Menu
Suppose I am writing some C++ program that I don't want the binary leak information on how the program is working. I know we can probably strip symbols from the binary, but the class names are still stored and retrievable by RTTI information. So how can I avoid that? If I need to disable RTTI, what C++ features will no longer be usable?
270
What you lose when disable RTTI depends on your compiler (and compiler version).
For gcc 4.5, you could read:
-fno-rtti Disable generation of information about every class with virtual functions for use by the C++ runtime type identification features (dynamic_cast' andtypeid'). If you don't use those parts of the language, you can save some space by using this flag. Note that exception handling uses the same information, but it will generate it as needed. The `dynamic_cast' operator can still be used for casts that do not require runtime type information, i.e. casts to void * or to unambiguous base classes.
For Visual Studio 2013:
Use /GR if the compiler cannot statically resolve an object type in your code. You usually need the /GR option when your code uses dynamic_cast Operator or typeid. However, /GR increases the size of the .rdata sections of your image. If your code does not use dynamic_cast or typeid, /GR- may produce a smaller image
Thus, indeed, in these cases, it disables only dynamic_cast and typeid.
However, if the goal is to hide the behavior and some information about your executable, I don't think that strip and disable RTTI are the best solution. It may be a good beginning, but to have a real binary protection, you must see packer / executable protector / obfuscation tool (http://en.wikipedia.org/wiki/Executable_compression).
59
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
