How to prevent NDK from dumping stack trace to android logcat?

Question

We are working on adding an NDK component to provide additional security to our Android app. We want the logic for this component to be private and hence don't want the stack trace dumps in android studio logcat. I have tried several flags to the CMake build configuration but none seem to help.

    externalNativeBuild {
        cmake {
            cppFlags "-lz -std=c++11 -s"
            arguments "-DAPP_OPTIM=release", "-DCMAKE_BUILD_TYPE=Release"
        }
    }

Additionally, is there any Proguard like tool available for NDK so that code can be obfuscated?

Answer 1

You are asking about a bit strange thing. If you want just to make reverse engineering harder - then it is better to only obfuscate code and do not try to hide your crashes at least because it:

• makes it harder to debug application during development
• makes it impossible to get crash reports from end users via Google Play Console
• interferes with system-wide fault reporting mechanism and application framework in unpredictable way

If you still want to experiment with it - try this snippet:

#include <signal.h>
#include <stddef.h>
#include <unistd.h>
#include <sys/syscall.h>

void makeCrashesSilent() {
    struct sigaction sa;
    sa.sa_flags = SA_SIGINFO;
    sa.sa_sigaction = [] (int signo, siginfo_t*, void*) {
        _exit(1);
    };
    int signals[] = {
            SIGSEGV,
            SIGBUS,
            SIGFPE,
            SIGABRT,
            SIGILL,
            SIGINT,
    };
    for (size_t i = 0; i < sizeof signals / sizeof signals[0]; i++) {
        syscall(__NR_sigaction, signals[i], &sa, nullptr);
    }
}

This function installs custom handler to all UNIX signals that in usual situation end up with native crash and related dump in logcat. Call this function once to suppress debug output in logcat. But nevertheless each crash still may be detected by scant message in logcat:

10-06 21:24:01.214 945-2236/? I/ActivityManager: Process com.example.sergik.test2 (pid 7682) has died: fore TOP 
10-06 21:24:01.214 632-632/? I/Zygote: Process 7682 exited cleanly (1)

And thats all. No crash dump, no extra info. Just note that system may immediately restart your app because it can't see that there was crash and it would be better to defer restart until explicit request from user. Also as I said earlier - this is much a hack that may confuse android runtime, especially on the modern systems where ART installs it own handler chains for some signals.

So it is better to concentrate on obfuscating. AFAIK there are some LLVM-based obfuscators that may fit your needs. But you could even start without any extra tools - as first step you may just hide all unnecessary symbol info from your binaries and left only JNI required exports, eg via version script for each .so file:

{
  global:
    JNI_OnLoad; Java_*;

  local:
    *;
};

Such script will hide all exports except ones that are required to use your code from Java land.