How to Tell If Two Executable Files are the Same That Are Compiled from C++

thenthorn1010 used Ask the Experts™
I am attempting to research ways to tell the difference between two executables of the same program. One program is compiled at 10 am ET on Windows XP machine and another is compiled at 11am ET on Windows XP machine. (The source code is the same between the two files.) I do have to prove that the resulting executable from the C++ code does generate the same executable without any difference. In my research, I have found some people stating that Windows writes some timestamps when it compiles and assembles the C++ code. Is this true? What type of tool could I use to prove that two executables of the same source code are the same if they are compiled one hour later, or any given amount of time apart from one another in a Windows XP environment.

Any help that you could provide would be greatly appreciated.
Watch Question

Do more with

Expert Office
EXPERT OFFICE® is a registered trademark of EXPERTS EXCHANGE®
AndyAinscowFreelance programmer / Consultant

You could compare them bit by bit - it would be obvious if they were not identical in that case.



Is there a nice program out there that would complete that task, or would one need to be written to compare two *.exe files to determine if they are the same?
Senior Software Developer
FC /B prog1.exe prog2.exe

Open in new window

would do the comparison.

FC /? shows
Compares two files or sets of files and displays the differences between

FC [/A] [/C] [/L] [/LBn] [/N] [/OFF[LINE]] [/T] [/U] [/W] [/nnnn]
   [drive1:][path1]filename1 [drive2:][path2]filename2
FC /B [drive1:][path1]filename1 [drive2:][path2]filename2

  /A         Displays only first and last lines for each set of differences.
  /B         Performs a binary comparison.
  /C         Disregards the case of letters.
  /L         Compares files as ASCII text.
  /LBn       Sets the maximum consecutive mismatches to the specified
             number of lines.
  /N         Displays the line numbers on an ASCII comparison.
  /OFF[LINE] Do not skip files with offline attribute set.
  /T         Does not expand tabs to spaces.
  /U         Compare files as UNICODE text files.
  /W         Compresses white space (tabs and spaces) for comparison.
  /nnnn      Specifies the number of consecutive lines that must match
             after a mismatch.
             Specifies the first file or set of files to compare.
             Specifies the second file or set of files to compare.

Open in new window

C++ 11 Fundamentals

This course will introduce you to C++ 11 and teach you about syntax fundamentals.

I like to use WinMerge -
Richard QuadlingSenior Software Developer

Another option could be use MD5 ...

ECHO Comparing MD5 Hashes for %1 and %2.
FOR /F "tokens=1 delims= " %%A IN ('MD5 "%~1"') DO SET MD5_1=%%A
FOR /F "tokens=1 delims= " %%B IN ('MD5 "%~2"') DO SET MD5_2=%%B
IF "%MD5_1%"=="%MD5_2%" (
	ECHO They are identical.
) ELSE (
	ECHO They are different.

ECHO Cannot find %1

ECHO Cannot find %2

Open in new window

You can get md5.exe from MD5 - Command Line Message Digest Utility.
Richard QuadlingSenior Software Developer

How well does WinMerge handle binary differences?
Richard QuadlingSenior Software Developer

MD5 -? shows

MD5  --  Calculate MD5 signature of file.  Call
             with md5 [ options ] [file ...]

              -csig   Check against sig, set exit status 0 = OK
              -dtext  Compute signature of text argument
              -l      Use lower case letters for hexadecimal digits
              -n      Do not show file name after sum
              -ofname Write output to fname (- = stdout)
              -u      Print this message
              -v      Print version information

by John Walker  --
Version 2.0 (2003-04-15)

This program is in the public domain.

Open in new window



I used the function that you provided for the files that I compile with the same source code 1 minute apart from one another, and I ended up with results that show the files are different. The results from running the command that you posted are:

P:\>FC /B FTransViewer.exe FTransViewer2.exe
Comparing files FTransViewer.exe and FTRANSVIEWER2.EXE
00000088: C8 28
00000089: 86 87
00005D5C: 5C 80
00005D5D: 81 5F
00005D5E: D6 7F
00005D5F: 8B E5
00005D60: 92 E5
00005D61: 09 C9
00005D62: D4 71
00005D63: 45 4C
00005D64: B3 85
00005D65: E1 84
00005D66: 04 AA
00005D67: E0 E8
00005D68: EA 33
00005D69: D8 03
00005D6A: 61 ED
00005D6B: DE CD
000061BC: C8 28
000061BD: 86 87
000061D8: 89 EF
000061D9: DF 27
000061DA: B8 23
000061DB: F7 15
000061DC: 90 F8
000061DD: BE 91
000061DE: D7 AA
000061DF: 41 48
000061E0: AE A0
000061E1: A3 F6
000061E2: 49 7A
000061E3: 0C 2F
000061E4: 6E 86
000061E5: B5 CB
000061E6: 03 F8
000061E7: A6 8B

Would this lead you to conclude that these files are not identical?
Richard QuadlingSenior Software Developer


If you FC prog1.exe prog1.exe you'll get something like
Comparing files prog1.exe and prog1.exe
FC: no differences encountered

Open in new window

Richard QuadlingSenior Software Developer

If you are building from a VCS, then I'd be checking the latest revision numbers to see if anything changed.
How well does WinMerge handle binary differences?

I know it will at least show you if the binary files are equal. I don't think it will show you as much information as FC will. I use it to compare source files.

I forgot about the existence of FC. I think FC is a better chioce in this case, it will give the offset and values of the bytes that do not compare (as you discovered).



The version numbers are the same in both of the files. Is it possible that there is a date/time stamp within the executable that would be causing this? (When I used WinMerge, as Anthony2000 suggested, I ended up with some characters showing up that were different from one another in one compilation of the code when comparing the first executable to the second executable. For example, in the second to last line the first executable contains the characters "ȆgN" whereas the second executable contains "(‡gN" om the same location. Is this just what occurs when you compile code from VS C++ in Windows environments, due to a possible date field or some type of other data that is being added to the executable?



WinMerge does work well in showing the differences in the executable files. They allow for me to see the raw characters that are in the executables that are not the same from compiling the same source code one minute apart. For instance, I mentioned that  I received  characters from the first executable "ȆgN" whereas the second executable contains "(‡gN" om the same location. Any idea why this would occur if the versioning number of VS is not changing and everything else is left the same for the source code that was compiled to create the same executable one minute apart?
Richard QuadlingSenior Software Developer
It may be possible to completely strip these things out.

A tool like PE Explorer ( may be of use to help you identify the meaningful differences by allowing you to see what the different bits mean.

Do more with

Expert Office
Submit tech questions to Ask the Experts™ at any time to receive solutions, advice, and new ideas from leading industry professionals.

Start 7-Day Free Trial