PsL Monthly 1993 December

home *** CD-ROM | disk | FTP | other *** search

/ PsL Monthly 1993 December / PSL Monthly Shareware CD-ROM (December 1993).iso / prgmming / dos / c / blckade.exe / BLOCKADE.DOC < prev next >

Wrap

Text File | 1992-10-23 | 26.7 KB | 991 lines

BLOCKADE (TM) A self checker library for C programs Copyright (C) 1991,92 Indusoft Corp. Indusoft Corp. PO. Box 26747 Greenville, SC 29616-1747 Blockade, (C) Copyright 1991-92 Indusoft Corp. page -1- OVERVIEW Blockade is a function library for C programmers which allows your C programs to protect themselves against unauthorized changes. Virus protection IMMEDIATELY comes to mind as its main use, but there are more. I wrote BLOCKADE so that programs I wrote could check themselves. Have you had those times too? Those unexplainable times when a program runs but has some odd behavior that makes you suspect corruption, virus related or not. This happened to me when I was checking out a disk caching utility. Files I had compiled and linked often quit running after copying them to another disk or subdirectory. The combination of controller, BIOS, and cache software was causing just a few bytes of a file to be altered anytime I copied it (and of course without warning or notice). After several hours of searching, I found the problem and looked for a way to make my programs self checking. The result was BLOCKADE. BLOCKADE checks every byte of your EXE or COM to insure that changes are detected. Its algorithm is designed to be effective but fast enough allow use in your programs. I also use BLOCKADE in my products to protect against unauthorized patches to my programs and to protect my customers from running versions of the program damaged unintentionally. Blockade is easy to use. 1 major function analyses your EXE file and returns a status code indicating whether your file has been altered. Blockade, (C) Copyright 1991-92 Indusoft Corp. page -2- NEAT FEATURES * Fast operation. A 40k EXE file can check itself in less than 3 seconds on a 12 MHZ AT. * Ease of use. A few #includes and only a handful of additions are needed to use BLOCKADE. No changes to your program's basic structure are necessary. * Ability to add user data to a program "skeleton". useful for adding customer names and serial numbers. * Expandable. BLOCKADE can be modified to extend the number and type checking methods you use. The source code to BLOCKADE is available, allowing you to create new checking methods unique to your application. THEORY OF OPERATION Blockade works via 2 pieces of code you add to your program. (1) A special data structure "SIGNATUR.H", which is #include'd in your program. The structure reserves room for the information BLOCKADE will need to analyze your program. (2) The function blockade(), which checks your program for alteration. After linking, a special program (BRAND.EXE) is run to find the special string included by "SIGNATUR.H" in the data area of your EXE file, calculate the checking information and overwrite that area with the data blockade() needs to detect changes to your file. Once branded, your program can check itself for changes each time it is run. Blockade, (C) Copyright 1991-92 Indusoft Corp. page -3- I HAVE TO RUN BRAND.EXE EACH TIME I RELINK MY APPLICATION ? That's the problem I had with other products similar to BLOCKADE. The biggest headache was time - it seemed to take forever for them to calculate and update my program. To combat that, ALOT of time went into the all the utilities to make things FAST. For example, on an 8 MHz AT, the Brand utility will analyze and brand a 40 K .EXE file in less than 4 seconds. The same thing is true for your developed applications. Nobody wants to wait 30-40 seconds every time they start your program while it self checks. The check algorithm in BLOCKADE is quick. Running from a hard disk, I doubt anyone will notice the delay. I leave the BLOCKADE code linked in during development - to take into account the effect it has on speed and memory use - but have the program ignore any error codes until my final production link. Blockade, (C) Copyright 1991-92 Indusoft Corp. page -4- CONTENTS This self extracting file should contain at least the following files: blkade1.c - the error message function used by BLOCKADE. blkdmoms.lib - Blockade demo library Microsoft 5.1 (Small model) blkdmoml.lib - Blockade demo library Microsoft 5.1 (Large model) blkdmots.lib - Blockade demo library Turbo C 2.01 (Small model) blkdmotl.lib - Blockade demo library Turbo C 2.01 (Large model) blkdmobs.lib - Blockade demo library Borland C++ 2.0 (Small model) blkdmobl.lib - Blockade demo library Borland C++ 2.0 (Large model) brand.exe - calculates your program's checkcode data and "brands" it into your .EXE file. demo.c - Demonstrates use of the Blockade function library. demo.exe - Demo program demonstrating BLOCKADE's use. demo.mak - Microsoft C make file for DEMO.EXE. rundemo.bat - Demonstrates use of the Blockade system. mksig.exe - Generates a SIGNATUR.H file. signatur.h - include file to be embedded in your program. blkproto.h - function prototypes for blockade functions. userdata.dat - a sample user data file used with DEMO.EXE. read.me - any last minute info. The file BLKDEMO.PAK is an ASCII file listing the exact files in this distribution. COMPILER'S SUPPORTED The test drive of BLOCKADE version comes with libraries for Turbo C 2.0, Borland C++ 2.0 and Microsoft C 5.x. I don't know if these are usable with Microsoft 6.0. According to Borland, the C++ libraries are NOT reliably usable with Turbo C 2.0. However, Turbo C++ and Borland C++ libraries do seem to be compatible. For now, folks with other C compilers must license the source code and compile it themselves. BLOCKADE and all it's support programs are written in (almost) ANSI C so things should compile up just fine. The libraries were compiled with the following options. For TC : tc -O -G -c -ml(or s) For BCC : bcc -O -G -c -ml(or s) For MSC : CL /W3 /Ox /Zi /c /AL(or S) Blockade, (C) Copyright 1991-92 Indusoft Corp. page -5- Below is an short program illustrating the BLOCKADE system. (This is in fact a section of the DEMO program included in your BLOCKADE package) /* ------------------------------------------- */ #include "blkproto.h" /* function prototypes */ #include "signatur.h" /* holds the signature string */ /* ------------------------------------------- */ main(int argc, char **argv) { char *sp; int stat; printf("Checking myself for changes..\n"); stat = blockade( argv[0], 8000); printf ("Results of file self check = %d\n", stat); sp = get_blk_err_msg( stat); printf("The status my self check was \"%s\". \n", sp); return(0); } The above example illustrates how easy it is to add self checking to your programs. Blockade, (C) Copyright 1991-92 Indusoft Corp. page -6- Prototype : int blockade( const char *filename, int buffer_size); Description: Attempts to open "filename" and analyze it for any alterations. Allocates "buffer_size" bytes of dynamic memory for disk I/O to improve scanning performance. Allowable buffer sizes are from 512 to approximately 30000 bytes inclusive. Buffer sizes outside this range are set to the closest allowable size within the function. Returns 0 if no changes are detected, else returns a non-zero status indicating the reason for failure. The user's application must decide what action to take based on the status. Example: include "signatur.h" stat = blockade( "DEMO.EXE", 1024); if (status != 0) { printf(" This file has be altered !!!\n"); } Attempts to open DEMO.EXE located int the current directory and analyzes it for any changes. Allocates 1024 bytes of dynamic memory for disk I/O to speed things along. Prints an error message if any alteration if found. Note: Although the above example if perfectly legal, it is better to use arg[0] rather than a hard coded program name. The program's real name is the only one which will work anyway. Arg[0] provides this in all DOS versions 3.0 and above. Blockade, (C) Copyright 1991-92 Indusoft Corp. page -7- Prototype : char *get_blk_err_msg( int status ); Description: Returns a READ ONLY pointer to a message relating to the "status" code. This message can then be used to explain or document the error to the user. NOTE: The pointed to string must not be modified. Unpredictable operation may result if modification takes place. Make a copy of this string if you intend to alter it. Example: { int status; status = blockade( arg[0] , 0); if (status != 0) { sp = get_blk_err_msg(stat); printf( "%s\n", sp ); } return(status); } Attempts to open MYSELF.EXE located in subdirectory C:\BLOCK\BIN and analyze it for any changes. Since 0 bytes (less than the minimum) were specified for buffer, the minimum (BLKSIZ bytes) is used for disk buffering. Prints an error message if any alteration if found or if file cannot be successfully opened and analyzed. Blockade, (C) Copyright 1991-92 Indusoft Corp. page -8- Prototype: void * blk_user_pointer( int *size ) Description: Returns a void pointer to the first char of the user area, and the size of that region. Use this pointer with its associated size to access your user data inserted when you branded your program. Returns NULL if no user area specified. NO checks are made to make sure you actually LOADED the user area with data when you branded the program. Note that your user data can be anytihng, a string, or binary data. It is up to you to cast or map it into the format you need to use. Example: { char *sp; void *vp; int k, size; vp = blk_user_pointer( &size ); /* Find user string.*/ sp = (char *) vp; /* Cast to char *. */ for (k = size; k >= 0 && *sp; k--) /* Print out the */ { /* entire string. */ putch(*sp); sp++; } } See demo.c for another example of its use. Blockade, (C) Copyright 1991-92 Indusoft Corp. page -9- MKSIG.EXE "Writes" an include which includes the references and data space Blockade needs for operation. You do not need to run MKSIG.EXE unless you wish to change either the reserved data size or signature string. However, there's no harm done if you do. MKSIG's syntax is as follows : MKSIG <"Signature string"> </o> </us> </c> "signature string" The text BRAND.EXE should search for to locate Blockade's data space. The default is "chk_signature". Note that the signature string is case sensitive and spaces do count. This string must match the string embedded in SIGNATUR.H. /us=XXX Reserve XXX bytes of user data in the blockade reserved area. You must use this option if you intend to add user data to the program skeleton prior to branding it. You may reserve room for user data but are not required to add it when you brand your program. You may wish to stuff additional info into this region such as serial numbers or owner's names. The maximum user space you may spec is 31,000 bytes. /o=OUTPUT FILENAME The filename to use in case you don't like SIGNATUR.H. EXAMPLE: MKSIG "Brown Fox" /us=128 /o=BROWN.H Build a signature array data statement with a signature string of "Brown Fox". Add enough chars to hold 128 bytes of user data. Write the output to BROWN.H. The output file is overwritten if it already exists. Blockade, (C) Copyright 1991-92 Indusoft Corp. page -10- BRAND.EXE This is the program used to "brand" your program with the self-checking info needed at run time. You must BRAND your program prior to distributing the program. Brand's syntax is as follows: BRAND filename[.exe] </s=signature_string> </n> </c> </uf=USER_FILENAME> </us=USER DATA STRING> filename The name of the file to brand. The extension .EXE is assumed if no extension is specified. Note that only executable programs may be branded since the location of the checking information is made known to blockade() function only during linking. /uf=USER_FILENAME Before branding, read the file USER_FILENAME and place the contents of the file into the user space reserved when you ran MKSIG. This is the preferred method since both printable and binary chars may be inserted. This switch and the /us switch may not be used together. /us=STRING Before branding, insert "STRING" into the user space reserved when you ran MKSIG. Note that there can be no spaces in STRING (sorry, the arg parser doesn't allow it). This switch and the /uf switch may not be used together. /s=signature_string (optional) Specifies the character string to look for. This string must occur only once in your executable program. The signature IS case sensitive. The default string is "chk_signature". It must match the string embedded in SIGNATUR.H. Blockade, (C) Copyright 1991-92 Indusoft Corp. page -11- BRAND.EXE (cont.) /n (optional) Tells Brand not to verify the check value immediately after it is calculated. Using this option speeds the BRAND process by about 40%. I recommend you use it once you feel comfortable with BRAND's operation. /c=function (optional, full version only) Specifies that BRAND use 1 of 3 (currently) available self checking algorithms to brand the program. The full version of BLOCKADE allows you to specify at link time the algorithm you desire to use. The specification handed to BRAND via this switch must match that used in your program, else your blockade() function will think your executable has been altered. /a (optional) "Abort on any excuse." This switch will cause BRAND to abort if any processing anomoly occurs, even if the error is only warning level in nature. For example, normally BRAND will beep but continue processing if your SIGNATUR.H file contains room for a user data string but you fail to specify one when you run BRAND. If this switch is set, Brand will abort, assuming that you need that data if your program is to be right. Brand will terminate with the following error levels if an error occurs. 1 = brand's own BLOCKADE() call returned an error. 2 = some notable but not fatal logic error or illogical data was passed to it. 3 = a severe error. Your program was probably not branded properly. Blockade, (C) Copyright 1991-92 Indusoft Corp. page -12- SUPPORT Indusoft Corp. can be contacted as follows: Phone: (803)-292-1807. Please leave name, phone (including area code), and times when you can be reached. Sorry, I must call COLLECT. Compuserve ID: 73517,1107 I check for mail every couple of days. This is the preferred method. Prodigy ID: GHVR03A I check for mail every couple of days. TERMS OF USE BLOCKADE is supplied for personal, private use. Feel free to distribute the non-registered version of BLOCKADE given these restrictions: - The program shall be supplied in its original, unmodified form, which includes this documentation. - No fee is charged other than media materials. - Commercial use without a license is prohibited. - No component of this package may be included, or bundled with other goods or services. Exceptions may be granted upon written request only. This restriction also applies to distributors, and shareware outlets. Blockade, (C) Copyright 1991-92 Indusoft Corp. page -13- WARRANTY This program is provided AS IS without any warranty, expressed or implied, including but not limited to the program's suitability for any specific purpose. Considerable testing effort has been expended in BLOCKADE's development, but the user is responsible for determining the program's suitability for use. The user assumes full risk as to the results of using this package. In no event shall Indusoft be liable for any consequential damages arising from the use, or inability to use these routines. The idea of shareware with its low cost distribution of quality programs can be of great value to computer users. BLOCKADE follows in that tradition. THANK YOU FOR YOUR SUPPORT! -------------------- REGISTRATION BENEFITS ------------------------ Registration allows Indusoft to continue improving BLOCKADE and to develop new products for the computing community. Future improvements for BLOCKADE include.. * Adding serial numbers or other data after linking. This will allow you to have a plain vanilla EXE file which you customize prior to shipment. (COMPLETED in release 2). * The ability to embed codes for multiple files, allowing a master program to check both itself and subordinates. * Ideas that you, my customers submit. Blockade registration only comes in 2 versions, described below: License to use the current and all future shareware versions for private use ...................... $ 10 License for business and commercial use, (includes full source code and license to embed object code in your product) .................... $ 30 Please make checks or money orders payable to: Indusoft Corp. PO Box 26747 Greenville, SC 29616-1747 Blockade, (C) Copyright 1991-92 Indusoft Corp. page -14- REGISTRATION - ORDER FORM ============================ Please Register BLOCKADE as follows: Shareware version ($10.00) ______ Commercial version ($30.00) ______ Send applicable material to: Name: ___________________________________ Phone:_____________ Company: _____________________________________________________ Address: _____________________________________________________ Address: _____________________________________________________ City, State, Zip: ____________________________________________ Please specify compiler & version you are using: Turbo C _____ Turbo/Borland C++ _____ Microsoft C _____ Where did you learn about our program? ______________________________________________________________ What products are you using BLOCKADE for? ______________________________________________________________ How can we improve BLOCKADE? ______________________________________________________________ ______________________________________________________________ ______________________________________________________________ Please forward check or money order payable to: Indusoft Corp. PO Box 26747 Greenville, SC 29616-1747 Blockade, (C) Copyright 1991-92 Indusoft Corp. page -15- Blockade, (C) Copyright 1991-92 Indusoft Corp. page -16- ----------------end-of-author's-documentation--------------- Software Library Information: This disk copy provided as a service of Public (software) Library We are not the authors of this program, nor are we associated with the author in any way other than as a distributor of the program in accordance with the author's terms of distribution. Please direct shareware payments and specific questions about this program to the author of the program, whose name appears elsewhere in this documentation. If you have trouble getting in touch with the author, we will do whatever we can to help you with your questions. All programs have been tested and do run. To report problems, please use the form that is in the file PROBLEM.DOC on many of our disks or in other written for- mat with screen printouts, if possible. PsL cannot debug pro- programs over the telephone, though we can answer questions. Disks in the PsL are updated monthly, so if you did not get this disk directly from the PsL, you should be aware that the files in this set may no longer be the current versions. Also, if you got this disk from another vendor and are having prob- lems, be aware that some files may have become corrupted or lost by that vendor. Get a current, working disk from PsL. For a copy of the latest monthly software library newsletter and a list of the 4,000+ disks in the library, call or write Public (software) Library P.O.Box 35705 - F Houston, TX 77235-5705 1-800-2424-PSL MC/Visa/AmEx/Discover Outside of U.S. or in Texas or for general information, Call 1-713-524-6394