Solved

How to Tell If Two Executable Files are the Same That Are Compiled from C++

Posted on 2011-09-07
14
602 Views
Last Modified: 2012-05-12
I am attempting to research ways to tell the difference between two executables of the same program. One program is compiled at 10 am ET on Windows XP machine and another is compiled at 11am ET on Windows XP machine. (The source code is the same between the two files.) I do have to prove that the resulting executable from the C++ code does generate the same executable without any difference. In my research, I have found some people stating that Windows writes some timestamps when it compiles and assembles the C++ code. Is this true? What type of tool could I use to prove that two executables of the same source code are the same if they are compiled one hour later, or any given amount of time apart from one another in a Windows XP environment.

Any help that you could provide would be greatly appreciated.
0
Comment
Question by:thenthorn1010
  • 7
  • 4
  • 2
  • +1
14 Comments
 
LVL 44

Expert Comment

by:AndyAinscow
ID: 36496211
You could compare them bit by bit - it would be obvious if they were not identical in that case.
0
 

Author Comment

by:thenthorn1010
ID: 36496229
AndyAinscow,

Is there a nice program out there that would complete that task, or would one need to be written to compare two *.exe files to determine if they are the same?
0
 
LVL 40

Accepted Solution

by:
RQuadling earned 334 total points
ID: 36496274
FC /B prog1.exe prog2.exe

Open in new window


would do the comparison.

FC /? shows
Compares two files or sets of files and displays the differences between
them


FC [/A] [/C] [/L] [/LBn] [/N] [/OFF[LINE]] [/T] [/U] [/W] [/nnnn]
   [drive1:][path1]filename1 [drive2:][path2]filename2
FC /B [drive1:][path1]filename1 [drive2:][path2]filename2

  /A         Displays only first and last lines for each set of differences.
  /B         Performs a binary comparison.
  /C         Disregards the case of letters.
  /L         Compares files as ASCII text.
  /LBn       Sets the maximum consecutive mismatches to the specified
             number of lines.
  /N         Displays the line numbers on an ASCII comparison.
  /OFF[LINE] Do not skip files with offline attribute set.
  /T         Does not expand tabs to spaces.
  /U         Compare files as UNICODE text files.
  /W         Compresses white space (tabs and spaces) for comparison.
  /nnnn      Specifies the number of consecutive lines that must match
             after a mismatch.
  [drive1:][path1]filename1
             Specifies the first file or set of files to compare.
  [drive2:][path2]filename2
             Specifies the second file or set of files to compare.

Open in new window

0
 
LVL 8

Assisted Solution

by:Anthony2000
Anthony2000 earned 166 total points
ID: 36496283
I like to use WinMerge - http://winmerge.org/
0
 
LVL 40

Expert Comment

by:RQuadling
ID: 36496386
Another option could be use MD5 ...

@ECHO OFF
SETLOCAL ENABLEDELAYEDEXPANSION
IF NOT EXIST "%~1" GOTO Err1
IF NOT EXIST "%~2" GOTO Err2
ECHO Comparing MD5 Hashes for %1 and %2.
FOR /F "tokens=1 delims= " %%A IN ('MD5 "%~1"') DO SET MD5_1=%%A
FOR /F "tokens=1 delims= " %%B IN ('MD5 "%~2"') DO SET MD5_2=%%B
IF "%MD5_1%"=="%MD5_2%" (
	ECHO They are identical.
) ELSE (
	ECHO They are different.
)
GOTO :EOF

:Err1
ECHO Cannot find %1
EXIT /B

:Err2
ECHO Cannot find %2
EXIT /B

Open in new window


You can get md5.exe from MD5 - Command Line Message Digest Utility.
0
 
LVL 40

Expert Comment

by:RQuadling
ID: 36496396
How well does WinMerge handle binary differences?
0
 
LVL 40

Expert Comment

by:RQuadling
ID: 36496401
MD5 -? shows

MD5  --  Calculate MD5 signature of file.  Call
             with md5 [ options ] [file ...]

         Options:
              -csig   Check against sig, set exit status 0 = OK
              -dtext  Compute signature of text argument
              -l      Use lower case letters for hexadecimal digits
              -n      Do not show file name after sum
              -ofname Write output to fname (- = stdout)
              -u      Print this message
              -v      Print version information

by John Walker  --  http://www.fourmilab.ch/
Version 2.0 (2003-04-15)

This program is in the public domain.

Open in new window

0
How to improve team productivity

Quip adds documents, spreadsheets, and tasklists to your Slack experience
- Elevate ideas to Quip docs
- Share Quip docs in Slack
- Get notified of changes to your docs
- Available on iOS/Android/Desktop/Web
- Online/Offline

 

Author Comment

by:thenthorn1010
ID: 36496438
RQuadling,

I used the function that you provided for the files that I compile with the same source code 1 minute apart from one another, and I ended up with results that show the files are different. The results from running the command that you posted are:

P:\>FC /B FTransViewer.exe FTransViewer2.exe
Comparing files FTransViewer.exe and FTRANSVIEWER2.EXE
00000088: C8 28
00000089: 86 87
00005D5C: 5C 80
00005D5D: 81 5F
00005D5E: D6 7F
00005D5F: 8B E5
00005D60: 92 E5
00005D61: 09 C9
00005D62: D4 71
00005D63: 45 4C
00005D64: B3 85
00005D65: E1 84
00005D66: 04 AA
00005D67: E0 E8
00005D68: EA 33
00005D69: D8 03
00005D6A: 61 ED
00005D6B: DE CD
000061BC: C8 28
000061BD: 86 87
000061D8: 89 EF
000061D9: DF 27
000061DA: B8 23
000061DB: F7 15
000061DC: 90 F8
000061DD: BE 91
000061DE: D7 AA
000061DF: 41 48
000061E0: AE A0
000061E1: A3 F6
000061E2: 49 7A
000061E3: 0C 2F
000061E4: 6E 86
000061E5: B5 CB
000061E6: 03 F8
000061E7: A6 8B

Would this lead you to conclude that these files are not identical?
0
 
LVL 40

Expert Comment

by:RQuadling
ID: 36496450
Absolutely.

If you FC prog1.exe prog1.exe you'll get something like
Comparing files prog1.exe and prog1.exe
FC: no differences encountered

Open in new window

0
 
LVL 40

Expert Comment

by:RQuadling
ID: 36496478
If you are building from a VCS, then I'd be checking the latest revision numbers to see if anything changed.
0
 
LVL 8

Expert Comment

by:Anthony2000
ID: 36496512
How well does WinMerge handle binary differences?

I know it will at least show you if the binary files are equal. I don't think it will show you as much information as FC will. I use it to compare source files.

I forgot about the existence of FC. I think FC is a better chioce in this case, it will give the offset and values of the bytes that do not compare (as you discovered).

0
 

Author Comment

by:thenthorn1010
ID: 36496568
RQuadling,

The version numbers are the same in both of the files. Is it possible that there is a date/time stamp within the executable that would be causing this? (When I used WinMerge, as Anthony2000 suggested, I ended up with some characters showing up that were different from one another in one compilation of the code when comparing the first executable to the second executable. For example, in the second to last line the first executable contains the characters "ȆgN" whereas the second executable contains "(‡gN" om the same location. Is this just what occurs when you compile code from VS C++ in Windows environments, due to a possible date field or some type of other data that is being added to the executable?
0
 

Author Comment

by:thenthorn1010
ID: 36496588
Anthony2000,

WinMerge does work well in showing the differences in the executable files. They allow for me to see the raw characters that are in the executables that are not the same from compiling the same source code one minute apart. For instance, I mentioned that  I received  characters from the first executable "ȆgN" whereas the second executable contains "(‡gN" om the same location. Any idea why this would occur if the versioning number of VS is not changing and everything else is left the same for the source code that was compiled to create the same executable one minute apart?
0
 
LVL 40

Assisted Solution

by:RQuadling
RQuadling earned 334 total points
ID: 36496636
It may be possible to completely strip these things out.

A tool like PE Explorer (http://www.heaventools.com/overview.htm) may be of use to help you identify the meaningful differences by allowing you to see what the different bits mean.

0

Featured Post

How your wiki can always stay up-to-date

Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
- Increase transparency
- Onboard new hires faster
- Access from mobile/offline

Join & Write a Comment

Suggested Solutions

In Easy String Encryption Using CryptoAPI in C++ (http://www.experts-exchange.com/viewArticle.jsp?aid=1193) I described how to encrypt text and recommended that the encrypted text be stored as a series of hexadecimal digits -- because cyphertext may…
Preface I don't like visual development tools that are supposed to write a program for me. Even if it is Xcode and I can use Interface Builder. Yes, it is a perfect tool and has helped me a lot, mainly, in the beginning, when my programs were small…
Video by: Grant
The goal of this video is to provide viewers with basic examples to understand and use nested-loops in the C programming language.
The goal of this video is to provide viewers with basic examples to understand opening and reading files in the C programming language.

706 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

11 Experts available now in Live!

Get 1:1 Help Now