Closed. This question needs details or clarity. It is not currently accepting answers.
Want to improve this question? Add details and clarify the problem by editing this post.
Closed 8 years ago.
Improve this question
I have a class ProductKeyLib that is part of project MyProgram-Web, which itself is a part of solution MyProgram. As of now, this lib only checks whether the key is valid, but does not generate one.
The interface for key generation will be in project MyProgram-KeyGen, which also is part of solution MyProgram.
Now, the tricky part:
I would like to have both functions (generation and check) in one class, because, as you may guess, 100% compatibility between key generation and key check is better achieved when everything is in one file, and also my unit tests will be easier then.
But: both programs should include that part in their program, I don't want to have a special dll. Furthermore, MyProgram-Web should only include the checking part, not the key generation.
Can I do that in VisualStudio? If so, how?
Well, it's probably not a good idea, but you can use a combination of compiler defines and linked source files.
So you'd have a single cs file containing all the code linked to both projects (no common library - just the single code file). In it, you'd have all your code:
#if KeyGen
public string GenerateKey(...)
{
...
}
#endif
public bool CheckKey(...)
{
...
}
Then, in your keygen project, you'd put a compiler define named KeyGen, and the generation code will only be compiled in the keygen part, and not the client application.
However, this still reeks of "security by obscurity". If the key generation and checking is actually important, this would be insufficient. For example, just through knowing how the key is checked, you can in many cases easily find ways to construct the keys (and even brute-force algorithms are very reliable nowadays, even without utilizing the GPU).
Related
Closed. This question needs to be more focused. It is not currently accepting answers.
Want to improve this question? Update the question so it focuses on one problem only by editing this post.
Closed 5 years ago.
Improve this question
I've got this task that requires me to generate some basic C code using a software written in C#.
The generated code should be based on some input files I provide to my software, we'll call it btOS for easy of communication.
So when starting btOS I give it as input file1, config.xml. When I hit run it should output a file.c that contains some basic structures and/or methods based on what the input files contain.
Is there any elegant way to do this ? Maybe some already generated templates or methods or stuff like that ? The only way I could think of handling this was creating specific strings in C# and outputting them to a C file.
L.E.: It seems that somehow my question was not clear enough. I assume the fault of including C++ in the title, I have remove it but I don't see how that is relevant because the question was very simple.
Anyway, to make it more clear. All i need to do is read some config files (their content is irrelevant, all they contain are some variables that will be used to generate some function templates, which will mostly impact the name of the function) - and write an output file with the extension .C (as in Main.c) that will contain those templates I generated.
So, again, the question: Are there any "elegant" and maybe somehow "professional" ways to do this other than using custom generated strings within the code that I will write to the file ? Right now the only way I see fit to do this without too much hassle is using some template text files with a naming convention defined by me(e.g. function_variableName{...}) where I just change the [variableName] text with whatever I need to to be there and "Abracadabra" I have a function that I will write to the file.
Now as Soonts suggested please try and be helpful, read multiple times if you don't clearly understand or maybe even don't bother - let somebody who is interested in this topic, tries to help or gain some new knowledge before flagging it.
Double Cheers.
Closed. This question needs to be more focused. It is not currently accepting answers.
Want to improve this question? Update the question so it focuses on one problem only by editing this post.
Closed 6 years ago.
Improve this question
I am trying to go through a list of words and for each one determine if it is a valid English word (for Scrabble). I'm not sure how to approach this, do I have to go find a text file of all English words and then use file reading and parsing methods to manually build a data structure like a trie or hashmap - or can I find those premade somewhere? What is the simplest way to go about this?
You can use NetSpell library for checking this. It can be installed through Nuget Console easily with the following command
PM> Install-Package NetSpell
Then, loop through the words and check them using the library
NetSpell.SpellChecker.Dictionary.WordDictionary oDict = new NetSpell.SpellChecker.Dictionary.WordDictionary();
oDict.DictionaryFile = "en-US.dic";
oDict.Initialize();
string wordToCheck = "door";
NetSpell.SpellChecker.Spelling oSpell = new NetSpell.SpellChecker.Spelling();
oSpell.Dictionary = oDict;
if(!oSpell.TestWord(wordToCheck))
{
//Word does not exist in dictionary
...
}
Since you're looking specifically for valid Scrabble words, there are a few APIs that validate words for Scrabble. If you use anything that's not for that intended purpose then it's likely going to leave out some words that are valid.
Here's one, here's another, and here's a separate question that lists available APIs.
So that I can add some value beyond just pasting links, I'd recommend wrapping this in your own interface so that you can swap these out in case one or another is unavailable (since they're all free services.)
public interface IScrabbleWordValidator
{
bool IsValidScrabbleWord(string word);
}
Make sure your code only depends on that interface, and then write implementations of it that call whatever APIs you use.
Closed. This question needs to be more focused. It is not currently accepting answers.
Want to improve this question? Update the question so it focuses on one problem only by editing this post.
Closed 6 years ago.
Improve this question
As seen here Programmatic MSIL injection or here http://www.codeproject.com/Articles/463508/NET-CLR-Injection-Modify-IL-Code-during-Run-time you can modify IL code at runtime using some tricky injections.
My question is : how to prevent that? For instance, if someone use that to bypass a security feature, how can i avoid that security hole?
how to prevent that?
You can't, as far as I understand. But you can do make it not easy.
In the simple case, you don't even need to inject IL. You can do IL weaving to modify the assembly. For example, you can find the login method ant delete the original IL code and simply return true, or you can jump to your own login method.
public bool Login(string userName)
{
// original method did security checks
// and return true if the user is authorized
// your implementation can return true or jump to other method
}
For this you must to do it when the application is not running, you modifying the assembly itself. You can do it with mono.cecil and you can look on StaticProxy.Fody for example.
The other case is inject code to running assembly. and this is divide to two cases:
When the code isn't jitted\ngen'd
When the code is jitted\ngen'd
For the first case is more easy, You still have the IL of each method and you inject your own IL instructions.
The second case is more complex because the Jitter redirect the IL pointer to the machine code.
For two of them you can see a bunch of articles\libraris to make the inject work.
Codecope
Article 1
Article 2
But even if you however make it impossible to inject, you still not protected. Because you can modify the bytes itself. See this article for details.
For all above method, there is cases when it more complex to do the work. For example, Generics, DynamicMethods, prevent load assemblies to your process (which is needed in some cases).
To summarize, you can do it very hardly to inject your code but not prevent it.
Closed. This question is opinion-based. It is not currently accepting answers.
Want to improve this question? Update the question so it can be answered with facts and citations by editing this post.
Closed 6 years ago.
Improve this question
In my project, there are a lot of code chunks that a reused under different conditions. These chunks are just a few lines of code. The calls of these chunks are spread all over the program and some of theme depend ob which mode the program is running.
I now want to provide this code in a easy to access way with a good performance.
I've two attempts in mind.
a) Create a static class with functions, each containing one chunk of code.
b) Creating several small classes (components) each with an execute method holding one chunk of code.
I'm not sure which is a clean way to handle that situation or if there is any best practice approach.
If you need more information, just let me know.
EDIT: I try to give a short example. The program can run in two different modes. Each mode has the same workflows but they differ slightly in the two modes. One workflow is about loading another assembly and setup communication between both programs. In both modes I have to call functions that are not needed in the other mode. Also this calls appear in other parts of the program.
These chunks are always about calling some functions at the right time in the correct order.
void WorkflowXY()
{
Foo.Do();
Foo.DoMore();
if(Mode.A)
{
//Chunk1, several lines of code, mostly calling other functions
}
else
{
//Chunk2, several lines of code, mostly calling other functions
}
}
void SomewhereElse()
{
//Code
//Chunk2
//more code
}
void InACompletlyDifferentNamespace()
{
//Code
//Chunk1
//more code
}
Avoid Helper classes, if you can. They're clear SRP violations and tend to become dumping grounds for loosely related methods.
I favour your second option. IMHO, classes cannot be too small. One class, one job.
This is worth a read.
Your "chunks of code" is a little bit unclear. Anyway, consider another question concerning static vs non static. It mentions also an extension method. If you do not wanna apply extensions, then another issue could fit for your purpose.
Closed. This question needs to be more focused. It is not currently accepting answers.
Want to improve this question? Update the question so it focuses on one problem only by editing this post.
Closed 7 years ago.
The community reviewed whether to reopen this question 3 months ago and left it closed:
Original close reason(s) were not resolved
Improve this question
What I mean is, could one possibly make a program that does the equivalent of
public class PrintOwnSourceCode
{
public static void Main ( )
{
System.Console.WriteLine([something]);
// prints "public class PrintOwnSourceCode { public static void Main ( ) { ... } }"
}
}
???
And would that be an example of reflection?
Somewhat.
Decompilers can do something similar to this:
I just decompiled a decompiler so I could use it to decompile itself
.NET Decompilers, like [.NET Reflector] (http://www.red-gate.com/products/dotnet-development/reflector/) and dotPeek are capable of reflecting upon a .NET assembly and generating files that resemble the source code. It will not look exactly like the source code because compiling and decompiling is kind of like translating English to French and then back to English--the results are not always guaranteed to be 1:1 as Google Translate can demonstrate. Information, like whitespace, that are for easy reading but not required by the compiler will be lost in the decompilation process. So, your application could decompile itself or invoke an external decompiler to print itself.
Aside
In compiled languages, the compiled code does not have direct access to the source code. (Companies don't typically ship the source code with the compiled code to customers. They only ship the compiled executable.) When it comes to parsed languages, like JavaScript, it's a whole different story. Because the source must be available to the runtime so that it can be parsed and run, the code can always find it's own source file, open it, and print it out.
This was answered here.
The short answer is that you cannot print it via reflection.
If you want to print out the file, then you will need to load in the source file itself (and have the file available).