py2exe how safe is my source ?
Alex Martelli
aleaxit at yahoo.com
Sun Jun 10 11:06:15 EDT 2001
"Tomasz Stochmal" <tom at peresys.co.za> wrote in message
news:f20ea932.0106100442.79f1ab55 at posting.google.com...
> I want to distribute my end product to clients. How safe is my source code
?
> Can you easily reverse-engineer pyc files ?
Yes! Consider a typical tr.py such as:
def greet(name):
print "Hello",name
def rept(n):
for i in range(n):
greet(i)
It's trivial, given its .pyc, to perform:
>>> import tr
>>> import dis
>>> dis.dis(tr)
Disassembly of greet:
0 SET_LINENO 1
3 SET_LINENO 2
6 LOAD_CONST 1 ('Hello')
9 PRINT_ITEM
10 LOAD_FAST 0 (name)
13 PRINT_ITEM
14 PRINT_NEWLINE
15 LOAD_CONST 0 (None)
18 RETURN_VALUE
Disassembly of rept:
0 SET_LINENO 4
3 SET_LINENO 5
6 SETUP_LOOP 38 (to 47)
9 LOAD_GLOBAL 0 (range)
12 LOAD_FAST 0 (n)
15 CALL_FUNCTION 1
18 LOAD_CONST 1 (0)
>> 21 SET_LINENO 5
24 FOR_LOOP 19 (to 46)
27 STORE_FAST 1 (i)
30 SET_LINENO 6
33 LOAD_GLOBAL 3 (greet)
36 LOAD_FAST 1 (i)
39 CALL_FUNCTION 1
42 POP_TOP
43 JUMP_ABSOLUTE 21
>> 46 POP_BLOCK
>> 47 LOAD_CONST 0 (None)
50 RETURN_VALUE
>>>
I don't know if anybody has bothered pattern-recognizing
the output of dis.dis back into Python source, but at least
for one fixed Python version it should be rather doable.
>From a .pyc you even get the line numbers to help you
reconstruct the exact layout, blank lines and all... at least
a .pyo (as obtained for import when you run Python with
-O, or -OO to eliminate docstrings too) hides _that_:-)
Alex
More information about the Python-list
mailing list