Link to home
Start Free TrialLog in
Avatar of steva
steva

asked on

Having C code checksum itself

I'd like to have my C code run a checksum on itself to detect any tampering. I thought I could do something like:

StartLabel:
      --- code---
EndLabel:

UINT *p;
UINT checksum=0;
for(p=StartLabel; p<EndLabel; p++)
      checksum^=*p;

But the compiler kicks out the " p=StartLabel" with an "undeclared identifier" , though a "goto StartLabel;" compiles fine.

Does anyone see the problem here, or have a way to do this?

Thanks
steva
ASKER CERTIFIED SOLUTION
Avatar of jkr
jkr
Flag of Germany image

Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
SOLUTION
Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Avatar of steva
steva

ASKER

Ok, this looks good.  Any reason why you guys changed the amount being XORed from a UINT to a BYTE? A 32-bit checksum seems more tamper-proof than an 8-bit checksum.

steva
I did that to check for 'ret'. Y>ou can of course use an unsigned int.
>> A 32-bit checksum seems more tamper-proof than an 8-bit checksum.
The thing is, if people are gonna tamper with the executable, they can also change the checksum to include the changes they made ...

Adding a checksum like this is not making your executable a lot safer.
Avatar of steva

ASKER

Infinit08,

Yes, I have no illusions here. Even if I obfuscate the checksum code by putting it somewhere remote from the protected routines and making it look like something else, a determined professional hacker (think Taiwanese pirate) will find it, get in and make a million license-free copies if he wants to.  Even easier than replacing the checksum value is probably replacing the if(checksumOK) with if(1).  The checksum code here is only to withold the code from more thiefs, not all thiefs.  I don't know of a better solution.  Do you?

steva

The best thieves will find a way around the checksum.

That said, you can make their lives tougher by calculating multiple checksums over the same area using different methods.

Of course, the thief isn't limited to cracking the checksum algorithms.  Instead, he'll find the assembly code for:

if (checksum(region) == ChecksumValue)
  exit(0);

and replace it with a series of NOOPs.   sigh....

SOLUTION
Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Avatar of steva

ASKER

Ok guys.  Thanks for the discussion and answers.  I tried to split the points to make everyone happy.

steva