powerbuilder防止反编译: pbkiller无法解析longlong类型而且错得一塌糊涂
pbkiller2.5.18无法解析longlong类型,一旦你申明longlong类型无法反编译出类型,值也不对,因为longlong采用类似指针的方式存放值。
只要在代码中如此写:
int aaa =100
long bbb = 1000
longlong ccc = 20000
boolean ddd = false
datawindow dwx
aaa = 2 - 3
bbb = 1 -2
ccc = ((((((aaa + ccc *aaa + ccc))))))
return 1
反编译出来是:
integer aaa = 100
long bbb = 1000
ccc = 8
boolean ddd = false
datawindow dwx
aaa = 2 - 3
bbb = 1 - 2
ccc.commit using aaa;
aaa.pbm_bmgetstate.commit using pbm_bmgetstate;
return
return
return
补充:
同样的,只要出现longlong类型的字面量,都会出现解析不到的问题
source:
return 1
return 10
return 100
return 1000
return 10000
return 100000
return 1000000
return 10000000
return 100000000
return 1000000000
return 10000000000
return 100000000000
return 1000000000000
return 10000000000000
return 100000000000000
return 1000000000000000
return 10000000000000000
return 100000000000000000
return 1000000000000000000
return 10000000000000000000
反编译后:
do
do
do
do
do
return 1
return 10
return 100
return 1000
return 10000
return 100000
return 1000000
return 10000000
return 100000000
return 1000000000
return
return
destroy(?????)
return
return
return
return
return primary
return
return
loop while 0
loop while " "
loop while
loop while
loop while
return
/*================*/
20090822:今天在写一个demo时,发现pbkiller在解析参引对象列表时存在问题:
type strc_333 from structure
blob aaa
blob aaax[255]
blob aaay[255,254,253,252]
blob aaa1
blob aaa2
boolean bbb
char ccc
date eee
datetime fff
decimal ggg
decimal ggg0
decimal ggg1
decimal ggg2
decimal ggg3
decimal ggg4
decimal ggg5
decimal ggg6
decimal ggg7
decimal ggg8
decimal ggg9
decimal ggg10
decimal ggg11
decimal ggg12
decimal ggg13
decimal ggg14
decimal ggg15
decimal ggg16
decimal ggg17
decimal ggg18
double jjj
integer kkk
long lll
??????? mmm
string nnn
time ppp
uint qqq
ulong rrr
real sss
any ttt
accessibility t1
accessiblestate t2
adoresultset t3
application t4
arraybounds t5
checkbox t6
classdefinition t7
classdefinitionobject t8
commandbutton t9
connection t10
connectioninfo t11
connectobject t12
contextinformation t13
contextkeyword t14
corbabadcontext t15
corbabadinvorder t16
corbabadoperation t17
corbabadparam t18
corbabadtypecode t19
corbacommfailure t20
corbacurrent t21
corbadataconversion t22
corbafreemem t23
corbaimplimit t24
corbainitialize t25
corbainternal t26
corbaintfrepos t27
corbainvalidtransaction t28
corbainvflag t29
corbainvident t30
corbainvobjref t31
corbamarshal t32
corbanoimplement t33
corbanomemory t34
corbanopermission t35
corbanoresources t36
corbanoresponse t37
corbaobjadapter t38
corbaobject t39
corbaobjectnotexist t40
corbapersiststore t41
corbasystemexception t42
corbatransactionrequired t43
corbatransactionrolledback t44
corbatransient t45
corbaunion t46
corbaunknown t47
corbauserexception t48
cplusplus t49
datastore t50
datawindow t51
datawindowchild t52
dividebyzeroerror t53
dragobject t54
drawobject t55
dropdownlistbox t56
dropdownpicturelistbox t57
dwobject t58
dwruntimeerror t59
dynamicdescriptionarea t60
dynamicstagingarea t61
editmask t62
enumerationdefinition t63
enumerationitemdefinition t64
environment t65
error t66
errorlogging t67
exception t68
extobject t69
function_object t70
graph t71
graphicobject t72
graxis t73
grdispattr t74
groupbox t75
hprogressbar t76
hscrollbar t77
htrackbar t78
inet t79
internetresult t80
jaguarorb t81
line t82
listbox t83
listview t84
listviewitem t85
mailfiledescription t86
mailmessage t87
mailrecipient t88
mailsession t89
mdiclient t90
menu t91
menucascade t92
message t93
multilineedit t94
nonvisualobject t95
nullobjecterror t96
olecontrol t97
olecustomcontrol t98
oleobject t99
oleruntimeerror t100
olestorage t101
olestream t102
oletxnobject t103
omcontrol t104
omcustomcontrol t105
omembeddedcontrol t106
omobject t107
omstorage t108
omstream t109
orb t110
oval t111
pbtocppobject t112
pbxruntimeerror t113
picture t114
picturebutton t115
picturehyperlink t116
picturelistbox t117
pipeline t118
powerobject t119
profilecall t120
profileclass t121
profileline t122
profileroutine t123
profiling t124
radiobutton t125
rectangle t126
remoteobject t127
resultset t128
resultsets t129
richtextedit t130
roundrectangle t131
runtimeerror t132
scriptdefinition t133
service t134
simpletypedefinition t135
singlelineedit t136
sslcallback t137
sslserviceprovider t138
statichyperlink t139
statictext t140
structure t141
systemfunctions t142
tab t143
throwable t144
timing t145
traceactivitynode t146
tracebeginend t147
traceerror t148
traceesql t149
tracefile t150
tracegarbagecollect t151
traceline t152
traceobject t153
traceroutine t154
tracetree t155
tracetreeerror t156
tracetreeesql t157
tracetreegarbagecollect t158
tracetreeline t159
tracetreenode t160
tracetreeobject t161
tracetreeroutine t162
tracetreeuser t163
traceuser t164
transaction t165
transactionserver t166
treeview t167
treeviewitem t168
typedefinition t169
userobject t170
variablecardinalitydefinition t171
variabledefinition t172
vprogressbar t173
vscrollbar t174
vtrackbar t175
window t176
windowobject t177
m_1 t200
m_2 t201
m_3 t202
m_4 t203
m_5 t204
m_6 t205
m_7 t206
m_8 t207
m_9 t208
m_10 t209
m_11 t210
m_12 t211
m_13 t212
m_14 t213
m_15 t214
m_16 t215
m_17 t216
m_18 t217
m_19 t218
m_21 t220
m_22 t221
m_23 t222
m_24 t223
m_25 t224
m_26 t225
m_27 t226
m_28 t227
m_29 t228
m_31 t230
m_32 t231
m_33 t232
m_34 t233
m_35 t234
m_36 t235
m_37 t236
m_38 t237
m_39 t238
m_41 t240
m_42 t241
m_43 t242
m_44 t243
m_45 t244
m_46 t245
m_47 t246
m_48 t247
m_49 t248
m_51 t250
m_52 t251
m_53 t252
m_54 t253
m_55 t254
m_56 t255
m_57 t256
m_58 t257
m_59 t258
m_61 t260
m_62 t261
m_63 t262
m_64 t263
m_65 t264
m_66 t265
m_67 t266
m_68 t267
m_69 t268
m_71 t270
m_72 t271
m_73 t272
m_74 t273
m_75 t274
m_76 t275
m_77 t276
m_78 t277
m_79 t278
m_81 t280
m_82 t281
m_83 t282
m_84 t283
m_85 t284
?????? t285
?????? t286
?????? t287
?????? t288
?????? t290
?????? t291
?????? t292
?????? t293
end type
红色问号部分为无法解析的部分。一般而言,参引对象列表系统的一共177个内置对象。我又加了100个menu对象。很明显作者认为最多可以引用255个。其实不然。参引对象可以多达32768个。
//20090820:补充
type strc_111 from structure
string ccc
string ccc1[12] //source为ccc1[2 to 12];看来没有搞定所有的声明方式。
string ccc2[65535]
string ccc3[255,255]
string ccc4[255,255,255]
string ccc5[255,255,255,255]
end type
//20090821:
在uo或win的instance和shared区分别申明两个int变量:
instance : int ii_111 = 65535 //反编译为-1
shared: int si_222 = 65535 //反编译为65535,从存储本质来看,是没问题,但是参与其他提升计算就会有问题。
//20090822
发现枚举类型它无法反编译得到初始值。
alignment lal_111= left!
alignment lal_222= right!
alignment lal_333= center!
//20090823
一个变量的申明格式如:{access-right,accessread,accesswrite} datatype{size}{precision} varname
pbkiller对access部分没有解析,也就是public,private,protected等。对constant也没解析,对size部分和precision部分都没有解析,就是其他篇里指出的如:blob{255} var1和dec{4} var2这样的情况没有得到解析。可见,其还是非常欠缺的。
//20090903
uing u1 = 65537 //取模应该是 u1 = 1,但是它没有处理。只是显示65537.
//20090903:
real = 100.01,测试反编译值是错误的。可能是用c++的unsigned int去取值,然后转成double处理的。证明是错误的。real应该转c++的float才是正确的。我在做decompiler时也犯同样错误,后面改为
float f1;
memcpy(&f1,&uint1,4),这样处理即ok。
//20090903
ulong c3 = 4294967294 反编译为-2
ulong c4 = 4294967295 反编译为-1
dec{16} dec{17}dec{18}的变量初值错误。
很明显是用c++的unsigned __int32去取得pb的四位ulong值,但是显示时要IntToStr(),这个函数支持int和__int64两种,很明显作者并未进行强制转换,致使出现-2,-1的错误。
鉴于目前pb6-9使用很普遍。这里给大家提个醒,可以利用pbkiller的bug防止关键数据。如果作者不更新的话(目前看的使用形式看,他不会更新了,因为pb已经不热了。而且他软件是免费的,缺少原动力。)这些问题永远都会存在的。我们善加利用之。