconstruct the exact layout, blank lines and all...  at least
a .pyo (as obtained for import when you run Python with
-O, or -OO to eliminate docstrings too) hides _that_:-)

Alex



Thu, 27 Nov 2003 23:06:15 GMT  
 py2exe how safe is my source ?

Quote:

> I don't know if anybody has bothered pattern-recognizing the output of
> dis.dis back into Python source, but at least for one fixed Python
> version it should be rather doable.

Yep.  There's a rather good program called "decompyle" which I've used
more than once :).

If you want your "source code" to be safe, don't give executables to your
customers.  You'd be surprised what a dedicated person with SoftICE can do
with a week or two.

                      ______      __   __  _____  _     _
                     |  ____ |      \_/   |_____] |_____|
                     |_____| |_____  |    |       |     |

                     http://twistedmatrix.com/users/glyph



Fri, 28 Nov 2003 06:19:11 GMT  
 py2exe how safe is my source ?
[Tomasz Stochmal, wonders about reverse-engineering .pyc files]

[Alex Martelli, doesn't cheer him up]

Quote:
> ...
> From a .pyc you even get the line numbers to help you
> reconstruct the exact layout, blank lines and all...  at least
> a .pyo (as obtained for import when you run Python with
> -O, or -OO to eliminate docstrings too) hides _that_:-)

Not very well, though.  There's still a mechanism for finding line numbers
under -O, else tracebacks would be much harder to follow.  And Python being
Python, you can figure it out easily enough with a Python program.  For
example, here's a program:

def f(x):
    x += 1
    # Multiply by 2.
    x *= 2
    return x

tab = f.func_code.co_lnotab
addr, line = 0, f.func_code.co_firstlineno
i = 0
while i < len(tab):
    addrincr, lineincr = map(ord, tab[i:i+2])
    addr += addrincr
    line += lineincr
    print "bytecode offset", addr, "corresponds to line", line
    i += 2

import dis
dis.dis(f)

and here's output from running that under -O:

bytecode offset 0 corresponds to line 2
bytecode offset 10 corresponds to line 4
bytecode offset 20 corresponds to line 5
          0 LOAD_FAST                0 (x)
          3 LOAD_CONST               1 (1)
          6 INPLACE_ADD
          7 STORE_FAST               0 (x)
         10 LOAD_FAST                0 (x)
         13 LOAD_CONST               2 (2)
         16 INPLACE_MULTIPLY
         17 STORE_FAST               0 (x)
         20 LOAD_FAST                0 (x)
         23 RETURN_VALUE
         24 LOAD_CONST               0 (None)
         27 RETURN_VALUE

However, from that alone, it's impossible to know whether the body of f was
*really*

def f(x):
    x += \
        1
    x *= 2
    return x

instead <wink>.

security-thru-transparency-ly y'rs  - tim



Fri, 28 Nov 2003 15:06:17 GMT  
 
 [ 4 post ] 

 Relevant Pages 

1. Python source under VSS (Visual Source Safe)

2. Am I Safe?

3. Source Safe ? - Any Comments

4. Visual Source Safe / PVCS or what ?!?

5. Can LabVIEW automatically login to Visual Source Safe?

6. Using MS Source Safe in VB .50

7. I am looking for Fabrik source...

8. How safe is $SAFE=4?

9. I am new to both LabVIEW and Microsoft Source Safe but...

10. I am not deaf, but am I mute?

11. py2exe 0.3.4 released

12. py2exe 0.3.3 released

 

 
Powered by phpBB® Forum Software