CN106708593A - Compiling method and device of program link - Google Patents

Compiling method and device of program link Download PDF

Info

Publication number
CN106708593A
CN106708593A CN201510418582.XA CN201510418582A CN106708593A CN 106708593 A CN106708593 A CN 106708593A CN 201510418582 A CN201510418582 A CN 201510418582A CN 106708593 A CN106708593 A CN 106708593A
Authority
CN
China
Prior art keywords
section
file
index value
linked
input
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN201510418582.XA
Other languages
Chinese (zh)
Other versions
CN106708593B (en
Inventor
谢宝友
王德强
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
ZTE Corp
Original Assignee
ZTE Corp
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by ZTE Corp filed Critical ZTE Corp
Priority to CN201510418582.XA priority Critical patent/CN106708593B/en
Priority to PCT/CN2015/096591 priority patent/WO2017008431A1/en
Publication of CN106708593A publication Critical patent/CN106708593A/en
Application granted granted Critical
Publication of CN106708593B publication Critical patent/CN106708593B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Landscapes

  • Devices For Executing Special Programs (AREA)
  • Stored Programmes (AREA)

Abstract

The invention provides a compiling method and device of a program link. The compiling method comprises the steps of obtaining a file to be linked, conducting splitting on sections in the file to be linked according to a function or a variable symbol in the file to be linked to obtain multiple input sections; randomly allocating an index value for each of the input sections; merging the corresponding function or variable symbol to a link output file according to the index value of each of the input sections. According to the compiling method of the program link, by conducting splitting on the function and variable symbol in the file to be linked and then conducting randomization processing, the randomness of the function and the variable symbol in a program can be further improved, thus the probability that the program is successfully attacked is lowered, and the safety of the program is improved.

Description

The Compilation Method and device of a kind of program chains
Technical field
The present invention relates to field of computer technology, more particularly to a kind of program chains Compilation Method and device.
Background technology
With the high speed development of information technology, when carrying out communication using extensive open network environment and having become The trend of generation development.Also inevitably there is safety wind while exploitation and shared resource is provided in network Danger, if there is leak in computer software (operating system, SB, middleware, application program), The attacker for being familiar with system just can perform malicious code using these leaks by network, and carry out illegal Operation.
System is attacked one on condition that attacker is to the code address space of system especially program Certain understanding is distributed with, then could cause that process performs attacker and sets in advance by the code of meticulous construction The attack code put carrys out control system.This attack is tackled, is typically entered using the method for address randomization Row protection.After the randomization of software code address, attacker cannot jump to the execution flow of program expected Address performs attack code, so as to effectively reducing attacker's attack cost.It is as shown in Figure 1 Be randomly assigned the process status schematic diagram of program address in the prior art, by the code section Func1 of input file, Func2, Func3 and Func4 are incorporated into the code section of output file, by the data section Var1 of input file, Var2, Var3 and Var4 are incorporated into the data section of output file.
Traditional address randomization work is completed generally in system level.System in startup program, by journey The base address of each component (main program, dynamic base, storehouse) in sequence carries out randomization, such Although randomisation process realizes that simple, overhead is smaller, following problem is there is also:1. granularity is thicker, The Address d istribution of component internal is still fixed, and attacker still can be obtained with distributing operation system interface The initial address of each component, implements to attack with reference to Brute Force and relative address.Increased income generation due to substantial amounts of In the application of items in commerce, attacker can obtain these Open Source Codes to code using advance compiled program The Address d istribution of component internal.2. underaction, otherwise all of program uses address randomization in system, Address randomization is not used, it is impossible to voluntarily opened with demand for security according to the application program itself the characteristics of Open this function.3. the selection of random number determines by system, the generation of part random number also with system time phase Close, attacker is easier to be cracked after the generating random number rule and system time of the system that obtains.
The content of the invention
The purpose of the embodiment of the present invention is the Compilation Method and device for providing a kind of program chains, can enter one The randomness of step raising program inner function and variable symbol, so as to reduce program by the possibility of successful attack, The security of raising program.
To achieve these goals, the embodiment of the present invention provides a kind of Compilation Method of program chains, the volume The method of translating includes:
File to be linked is obtained, according to function or variable symbol in the file to be linked, chain is treated by described The section connect in file is split, and obtains multiple input sections;
To each input section randomization ground distribution index value;
According to the index value of each input section, corresponding function or variable symbol are incorporated into a chain In connecing output file.
Wherein, the function or variable symbol according in the file to be linked, by the file to be linked In section split, obtain multiple input sections, specifically include:
Read the symbol table information that reason section is presently in the file to be linked;
According to the symbol table information, lookup is presently in the function or variable symbol of reason section, selectes work as successively The function or variable symbol of predetermined number, as one group, are that each group of establishment is newly saved in preceding handled section, are obtained The multiple described input section corresponding with reason section is presently in.
Wherein, described selecting successively is presently in the function for managing predetermined number in section or variable symbol as one group, After for each group of establishment newly section, methods described also includes:
All of section information in the file to be linked is read, judges that all sections in the file to be linked are No fractionation is finished, when do not split finish when, then continue to read the symbol of next untreated section in file to be linked Number table information, selectes the function or variable symbol of predetermined number in next untreated section as one group successively, For each group of establishment is newly saved, multiple input sections are obtained;
The function or variable symbol of predetermined number in each untreated section are selected successively as one group, are each Group creates new section, obtains multiple input sections.
Wherein, it is described to each input section randomization ground distribution index value, specifically include:
The numerical parameter of multiple chance events is obtained, according to the numerical parameter, random seed is generated, wherein The chance event includes:There is interruption, the input of active user's terminal or read current in current compiling main frame The system time of main frame is compiled, accordingly, the numerical parameter includes:What current compiling main frame was interrupted The system time number of number of times numerical value, the numerical value of active user's terminal input or the current compiling main frame for being read Value;
Random sequence is generated according to the random seed;
The each described input section after splitting in the file to be linked is obtained, according to the random sequence to tear open Each described input section distribution index value after point.
Wherein, it is described according to the random sequence be split after each it is described input section distribution index value, Specifically include:
It is the presently described fixed index value of input selected parts;
It is detected as presently described input and saves whether the index value selected is used, if had been used, It is the input section one new index value of distribution to call the random sequence again;
If the presently described index value selected of input section is not used by, then mark selected index value by Use, and the corresponding input section is assigned by selected index value.
Wherein, the index value according to each input section, by corresponding function or variable symbol It is incorporated into a link output file, specially:
Index value according to the input section determines offset address of the input section in output file is linked, The input section is incorporated into according to the offset address for a determination position in link output file.
The embodiment of the present invention also provides a kind of compilation device of program chains, and the compilation device includes:
Processing module, for obtaining file to be linked, according to function or variable symbol in the file to be linked Number, the section in the file to be linked is split, obtain multiple input sections;
Distribute module, for each input section randomization ground distribution index value;
Merging module, for the index value according to each input section, by corresponding function or variable In symbol merging to a link output file.
Wherein, the processing module includes:
Reading submodule, is presently in the symbol table information of reason section in the file to be linked for reading;
Submodule is created, for according to the symbol table information, lookup to be presently in the function or variable of reason section Symbol, selectes the function or variable symbol that are presently in predetermined number in reason section as one group successively, is each Group creates new section, obtains and is presently in managing the corresponding multiple described input section of section.
Wherein, the processing module also includes:
First treatment submodule, present count during reason is saved is presently in for being selected successively in the establishment submodule The function or variable symbol of amount, as one group, are after each group of establishment is newly saved, to read the file to be linked In all of section information, judge whether all sections in the file to be linked split and finish, when not split Bi Shi, then continue to read the symbol table information of next untreated section in file to be linked, selectes successively next The function or variable symbol of predetermined number, as one group, are that each group of establishment is newly saved in individual untreated section, are obtained Multiple input sections;
Second processing submodule, function or variable for selecting predetermined number in each untreated section successively Symbol, as one group, is that each group of establishment is newly saved, and obtains multiple input sections.
Wherein, the distribute module includes:
First generation submodule, the numerical parameter for obtaining multiple chance events, according to the numerical parameter, Generation random seed, wherein the chance event includes:There is interruption, active user's end in current compiling main frame The current system time for compiling main frame is read in end input, and accordingly, the numerical parameter includes:Currently Numerical value or the current volume that is read that number of times numerical value that compiling main frame is interrupted, active user's terminal are input into Translate the system time numerical value of main frame;
Second generation submodule, for generating random sequence according to the random seed;
Distribution sub module, for obtaining each described input section after splitting in the file to be linked, according to The random sequence is each the described input section distribution index value after splitting.
Wherein, the distribution sub module includes:
Selected subelement, for being the presently described fixed index value of input selected parts;
First treatment subelement, for be detected as the presently described index value selected of input section whether by Use, if had been used, it is the input section one new index value of distribution that the random sequence is called again;
Second processing subelement, if being not used by for the index value that presently described input section is selected, then The selected index value of mark has been used, and assigns the corresponding input section by selected index value.
Wherein, the merging module is further used for:
Index value according to the input section determines offset address of the input section in output file is linked, The input section is incorporated into according to the offset address for a determination position in link output file.
The above-mentioned technical proposal of the embodiment of the present invention has the beneficial effect that:
It is used as by the function or variable symbol of selecting predetermined number successively in each section of file to be linked One group, be that each group of establishment is newly saved, and obtains multiple input sections, is every according to the random sequence for previously generating One input section randomization distribution index value, one is incorporated into according to index value by corresponding function or variable symbol In link output file, the randomness of program inner function and variable symbol can be further improved, so as to reduce Possibility of the program by successful attack, improves the security of program.
Brief description of the drawings
Fig. 1 is the process status schematic diagram for being randomly assigned program address in the prior art;
Fig. 2 is the Compilation Method step schematic diagram of embodiment of the present invention program chains;
Fig. 3 is the process status schematic diagram that program address is randomly assigned after method using the embodiment of the present invention;
Fig. 4 is the process schematic saved in the fractionation file to be linked of the embodiment of the present invention;
Fig. 5 is the schematic flow sheet for being randomly assigned index of the embodiment of the present invention;
Fig. 6 is the Compilation Method overall flow schematic diagram of the program chains of the embodiment of the present invention;
Fig. 7 is the compilation device schematic diagram of the program chains of the embodiment of the present invention.
Specific embodiment
To make the technical problem to be solved in the present invention, technical scheme and advantage clearer, below in conjunction with attached Figure and specific embodiment are described in detail.
The embodiment of the present invention provides a kind of Compilation Method of program chains, as shown in Fig. 2 the Compilation Method Including:
Step S10, acquisition file to be linked, according to function or variable symbol in the file to be linked, Section in the file to be linked is split, multiple input sections are obtained;
Step S11, to it is each it is described input section randomization ground distribution index value;
Step S12, the index value according to each input section, by corresponding function or variable symbol It is incorporated into a link output file.
After obtaining file to be linked, each section of file to be linked is split, the input after being split Section, the function included in input section obtained after fractionation or the quantity of variable symbol less than function in former section or The quantity of variable symbol, the quantity of function or variable symbol can preset in the input section after fractionation, defeated Enter section in function or variable symbol quantity it is fewer, obtained by fractionation input section quantity it is more.Input section In function or variable symbol quantity it is fewer, be input into section quantity it is more when, random to each input section When changing ground distribution index value, the randomness of function or variable symbol is bigger, can reduce program by successful attack Possibility, and then improve program security., it is necessary to be defeated after each input section after splitting is obtained Enter to save randomization ground distribution index value, then according to the index value of each input section, by corresponding function or change Quantity symbol is incorporated into a link output file.
As shown in figure 3, being the process status that program address is randomly assigned after the method using the embodiment of the present invention Schematic diagram, independent Func1 and Func2 is split into by code section Func1, Func2 of the merging of input file; Code section Func3, Func4 of merging are split into independent Func3 and Func4;By the merging of input file Data section Var1, Var2 split into independent Var1 and Var2;Data section Var3, Var4 that will merge Split into independent Var3 and Var4.Finally by code section Func1, Func2, the Func3 in input file With the code section that Func4 is incorporated into output file, by data section Var1, Var2 of input file, Var3 and Var4 is incorporated into the data section of output file.
It is used as by the function or variable symbol of selecting predetermined number successively in each section of file to be linked One group, be that each group of establishment is newly saved, and obtains multiple input sections, is every according to the random sequence for previously generating One input section randomization distribution index value, one is incorporated into according to index value by corresponding function or variable symbol In link output file, the randomness of program inner function and variable symbol can be further improved, so as to reduce Possibility of the program by successful attack, improves the security of program.
In the above embodiment of the present invention, step S10 is according to the function or variable symbol in the file to be linked Number, the section in the file to be linked is split, multiple input sections are obtained, specifically include:
The symbol table information of reason section is presently in step S101, the reading file to be linked;
Step S102, according to the symbol table information, lookup is presently in the function or variable symbol of reason section, The function or variable symbol that are presently in predetermined number in reason section are selected successively as one group, are each group of establishment New section, obtains and is presently in managing the corresponding multiple described input section of section.
Specifically, when the section in treating threaded file is split, read first current in file to be linked The symbol table information of positive treatment section, according to the symbol table information for obtaining, finds corresponding function or variable symbol Number.Then split to being presently in reason section, when splitting, included in every group set in advance Function or variable symbol quantity to be presently in reason section function or variable symbol be grouped, Ran Houwei Each group of establishment one is newly saved, and obtains multiple input sections.
In the above embodiment of the present invention, step S102 is selected be presently in predetermined number during reason is saved successively Function or variable symbol, as one group, are that methods described also includes after each group of establishment is newly saved:
All of section information in step S103, the reading file to be linked, judges the file to be linked In all sections whether split and finish, when do not split finish when, then continue to read next in file to be linked The symbol table information of untreated section, selectes the function or variable symbol of predetermined number in next untreated section successively It is that each group of establishment is newly saved number as one group, obtains multiple input sections;
Step S104, the function that predetermined number in each untreated section is selected successively or variable symbol conduct One group, be that each group of establishment is newly saved, and obtains multiple input sections.
Specifically, in it will be presently in after reason section is split as multiple input sections, it is necessary to judge file to be linked All of section whether all split and finished, needed when judging according to all of section letter in file to be linked Breath is judged.If do not split finish, it is necessary in reading file to be linked next untreated section symbol Table information, selectes the function or variable symbol of predetermined number as one group successively in next untreated section, For each group of establishment is newly saved, multiple input sections are obtained.When it is next it is untreated section fractionation finish after, it is necessary to after Continue remaining other untreated sections in treating threaded file to be split, until by each untreated section all Fractionation is finished.In split process, function or variable symbol included in each group all pre-set, The function or the quantity of variable symbol included in every group can be carried out according to the demand of the security of program Change, the quantity of function or variable symbol included in one group is fewer, program inner function and variable symbol Randomness it is bigger, program is lower by the possibility of successful attack, and then can improve the security of program.
As shown in figure 4, for the embodiment of the present invention splits the process schematic saved in file to be linked:
Step S201, the information for obtaining all files to be linked;
Step S202, judge whether all files to be linked are disposed, flow terminated if being disposed, If untreated finish, into next step;
Step S203, the section information and symbol table information that read file to be linked;
Step S204, judge whether all sections of the file to be linked are disposed;If being disposed Return to step S202, if untreated finish, into step S205;
Step S205, all symbols positioned at the section of lookup, symbol here can be function or variable Symbol;
Step S206, judge whether the symbol of the section is disposed, if being disposed, into step S208 Delete the section;If untreated finish, it is that the symbol creates a new section to enter step S207.
In the above embodiment of the present invention, step S11 saves randomization ground distribution index value to each input, Specifically include:
Step S110, the numerical parameter for obtaining multiple chance events, according to the numerical parameter, generation with Machine, wherein the chance event includes:There is interruption, the input of active user's terminal in current compiling main frame Or the current system time for compiling main frame is read, accordingly, the numerical parameter includes:Current compiling master Number of times numerical value that machine is interrupted, the numerical value of active user's terminal input or the current compiling main frame for being read System time numerical value;
Step S111, according to the random seed generate random sequence;
Each described input section after being split in step S112, the acquisition file to be linked, according to described Random sequence is each the described input section distribution index value after splitting.
Specifically, the numerical parameter of multiple chance events is obtained first, then according to the numerical parameter life for obtaining Into random seed, random sequence is generated further according to random seed.After obtaining random sequence, according to random sequence Each input section after for fractionation distributes an index value.Specifically, it is the function or variable symbol in input section to be Number distribution index value, can include a function or variable symbol, it is also possible to including multiple functions in input section Or variable symbol is, it is necessary to explanation, multiple functions or the quantity of variable symbol here are less than text to be linked The quantity of function or variable symbol included in the section of part.A function or variable are only included in section when being input into During symbol, now the most thorough of fractionation, a function or variable symbol correspondence one are saved in file to be linked Index value, now the randomness of program inner function and variable symbol also accordingly increase, program is by successful attack Possibility will be decreased, and then the security of program is also improved relatively.Three letters are included in section when being input into Number or during variable symbol, for being input into section only comprising a function or variable symbol, now program The randomness of inner function and variable symbol accordingly reduces, and program will be increased therewith by the possibility of successful attack, And then the security of program is also relative weakens, at this moment formed one group of three functions or variable symbol, correspondence one Index value.
In the above embodiment of the present invention, step S112 is according to each that the random sequence is after splitting The input section distribution index value, specifically includes:
It is the presently described fixed index value of input selected parts;
It is detected as presently described input and saves whether the index value selected is used, if had been used, It is the input section one new index value of distribution to call the random sequence again;
If the presently described index value selected of input section is not used by, then mark selected index value by Use, and the corresponding input section is assigned by selected index value.
Specifically, being first the fixed index value of current input selected parts, then the index value selected is examined Survey, judge whether the index value of current selected is used, if testing result shows selected index value Used, then it is current input section one new index value of distribution to need to call random sequence;If detection Result shows that selected index value is not used by, then need to be marked the index value selected, and shows to select Index value it is occupied, it is to avoid other input sections to the occupancy of the index value, and will be selected index value Assign current input in section.
As shown in figure 5, being randomly assigned the schematic flow sheet of index for the embodiment of the present invention;
Step S301, the information for counting all of output section;
Step S302, judge output section whether be disposed, flow is terminated if being disposed, otherwise enter Enter next step;
Step S303, the information for reading the corresponding all input sections of output section, number of lines of going forward side by side statistics;
Step S304, judge it is all of input section whether be disposed, if being disposed return judge defeated Go out S302 the step of whether section is disposed, if untreated finish, into step S305;
The random number of step S305, generation corresponding number;
Step S306, a selected random number, and it is defeated to judge whether selected random number is already allocated to other Enter section, if being assigned with, continue to generate new random number, if unallocated, carry out next step;
Step S307, the index that the random number is saved as current input, are then back to judge all inputs The step of whether section is disposed S304.
In the above embodiment of the present invention, step S12 is specially:
Index value according to the input section determines offset address of the input section in output file is linked, The input section is incorporated into according to the offset address for a determination position in link output file.
Specifically, when corresponding function or variable symbol are incorporated into a link output file, needing first The index value corresponding to input section where determining corresponding function or variable symbol, according to corresponding index Value determines offset address of the input section in output file is linked, and then according to offset address, input is saved, It is specifically the determination position being incorporated into the function being input into section or variable symbol in link output file Put.
As shown in fig. 6, being the Compilation Method overall flow schematic diagram of embodiment of the present invention program chains:
Step S401, the section split again in file to be linked, it is ensured that only a small amount of function in a section Or variable symbol, it is ensured that it is regular constant that section is incorporated into;
Wherein a small amount of function or variable symbol, is each section after fractionation for being compared with original section Included in function or variable symbol quantity of the quantity less than function or variable symbol in former section, enter one Step, the quantity of function included in section or variable symbol after fractionation is fewer, then the safety of program Property also relative improve.
Step S402, all input sections to needing to be merged into same output section, set up index and go forward side by side Row randomization;
Step S403, determine each input section index after, according to its index value and the row of all index values Sequence size, confirms each skew of input section in section is exported;
In step S404, all input sections of merging to output section, end flow.
The embodiment of the present invention provides a kind of compilation device of program chains, as shown in fig. 7, the compilation device Including:
Processing module 20, for obtaining file to be linked, according to the function in the file to be linked or change Quantity symbol, the section in the file to be linked is split, and obtains multiple input sections;
Distribute module 30, for each input section randomization ground distribution index value;
Merging module 40, for the index value according to each input section, by corresponding function or Variable symbol is incorporated into a link output file.
In the above embodiment of the present invention, the processing module 20 includes:
Reading submodule 21, is presently in the symbol table information of reason section in the file to be linked for reading;
Create submodule 22, for according to the symbol table information, lookup be presently in reason section function or Variable symbol, selectes the function or variable symbol that are presently in predetermined number in reason section as one group successively, is Each group of establishment is newly saved, and is obtained and is presently in managing the corresponding multiple described input section of section.
In the above embodiment of the present invention, the processing module 20 also includes:
First treatment submodule 23, is presently in reason section for being selected successively in the establishment submodule 22 The function or variable symbol of predetermined number, as one group, are after each group of establishment is newly saved, chain to be treated described in reading All of section information in file is connect, is judged whether all sections in the file to be linked split and is finished, when not When fractionation is finished, then continue to read the symbol table information of next untreated section in file to be linked, select successively The function or variable symbol of predetermined number, as one group, are that each group of establishment is newly saved in fixed next untreated section, Obtain multiple input sections;
Second processing submodule 24, for select successively predetermined number in each untreated section function or Variable symbol, as one group, is that each group of establishment is newly saved, and obtains multiple input sections.
In the above embodiment of the present invention, the distribute module 30 includes:
First generation submodule 31, the numerical parameter for obtaining multiple chance events, according to the numerical value Parameter, generates random seed, wherein the chance event includes:Current compiling main frame occurs to interrupt, current User terminal is input into or reads the system time of current compiling main frame, and accordingly, the numerical parameter includes: Number of times numerical value that current compiling main frame is interrupted, the numerical value of active user's terminal input or read ought The system time numerical value of preceding compiling main frame;
Second generation submodule 32, for generating random sequence according to the random seed;
Distribution sub module 33, for obtaining each described input section after splitting in the file to be linked, It is each the described input section distribution index value after splitting according to the random sequence.
In the above embodiment of the present invention, the distribution sub module 33 includes:
Selected subelement 331, for being the presently described fixed index value of input selected parts;
First treatment subelement 332, for being detected as whether presently described input saves the index value selected Through being used, if had been used, it is the new index of input section distribution one that the random sequence is called again Value;
Second processing subelement 333, if being not used by for the index value that presently described input section is selected, Then mark selected index value to have been used, and the corresponding input section is assigned by selected index value.
In the above embodiment of the present invention, the merging module 40 is further used for:
Index value according to the input section determines offset address of the input section in output file is linked, The input section is incorporated into according to the offset address for a determination position in link output file.
The Compilation Method of embodiment of the present invention program chains, selects successively by each section of file to be linked The function or variable symbol of predetermined number are determined as one group, are that each group of establishment is newly saved, obtain multiple input sections, It is each input section randomization distribution index value according to the random sequence for previously generating, will according to index value Corresponding function or variable symbol are incorporated into a link output file, can further improve program inner function With the randomness of variable symbol, so as to reduce program by the possibility of successful attack, the safety of program is improved Property.
It should be noted that the compilation device of program chains provided in an embodiment of the present invention is to apply the above method Device, then all embodiments of the above method be applied to the device, and can reach same or analogous Beneficial effect.
The above is the preferred embodiment of the present invention, it is noted that for the common skill of the art For art personnel, on the premise of principle of the present invention is not departed from, some improvements and modifications can also be made, These improvements and modifications also should be regarded as protection scope of the present invention.

Claims (12)

1. a kind of Compilation Method of program chains, it is characterised in that the Compilation Method includes:
File to be linked is obtained, according to function or variable symbol in the file to be linked, chain is treated by described The section connect in file is split, and obtains multiple input sections;
To each input section randomization ground distribution index value;
According to the index value of each input section, corresponding function or variable symbol are incorporated into a chain In connecing output file.
2. the method for claim 1, it is characterised in that described according in the file to be linked Function or variable symbol, the section in the file to be linked is split, and obtains multiple input sections, specifically Including:
Read the symbol table information that reason section is presently in the file to be linked;
According to the symbol table information, lookup is presently in the function or variable symbol of reason section, selectes work as successively The function or variable symbol of predetermined number, as one group, are that each group of establishment is newly saved in preceding handled section, are obtained The multiple described input section corresponding with reason section is presently in.
3. method as claimed in claim 2, it is characterised in that described selecting successively is presently in reason section The function or variable symbol of predetermined number, as one group, are that methods described is also wrapped after each group of establishment is newly saved Include:
All of section information in the file to be linked is read, judges that all sections in the file to be linked are No fractionation is finished, when do not split finish when, then continue to read the symbol of next untreated section in file to be linked Number table information, selectes the function or variable symbol of predetermined number in next untreated section as one group successively, For each group of establishment is newly saved, multiple input sections are obtained;
The function or variable symbol of predetermined number in each untreated section are selected successively as one group, are each Group creates new section, obtains multiple input sections.
4. the method for claim 1, it is characterised in that described to each input section randomization Ground distribution index value, specifically includes:
The numerical parameter of multiple chance events is obtained, according to the numerical parameter, random seed is generated, wherein The chance event includes:There is interruption, the input of active user's terminal or read current in current compiling main frame The system time of main frame is compiled, accordingly, the numerical parameter includes:What current compiling main frame was interrupted The system time number of number of times numerical value, the numerical value of active user's terminal input or the current compiling main frame for being read Value;
Random sequence is generated according to the random seed;
The each described input section after splitting in the file to be linked is obtained, according to the random sequence to tear open Each described input section distribution index value after point.
5. method as claimed in claim 4, it is characterised in that it is described according to the random sequence to split Afterwards each input section distribution index value, specifically includes:
It is the presently described fixed index value of input selected parts;
It is detected as presently described input and saves whether the index value selected is used, if had been used, It is the input section one new index value of distribution to call the random sequence again;
If the presently described index value selected of input section is not used by, then mark selected index value by Use, and the corresponding input section is assigned by selected index value.
6. the method for claim 1, it is characterised in that the institute according to each input section Index value is stated, corresponding function or variable symbol is incorporated into a link output file, specially:
Index value according to the input section determines offset address of the input section in output file is linked, The input section is incorporated into according to the offset address for a determination position in link output file.
7. a kind of compilation device of program chains, it is characterised in that the compilation device includes:
Processing module, for obtaining file to be linked, according to function or variable symbol in the file to be linked Number, the section in the file to be linked is split, obtain multiple input sections;
Distribute module, for each input section randomization ground distribution index value;
Merging module, for the index value according to each input section, by corresponding function or variable In symbol merging to a link output file.
8. device as claimed in claim 7, it is characterised in that the processing module includes:
Reading submodule, is presently in the symbol table information of reason section in the file to be linked for reading;
Submodule is created, for according to the symbol table information, lookup to be presently in the function or variable of reason section Symbol, selectes the function or variable symbol that are presently in predetermined number in reason section as one group successively, is each Group creates new section, obtains and is presently in managing the corresponding multiple described input section of section.
9. device as claimed in claim 8, it is characterised in that the processing module also includes:
First treatment submodule, present count during reason is saved is presently in for being selected successively in the establishment submodule The function or variable symbol of amount, as one group, are after each group of establishment is newly saved, to read the file to be linked In all of section information, judge whether all sections in the file to be linked split and finish, when not split Bi Shi, then continue to read the symbol table information of next untreated section in file to be linked, selectes successively next The function or variable symbol of predetermined number, as one group, are that each group of establishment is newly saved in individual untreated section, are obtained Multiple input sections;
Second processing submodule, function or variable for selecting predetermined number in each untreated section successively Symbol, as one group, is that each group of establishment is newly saved, and obtains multiple input sections.
10. device as claimed in claim 7, it is characterised in that the distribute module includes:
First generation submodule, the numerical parameter for obtaining multiple chance events, according to the numerical parameter, Generation random seed, wherein the chance event includes:There is interruption, active user's end in current compiling main frame The current system time for compiling main frame is read in end input, and accordingly, the numerical parameter includes:Currently Numerical value or the current volume that is read that number of times numerical value that compiling main frame is interrupted, active user's terminal are input into Translate the system time numerical value of main frame;
Second generation submodule, for generating random sequence according to the random seed;
Distribution sub module, for obtaining each described input section after splitting in the file to be linked, according to The random sequence is each the described input section distribution index value after splitting.
11. devices as claimed in claim 10, it is characterised in that the distribution sub module includes:
Selected subelement, for being the presently described fixed index value of input selected parts;
First treatment subelement, for be detected as the presently described index value selected of input section whether by Use, if had been used, it is the input section one new index value of distribution that the random sequence is called again;
Second processing subelement, if being not used by for the index value that presently described input section is selected, then The selected index value of mark has been used, and assigns the corresponding input section by selected index value.
12. devices as claimed in claim 7, it is characterised in that the merging module is further used for:
Index value according to the input section determines offset address of the input section in output file is linked, The input section is incorporated into according to the offset address for a determination position in link output file.
CN201510418582.XA 2015-07-16 2015-07-16 Compiling method and device for program linkage Active CN106708593B (en)

Priority Applications (2)

Application Number Priority Date Filing Date Title
CN201510418582.XA CN106708593B (en) 2015-07-16 2015-07-16 Compiling method and device for program linkage
PCT/CN2015/096591 WO2017008431A1 (en) 2015-07-16 2015-12-07 Compiling method and device for program linking

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201510418582.XA CN106708593B (en) 2015-07-16 2015-07-16 Compiling method and device for program linkage

Publications (2)

Publication Number Publication Date
CN106708593A true CN106708593A (en) 2017-05-24
CN106708593B CN106708593B (en) 2020-12-08

Family

ID=57756779

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201510418582.XA Active CN106708593B (en) 2015-07-16 2015-07-16 Compiling method and device for program linkage

Country Status (2)

Country Link
CN (1) CN106708593B (en)
WO (1) WO2017008431A1 (en)

Citations (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1609799A (en) * 2003-10-23 2005-04-27 微软公司 Resource manifest
US7631292B2 (en) * 2003-11-05 2009-12-08 Microsoft Corporation Code individualism and execution protection
CN101650664A (en) * 2009-06-30 2010-02-17 北京飞天诚信科技有限公司 Link method and linker
CN101782860A (en) * 2009-01-21 2010-07-21 华为技术有限公司 Method and device for linking program
CN102880461A (en) * 2012-08-29 2013-01-16 华为技术有限公司 Compiling and linking method and device
US20130138995A1 (en) * 2011-11-30 2013-05-30 Oracle International Corporation Dynamic hypervisor relocation
CN103339621A (en) * 2011-11-07 2013-10-02 辉达公司 Technique for inter-procedural memory address space optimization in gpu computing compiler
CN104267999A (en) * 2014-09-26 2015-01-07 浙江中控技术股份有限公司 Method and device for compiling control program

Family Cites Families (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101621498A (en) * 2008-06-30 2010-01-06 成都市华为赛门铁克科技有限公司 Method, device and equipment for defending against network attacks
CN101697131B (en) * 2009-11-04 2013-07-03 中兴通讯股份有限公司 Method and device for dynamically loading relocatable file

Patent Citations (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1609799A (en) * 2003-10-23 2005-04-27 微软公司 Resource manifest
US7631292B2 (en) * 2003-11-05 2009-12-08 Microsoft Corporation Code individualism and execution protection
CN101782860A (en) * 2009-01-21 2010-07-21 华为技术有限公司 Method and device for linking program
CN101650664A (en) * 2009-06-30 2010-02-17 北京飞天诚信科技有限公司 Link method and linker
CN103339621A (en) * 2011-11-07 2013-10-02 辉达公司 Technique for inter-procedural memory address space optimization in gpu computing compiler
US20130138995A1 (en) * 2011-11-30 2013-05-30 Oracle International Corporation Dynamic hypervisor relocation
CN102880461A (en) * 2012-08-29 2013-01-16 华为技术有限公司 Compiling and linking method and device
CN104267999A (en) * 2014-09-26 2015-01-07 浙江中控技术股份有限公司 Method and device for compiling control program

Non-Patent Citations (3)

* Cited by examiner, † Cited by third party
Title
(美)LONNON R.FOSTER著: "《Palm OS编程实用大全》", 31 August 2001, 中国水利水电出版社 *
SANDEEP BHATKAR等: "Efficient Techniques for Comprehensive Protection from Memory Error Exploits", 《PROCEEDINGS OF THE 14 TH USENIX SECURITY SYMPOSIUM (2005)》 *
戈戟等: "地址空间随机化技术研究", 《计算机应用及软件》 *

Also Published As

Publication number Publication date
CN106708593B (en) 2020-12-08
WO2017008431A1 (en) 2017-01-19

Similar Documents

Publication Publication Date Title
JP6522707B2 (en) Method and apparatus for coping with malware
CN102132289B (en) Method and device for code obfuscation
CN107819569B (en) The encryption method and terminal device of log-on message
CN104281611A (en) User flow distribution method and device in website testing system
EP3000068A1 (en) Protecting data
US10867050B2 (en) Method and apparatus for generating dynamic security module
CN101908119A (en) Method and device for processing dynamic link library (DLL) file
CN110569628B (en) Code obfuscation method and device, computer device and storage medium
CN103902729A (en) Method and device for recommending application program
CN112839036B (en) Software running environment generation method and system based on mimicry defense theory
CN105224862A (en) A kind of hold-up interception method of office shear plate and device
CN103995705A (en) Operating system address space randomized distribution system and method
CN103235918A (en) Method and system for collecting trusted file
CN101710305A (en) Method and system for realizing white box testing of computer software
CN109918877A (en) A kind of data ciphering method, system, client and computer readable storage medium
CN113010897A (en) Cloud computing security management method and system
CN106708593A (en) Compiling method and device of program link
CN104965701A (en) Method and device for acquiring application information
CN101315655A (en) Method and apparatus for preventing overflow attack of buffer area
CN106789051A (en) A kind of method for protecting file, device and computing device
CN112003847A (en) Front-end authority access method and equipment
CN107087002A (en) A kind of encipher-decipher method of data, device and electronic equipment
CN112367396B (en) Method and device for determining sample characteristic quantile in distributed cluster
CN111159714B (en) Method and system for verifying credibility of main body in operation in access control
CN108415767A (en) Server thread control method, device, equipment and readable storage medium storing program for executing

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant