Question
I found this paper searching for links about C++ template metaprogramming. I'm new to both security and templates in C++ and am hoping someone can point me in the right direction. I'm asking for no other reason that it piqued my interest, and I'd like to learn more in general.
Here is the paper: https://www.cisuc.uc.pt/publication/showfile?fn=1357250736_metaobfv3.pdf
Or just do a search on the name: Binary code obfuscation through C++ template metaprogramming
I can't seem to figure out how a programmer would use this. Are they creating types via templates then using those types in the original code itself? Here is some code used:
https://stackoverflow.com/questions/23101823
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
Russianstruct uint32 {
unsigned int x_;
uint32(unsigned int x) : x_(x) {}
uint32(const uint32 &oth) : x_(oth.x_) {}
uint32 &operator=(const uint32 &oth) { x_ = oth.x_; return *this; }
operator unsigned int() const { return x_; }
};
static inline uint32 operator+(const uint32 &a, const uint32 &b) {
return uint32(ObfuscatedAdder<unsigned int>::eval(a.x_, b.x_));
}
This is a small portion from page 6. I'm trying to figure out how a programmer using their techniques would go about creating...lets say an algorithm...then obfuscate it.
This would be the addition obfuscation I assume. How would I take a statement like:
unsigned int foo = 5 + 7;
in code and use the template to obfuscate it into a more complex identity?
Solution
unsigned int foo = 5 + 7; won't be obfuscated as this falls under constant folding. and would be replaced simply with unsigned int foo = 12; at compile time.
The technique is particularly useful for expressions like.
uint32 a = 5;
uint32 b = 7;
unsigned int foo = a + b;
