加密时如何带调试信息然后lua代码使用luac
[英]How to bring debugging information when encryption then lua code use luac
问题描述
I wrote the following code in the file "orgin.lua"
我在文件“orgin.lua”中写了以下代码
if test==nil then
print(aa["bb"]["cc"]) -- to produce a crash
end
print(1120)
when it crash ,it will generate the following information:当它崩溃时,它会生成以下信息:
lua: origin.lua:3: attempt to index global 'aa' (a nil value)
In order to prevent decompilation and make sure the code is safe,I use the following command to convert my code:为了防止反编译并确保代码安全,我使用以下命令转换我的代码:
luac -o -s test.lua origin.lua
I know the argument -s is strip debug information, then it do not show the number of rows when crash:我知道参数 -s 是条带调试信息,那么它在崩溃时不显示行数:
lua: ?:0: attempt to index global 'aa' (a nil value)
but how to bring debugging information when encryption then lua code use luac?Is there any solution?但是如何在加密时带调试信息然后lua代码使用luac?有什么解决办法吗?
2 个解决方案
解决方案1
1 2018-02-11 06:43:44
There is no way to do this built into Lua, but there are some work-arounds. Lua 中没有办法做到这一点,但有一些变通方法。
If you only need line numbers, then one option is to leave the line numbers in the chunk.如果您只需要行号,那么一种选择是将行号保留在块中。 Line numbers are not that useful for reverse engineering (unluac currently doesn't use them at all), so it shouldn't affect security.行号对于逆向工程不是很有用(unluac 目前根本不使用它们),所以它不应该影响安全性。 Lua doesn't provide an option for this, but it is easy to modify Lua to leave them in when stripping. Lua 没有为此提供选项,但是很容易修改 Lua 以在剥离时保留它们。 From ldump.c来自 ldump.c
n = (D->strip) ? 0 : f->sizelineinfo;
can be changed to可以改为
n = f->sizelineinfo;
(Disclaimer: untested) (免责声明:未经测试)
A more complicated option would be to modify the Lua runtime to output the virtual machine program counter instead of the line number, and also output information describing the location of the current function in the chunk (eg top level, first function, second function nested in third function, etc).一个更复杂的选择是修改 Lua 运行时以输出虚拟机程序计数器而不是行号,并且还输出描述当前函数在块中的位置的信息(例如顶层、第一个函数、嵌套在其中的第二个函数)第三个功能等)。 Then the line number could be looked up by the developer in a non-stripped version of the chunk.然后开发人员可以在块的非剥离版本中查找行号。 (Here is a reference to someone using this approach on lua-l -- no source code was provided, though.) (这是对在 lua-l 上使用这种方法的人的引用——不过没有提供源代码。)
Note that preventing decompilation is not true security.请注意,防止反编译并不是真正的安全。 It may help against casual attacks, but Lua bytecode is not hard to read.它可能有助于抵御偶然攻击,但 Lua 字节码不难阅读。
解决方案2
-1 2018-02-11 09:04:15
luac does not encrypt the output. luac 不加密输出。 It compiles your Lua source code to bytecode, that's all.它将您的 Lua 源代码编译为字节码,仅此而已。 The code is neither encrypted nor does it run any faster, only the loadtime is shorter since the compilation step is not needed.代码既没有加密也没有运行得更快,只是加载时间更短,因为不需要编译步骤。
If you want your code to be encrypted, I suggest to encrypt the bytecode using eg AES-256 and then decode it in memory just before handing it to the Lua state.如果您希望您的代码被加密,我建议使用例如 AES-256 加密字节码,然后在将其交给 Lua 状态之前在内存中对其进行解码。 This way the bytecode is encrypted on disk, but decripted in memory.这样,字节码在磁盘上加密,但在内存中解密。
The overhead is low.开销很低。 We use this technique since years.我们多年来一直使用这种技术。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.