CN109426702B - iOS platform file reading protection method, storage medium, electronic device and system - Google Patents
iOS platform file reading protection method, storage medium, electronic device and system Download PDFInfo
- Publication number
- CN109426702B CN109426702B CN201710772659.2A CN201710772659A CN109426702B CN 109426702 B CN109426702 B CN 109426702B CN 201710772659 A CN201710772659 A CN 201710772659A CN 109426702 B CN109426702 B CN 109426702B
- Authority
- CN
- China
- Prior art keywords
- file
- function
- stack information
- mach
- open
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
- 238000000034 method Methods 0.000 title claims abstract description 27
- 238000012545 processing Methods 0.000 claims abstract description 9
- 230000006870 function Effects 0.000 claims description 196
- 238000004590 computer program Methods 0.000 claims description 11
- 230000009191 jumping Effects 0.000 claims description 5
- 230000008569 process Effects 0.000 description 5
- 239000011800 void material Substances 0.000 description 4
- 238000011161 development Methods 0.000 description 2
- 239000003999 initiator Substances 0.000 description 2
- 238000012986 modification Methods 0.000 description 2
- 230000004048 modification Effects 0.000 description 2
- 230000027455 binding Effects 0.000 description 1
- 238000009739 binding Methods 0.000 description 1
- 230000007547 defect Effects 0.000 description 1
- 230000001419 dependent effect Effects 0.000 description 1
- 238000010586 diagram Methods 0.000 description 1
- 238000013507 mapping Methods 0.000 description 1
- 238000012544 monitoring process Methods 0.000 description 1
- 230000003287 optical effect Effects 0.000 description 1
- 230000004044 response Effects 0.000 description 1
- 230000003068 static effect Effects 0.000 description 1
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/10—Protecting distributed programs or content, e.g. vending or licensing of copyrighted material ; Digital rights management [DRM]
- G06F21/12—Protecting executable software
- G06F21/121—Restricting unauthorised execution of programs
- G06F21/125—Restricting unauthorised execution of programs by manipulating the program code, e.g. source code, compiled code, interpreted code, machine code
- G06F21/126—Interacting with the operating system
Landscapes
- Engineering & Computer Science (AREA)
- Software Systems (AREA)
- Computer Security & Cryptography (AREA)
- Theoretical Computer Science (AREA)
- Multimedia (AREA)
- Technology Law (AREA)
- Computer Hardware Design (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Storage Device Security (AREA)
Abstract
The invention relates to the field of information security, and discloses an iOS platform file reading protection method, which comprises the following steps of S1: acquiring all Mach-o files in the iOS system; s2: analyzing the Mach-o file to obtain the name and the pointer of each function in each Mach-o file, traversing the name of each function and finding an open function in each Mach-o file; s3: writing a hook function; s4: when the open function is used for reading the file content, the hook function is used for obtaining calling stack information of the current open function, the obtained calling stack information is uploaded to the background server to judge the legality of the obtained calling stack information, if the obtained calling stack information is legal, processing is not carried out, and if the obtained calling stack information is illegal, the file reading operation of the current open function is forbidden. The invention can effectively ensure the reading safety of the file content data.
Description
Technical Field
The invention relates to the field of information security, in particular to an iOS platform file reading protection method, a storage medium, electronic equipment and a system.
Background
Currently, with the increasing popularity of mobile devices, the mobile application industry, especially iOS applications, has rapidly developed, and the development mode and code framework of iOS applications have changed dramatically. For the iOS platform, the application program is divided into a main program and a module file, the module file is a dylib file, the dylib file is a dynamic link library file on the iOS platform, in the development process of the iOS application, if some function modules need to be written and injected into corresponding processes to run, a dylib file is written, then the dylib file is injected into the corresponding processes to run, and for the acquisition of file data in the iOS application, a dylib file is correspondingly written and injected into the iOS application to acquire file data.
However, some important or core data in some iOS applications are always saved in files of the iOS applications, such as an intermediate result file temporarily stored in an application, and at this time, an illegal person can write a dylib file and inject the dylib file into the iOS application to read the files saved in the iOS application, so that the file content is illegally read, and the core data is lost.
Disclosure of Invention
Aiming at the defects in the prior art, the invention aims to provide a file reading protection method for an iOS platform, which can effectively ensure the reading safety of file content data.
In order to achieve the above purposes, the technical scheme adopted by the invention is as follows:
s1: acquiring all Mach-o files in the iOS system and a memory starting address corresponding to each Mach-o file, and acquiring a virtual memory address of each Mach-o file in a memory according to the memory starting address;
s2: analyzing the Mach-o file according to the virtual memory address of the Mach-o file in the memory to obtain the name and the pointer of each function in each Mach-o file, traversing the name of each function and finding out the open function in each Mach-o file;
s3: writing a hook function, wherein the hook function is used for acquiring call stack information of an open function;
s4: when the open function is used for reading the file content, the hook function is used for obtaining calling stack information of the current open function, the obtained calling stack information is uploaded to the background server to judge the legality of the obtained calling stack information, if the obtained calling stack information is legal, processing is not carried out, and if the obtained calling stack information is illegal, the file reading operation of the current open function is forbidden.
On the basis of the technical proposal, the device comprises a shell,
the background server comprises a database;
all legal call stack information of all open functions is stored in the database;
and judging whether the acquired call stack information exists in the database, if so, judging that the acquired call stack information is legal, and if not, judging that the acquired call stack information is illegal.
On the basis of the technical proposal, the device comprises a shell,
the hook function is used for replacing the memory address of the target function into a set address;
when the target function is executed, jumping to a set address to acquire calling stack information;
the objective function is an open function.
On the basis of the above technical solution, in S4, the obtaining of the call stack information of the current open function specifically includes:
s401: acquiring a memory address of an open function in the Mach-o file according to the virtual memory address and the pointer of the Mach-o file;
s402: replacing the memory address of the open function with a set address;
s403: and skipping the open function to a set address to acquire the call stack information of the open function.
On the basis of the technical scheme, defining the memory address of an open function obtained according to the virtual memory address of the Mach-o file and the pointer as an original memory address;
when the call stack information of the open function is judged to be legal, the open function jumps back to the original memory address.
The invention also provides a storage medium having stored thereon a computer program which, when executed by a processor, implements the method described above.
The invention also provides an electronic device, which comprises a memory and a processor, wherein the memory stores a computer program running on the processor, and the processor executes the computer program to realize the method.
The invention also provides an iOS platform file reading protection system, which comprises:
the acquisition module is used for acquiring all Mach-o files in the iOS system and the memory starting address corresponding to each Mach-o file, and acquiring the virtual memory address of each Mach-o file in the memory according to the memory starting address;
the execution module is used for simultaneously analyzing the Mach-o files according to the virtual memory addresses of the Mach-o files in the memory to obtain the names and pointers of all functions in each Mach-o file, traversing the names of all functions to find out the open functions in each Mach-o file, and simultaneously compiling a hook function which is used for acquiring the calling stack information of the open functions;
and the judging module is used for acquiring the calling stack information of the current open function by using a hook function when the open function is used for reading the file content, uploading the acquired calling stack information to the background server to judge the legality of the acquired calling stack information, if the acquired calling stack information is legal, the processing is not carried out, and if the acquired calling stack information is illegal, the file reading operation of the current open function is forbidden.
On the basis of the technical scheme, the background server comprises a database; all legal call stack information of all open functions is stored in the database; and judging whether the acquired call stack information exists in the database, if so, judging that the acquired call stack information is legal, and if not, judging that the acquired call stack information is illegal.
On the basis of the technical scheme, the hook function is used for replacing the memory address of the target function into a set address; when the target function is executed, jumping to a set address to acquire calling stack information; the objective function is an open function.
Compared with the prior art, the invention has the advantages that: aiming at an open function which is required to be called when the file content in the application program is read, the related information of the current specific file content reading operation can be obtained according to calling stack information, when the open function is used for reading the file content, a hook function is used for obtaining the calling stack information of the current open function, the obtained calling stack information is uploaded to a background server for judgment, all legal calling stack information is stored in the background server, if the legal calling stack information is legal, processing is not carried out, the open function continues to read the file content, and if the legal calling stack information is not legal, the file reading operation of the current open function is forbidden, so that the data safety is effectively ensured.
Drawings
FIG. 1 is a flowchart of a method for reading and protecting files of an iOS platform according to an embodiment of the present invention;
fig. 2 is a schematic structural diagram of an electronic device according to an embodiment of the present invention.
Detailed Description
The present invention will be described in further detail with reference to the accompanying drawings and examples.
Referring to fig. 1, an embodiment of the present invention provides an iOS platform file reading protection method, which is used for judging validity of a file content reading operation in a program in an iOS system, so as to effectively ensure data reading security. In the iOS system, the reading operation of all the file contents is finally realized by calling an open function, so that the calling stack information when the open function is called is obtained by monitoring the logic of the open function, and the legality of the calling stack information is judged, thereby judging whether the reading operation of the current file is legal or not. open functions are used to open or create files. For the open function, the prototype is as follows:
int open(const char*,int,...);
wherein, the parameter constchar marks the name of the file to be opened; the parameter int marks the operation on the file; the return value int indicates whether its operation was successful, etc.
The iOS platform file reading protection method of the embodiment of the invention specifically comprises the following steps:
s1: and acquiring all the Mach-o files in the iOS system and the memory starting address corresponding to each Mach-o file, and acquiring the virtual memory address of each Mach-o file in the memory according to the memory starting address. The open function is located in a Mach-o file, wherein the Mach-o is the format of an executable file in an iOS system, for the structure of the Mach-o file, a header structure, a load command and a segment are specifically included, one Mach-o file can have a plurality of segments, each segment can have zero or more regions (sections), each segment has a section of virtual address mapping to the address space of a process, and meanwhile, the end of a complete Mach-o file is link information which includes symbol tables, character strings and the like required by a dynamic loader for linking the executable file or a dependent library. The open function is located in the Mach-o file, and one iOS application program can load a plurality of Mach-o files during running, and each Mach-o file can possibly call the open function to read the file content in the program, so that in order to ensure the accuracy of judgment, all the Mach-o files in the iOS system need to be acquired, and the subsequent operation is convenient to perform.
For the acquisition of the Mach-o files in the system, the number of the Mach-o files in the system and the memory starting address of the Mach-o files can be firstly acquired through a system function, and the specific implementation is as follows: uint32_ t c ═ _ dyld _ image _ count ();
obtaining the number of the loaded Mach-o files in the iOS system through the _ dyld _ image _ count, and then executing
for(uint32_t i=0;i<c;i++)
I.e. traverse the Mach-o file through a for loop, then
onst struct mach_header*header=_dyld_get_image_header(i)
Namely, the memory start address of the Mach-o file is obtained through the function _ dyld _ get _ image _ header, and then
intptr_t slide=_dyld_get_image_vmaddr_slide(i);
Namely, the virtual memory address of the Mach-o file in the memory is obtained through the function _ dyld _ get _ image _ vmaddr _ slide.
S2: and analyzing the Mach-o file according to the virtual memory address of the Mach-o file in the memory to obtain the name and the pointer of each function in each Mach-o file, traversing the name of each function and finding the open function in each Mach-o file. The step is to find out an objective function in the Mach-o file, wherein the objective function is an open function. Specifically, the method comprises the following steps:
parsing the Mach-o file, finding linkedit _ segment, symtab _ cmd and dysymtab _ cmd in a load command, and finding the symtab and strtab in the symtab _ cmd through the linkedit _ segment, wherein the strtab stores the name of each function in the Mach-o file, the strtab stores the index of each function in the Mach-o file, and the function pointer of each function in the Mach-o file is stored in the section, so that the section needs to be further parsed from the Mach-o file, and the process is as follows: acquiring the corresponding cmd from the Mach-o file, and analyzing the Mach-o file as an open source, so that cmd addresses such as an invite _ segment, a symtab _ cmd and a dysymtab _ cmd which need to be searched can be analyzed according to the open source code, so that the Load command of the Mach-o file is traversed to search, and finally, a section, a symtab, a strctab and an index _ symtab can be searched. After the name and the pointer of each function in each Mach-o file are obtained, the name of each function can be traversed, and an open function in each Mach-o file can be found.
S3: writing a hook function, wherein the hook function is used for acquiring call stack information of an open function; namely, the hook function is used for replacing the memory address of the target function into a set address, and when the target function is executed, the target function jumps to the set address to acquire call stack information, wherein the target function is an open function. The set address is an artificially written function address, and is used for executing an open function after the open function jumps, so as to acquire call stack information.
In the present example, the prototype of the hook function is as follows:
HOOK_Function(char*pFuncName,void*pNew,void**pSaveOrg);
wherein, the HOOK _ Function is the name of the HOOK Function;
the parameter char pFuncName indicates the function name that needs hook, here called open;
the parameter void pNew indicates the memory address of the replaced function;
the parameter void × pSaveOrg indicates the memory address of the original function of the storage system.
S4: when the open function is used for reading the file content, the hook function is used for obtaining calling stack information of the current open function, the obtained calling stack information is uploaded to the background server to judge the legality of the obtained calling stack information, if the obtained calling stack information is legal, processing is not carried out, and if the obtained calling stack information is illegal, the file reading operation of the current open function is forbidden.
For the acquisition of the call stack information of the current open function, the specific steps are as follows:
s401: and acquiring the memory address of the open function in the Mach-o file according to the virtual memory address and the pointer of the Mach-o file.
S402: and replacing the memory address of the open function with the set address. The implementation function is pSaveOrg, set _ index _ symbol _ bindings [ i ].
S403: and skipping the open function to a set address to acquire the call stack information of the open function.
When an open function reads file contents, the original memory address of the open function is replaced by a hook mode, so that the open function jumps to the memory address set by the open function, and a function pointer static int (const char, int.); the function is used for storing the original memory address of the open function, so that the whole open function can jump to a set address when executed, and execute the function of the related call stack information, thereby facilitating the acquisition of the call stack information, wherein the function for acquiring the call stack information is as follows:
int my_open(const char*,int,...)
{
int nFrameCount=backtrace(pAddr,10);
char**pFrameStrings=backtrace_symbols(pAddr,nFrameCount);
the background server comprises a database; all legal call stack information of all open functions is stored in the database; judging whether the acquired call stack information exists in the database, if so, judging that the acquired call stack information is legal, if not, judging that the acquired call stack information is illegal, and when an open function reads the file content, the open function corresponds to the call stack information, and if so, the normal file content reading operation is carried out, wherein the call stack information corresponding to the open function is legal. Meanwhile, defining the memory address of the open function obtained according to the virtual memory address of the Mach-o file and the pointer as an original memory address; when the call stack information of the open function is judged to be legal, the open function jumps back to the original memory address.
The principle of the file reading protection method of the iOS platform in the embodiment of the invention is that aiming at an open function which is required to be called when the content of a file in an application program is read, and calling stack information corresponding to the open function is different when the open function is called to read the content of a certain file, the related information of the current specific file content reading operation can be obtained according to the calling stack information, such as a file content reading operation initiator and the like, all open functions in Mach-o files in the iOS system are obtained, through the means of a hook function, when the open function is used for reading the content of the file, the calling stack information of the current open function is obtained by the hook function, and the obtained calling stack information is uploaded to a background server for judgment, all legal calling stack information is stored in the background server, if the legal calling stack information is legal, no processing is carried out, and the open function continues to read the file content, and if the file content is illegal, the file reading operation of the current open function is prohibited, so that the data safety is effectively ensured.
In addition, corresponding to the iOS platform file reading protection method, the present invention further provides a storage medium, where a computer program is stored on the storage medium, and the computer program, when executed by a processor, implements the steps of the iOS platform file reading protection method described in the foregoing embodiments. The storage medium includes various media capable of storing program codes, such as a usb disk, a removable hard disk, a ROM (Read-Only Memory), a RAM (Random Access Memory), a magnetic disk, or an optical disk.
Referring to fig. 2, in response to the iOS platform file reading protection method, the present invention further provides an electronic device, which includes a memory and a processor, where the memory stores a computer program running on the processor, and the processor executes the computer program to implement the iOS platform file reading protection method according to the foregoing embodiments.
The embodiment of the invention also provides an iOS platform file reading protection system based on the iOS platform file reading protection method, which comprises an acquisition module, an execution module and a judgment module.
The acquisition module is used for acquiring all Mach-o files in the iOS system and the memory starting address corresponding to each Mach-o file, and acquiring the virtual memory address of each Mach-o file in the memory according to the memory starting address; the execution module is used for analyzing the Mach-o files, obtaining the name and the pointer of each function in each Mach-o file, traversing the name of each function, finding the open function in each Mach-o file, and simultaneously writing a hook function, wherein the hook function is used for obtaining the call stack information of the open function; the judging module is used for acquiring calling stack information of the current open function by using a hook function when the open function is used for reading file contents, uploading the acquired calling stack information to the background server to judge the legality of the acquired calling stack information, if the acquired calling stack information is legal, the processing is not carried out, and if the acquired calling stack information is illegal, the file reading operation of the current open function is forbidden.
The background server comprises a database; all legal call stack information of all open functions is stored in the database; and judging whether the acquired call stack information exists in the database, if so, judging that the acquired call stack information is legal, and if not, judging that the acquired call stack information is illegal. The hook function is used for replacing the memory address of the target function into a set address; when the target function is executed, jumping to a set address to acquire calling stack information; the objective function is an open function.
The principle of the file reading protection system of the iOS platform in the embodiment of the invention is that aiming at an open function which is required to be called when the file content in an application program is read, and calling stack information corresponding to the open function is different when the open function is called to read the content of a certain file, the related information of the current specific file content reading operation can be obtained according to the calling stack information, such as a file content reading operation initiator and the like, all open functions in Mach-o files in the iOS system are obtained through an obtaining module, through the means of a hook function, when the open function is used for reading the file content, the calling stack information of the current open function is obtained through the hook function, the obtained calling stack information is uploaded to a background server for judgment through a judging module, and all legal calling stack information is stored in the background server, if the read operation is legal, the read operation is not performed, the open function continues to read the file content, and if the read operation is illegal, the read operation of the current open function is forbidden, so that the data safety is effectively ensured.
The present invention is not limited to the above-described embodiments, and it will be apparent to those skilled in the art that various modifications and improvements can be made without departing from the principle of the present invention, and such modifications and improvements are also considered to be within the scope of the present invention. Those not described in detail in this specification are within the skill of the art.
Claims (7)
1. An iOS platform file reading protection method is characterized by comprising the following steps:
s1: acquiring all Mach-o files in the iOS system and a memory starting address corresponding to each Mach-o file, and acquiring a virtual memory address of each Mach-o file in a memory according to the memory starting address;
s2: analyzing the Mach-o file according to the virtual memory address of the Mach-o file in the memory to obtain the name and the pointer of each function in each Mach-o file, traversing the name of each function and finding out the open function in each Mach-o file;
s3: writing a hook function, wherein the hook function is used for acquiring call stack information of an open function, the hook function is used for replacing a memory address of a target function into a set address, when the target function is executed, jumping to the set address to acquire the call stack information, and the target function is the open function;
s4: when an open function is used for reading file contents, a hook function is used for obtaining calling stack information of the current open function, the obtained calling stack information is uploaded to a background server to judge the legality of the obtained calling stack information, if the obtained calling stack information is legal, processing is not carried out, and if the obtained calling stack information is illegal, the file reading operation of the current open function is forbidden;
in S4, the obtaining of the call stack information of the current open function specifically includes:
s401: acquiring a memory address of an open function in the Mach-o file according to the virtual memory address and the pointer of the Mach-o file;
s402: replacing the memory address of the open function with a set address;
s403: and skipping the open function to a set address to acquire the call stack information of the open function.
2. The iOS platform file read protection method of claim 1, wherein:
the background server comprises a database;
all legal call stack information of all open functions is stored in the database;
and judging whether the acquired call stack information exists in the database, if so, judging that the acquired call stack information is legal, and if not, judging that the acquired call stack information is illegal.
3. The iOS platform file read protection method of claim 1, wherein:
defining a memory address of an open function obtained according to a virtual memory address and a pointer of the Mach-o file as an original memory address;
when the call stack information of the open function is judged to be legal, the open function jumps back to the original memory address.
4. A storage medium having a computer program stored thereon, characterized in that: the computer program, when executed by a processor, implements the method of any of claims 1 to 3.
5. An electronic device comprising a memory and a processor, the memory having stored thereon a computer program that runs on the processor, characterized in that: the processor, when executing the computer program, implements the method of any of claims 1 to 3.
6. An iOS platform file read protection system, comprising:
the acquisition module is used for acquiring all Mach-o files in the iOS system and the memory starting address corresponding to each Mach-o file, and acquiring the virtual memory address of each Mach-o file in the memory according to the memory starting address;
the execution module is used for simultaneously analyzing the Mach-o files according to the virtual memory addresses of the Mach-o files in the memory to obtain the names and pointers of all functions in each Mach-o file, traversing the names of all the functions to find out the open functions in each Mach-o file, and simultaneously writing a hook function, wherein the hook function is used for obtaining the calling stack information of the open functions, and the hook function is used for replacing the memory addresses of the target functions into set addresses; when the target function is executed, jumping to a set address to acquire calling stack information; the objective function is an open function;
the judging module is used for acquiring calling stack information of the current open function by using a hook function when the open function is used for reading file contents, uploading the acquired calling stack information to a background server to judge the legality of the acquired calling stack information, if the acquired calling stack information is legal, processing is not carried out, and if the acquired calling stack information is illegal, the file reading operation of the current open function is forbidden;
the obtaining of the call stack information of the current open function specifically includes:
acquiring a memory address of an open function in the Mach-o file according to the virtual memory address and the pointer of the Mach-o file;
replacing the memory address of the open function with a set address;
and skipping the open function to a set address to acquire the call stack information of the open function.
7. The iOS platform file read protection system of claim 6, wherein: the background server comprises a database; all legal call stack information of all open functions is stored in the database; and judging whether the acquired call stack information exists in the database, if so, judging that the acquired call stack information is legal, and if not, judging that the acquired call stack information is illegal.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201710772659.2A CN109426702B (en) | 2017-08-31 | 2017-08-31 | iOS platform file reading protection method, storage medium, electronic device and system |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201710772659.2A CN109426702B (en) | 2017-08-31 | 2017-08-31 | iOS platform file reading protection method, storage medium, electronic device and system |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN109426702A CN109426702A (en) | 2019-03-05 |
| CN109426702B true CN109426702B (en) | 2021-05-28 |
Family
ID=65505386
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201710772659.2A Active CN109426702B (en) | 2017-08-31 | 2017-08-31 | iOS platform file reading protection method, storage medium, electronic device and system |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN109426702B (en) |
Families Citing this family (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN110532774A (en) * | 2019-07-24 | 2019-12-03 | 阿里巴巴集团控股有限公司 | Hook inspection method, device, server and readable storage medium storing program for executing |
| CN117113423B (en) * | 2023-10-24 | 2024-04-12 | 中电科网络安全科技股份有限公司 | Transparent encryption method, device, equipment and storage medium for database |
Citations (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN107358071A (en) * | 2017-06-07 | 2017-11-17 | 武汉斗鱼网络科技有限公司 | Prevent the method and device that function illegally calls in Flash application programs |
Family Cites Families (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103761089B (en) * | 2014-01-14 | 2017-09-15 | 清华大学 | The method that kinematic function call relation is determined based on register transfer language |
| CN106295340A (en) * | 2016-08-03 | 2017-01-04 | 武汉斗鱼网络科技有限公司 | A kind of program file recovery system and method |
| CN106650355B (en) * | 2016-12-08 | 2020-04-10 | 武汉斗鱼网络科技有限公司 | Method and device for protecting function call |
| CN106681811B (en) * | 2016-12-08 | 2021-09-14 | 腾讯科技(深圳)有限公司 | Multithreading scheduling method and device based on thread pool |
-
2017
- 2017-08-31 CN CN201710772659.2A patent/CN109426702B/en active Active
Patent Citations (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN107358071A (en) * | 2017-06-07 | 2017-11-17 | 武汉斗鱼网络科技有限公司 | Prevent the method and device that function illegally calls in Flash application programs |
Also Published As
| Publication number | Publication date |
|---|---|
| CN109426702A (en) | 2019-03-05 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN108614707A (en) | Static code inspection method, device, storage medium and computer equipment | |
| CN107808094A (en) | The system and method for detecting the malicious code in file | |
| US8020156B2 (en) | Bulk loading system and method | |
| CN107544811B (en) | Method, storage medium, electronic device and system for hiding dylib file in IOS platform | |
| CN109426496B (en) | Method for writing program log into file, storage medium, electronic device and system | |
| CN105468505A (en) | Coverage test method and coverage test device | |
| CN107545182A (en) | Around the method and system of function call chain detection in a kind of IOS applications | |
| CN109426702B (en) | iOS platform file reading protection method, storage medium, electronic device and system | |
| CN105653906A (en) | Anti-kernel-hook method based on address randomization | |
| CN111027072B (en) | Kernel Rootkit detection method and device based on elf binary standard analysis under Linux | |
| Murawski et al. | A contextual equivalence checker for IMJ | |
| CN102945342B (en) | Progress recognizing method, device and terminal device | |
| CN102930200B (en) | Progress recognizing method, device and terminal device | |
| CN113805861B (en) | Code generation method based on machine learning, code editing system and storage medium | |
| CN114020278B (en) | Data processing method, device, equipment and storage medium | |
| US20130262843A1 (en) | Function-based software comparison method | |
| CN106897588B (en) | Processing method and device of label function | |
| CN116955209B (en) | WebAsssembly virtual machine testing method and device | |
| CN109710305A (en) | A kind of acquisition methods, device, storage medium and terminal device for developing information | |
| CN116451189B (en) | Code feature hiding method and device | |
| CN112199160B (en) | Virtual instruction recovery method, device, equipment and storage medium | |
| CN114527963B (en) | Class inheritance relation identification method in C++ binary file and electronic device | |
| CN112799942B (en) | Keil C51-based software source code and target code coverage rate analysis method and system | |
| CN115659342B (en) | Harmless PE file executing method and device, electronic equipment and storage medium | |
| CN113946347B (en) | Function call detection method and device, electronic equipment and readable medium |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |