XML Documentation Filter is a feature that arrived in Eazfuscator 2.8.
Ok, let me start the show.public class DS1307
{
/// <summary>
/// Gets a value indicating whether clock is in halt state.
/// </summary>
/// <value><c>true</c> if clock is in halt state; otherwise, <c>false</c>.</value>
public bool IsClockHalted
{
get
{
byte data = I2CBus.Transfer(Address, 0x00);
return (data & 0x80) != 0;
}
}
}
As you can see, there is MyLib.XML file in the output folder. Let’s take a look on its content:
<?xml version="1.0"?>MyLib.XML file contains documentation for the public property IsClockHalted of the class DS1307 from MyLib assembly. That’s exactly what you might expect. File contains minimal and sufficient amount of information.
<doc>
<assembly>
<name>MyLib</name>
</assembly>
<members>
<member name="P:MyLib.DS1307.IsClockHalted">
<summary>
Gets a value indicating whether clock is in halt state.
</summary>
<value><c>true</c> if clock is in halt state; otherwise, <c>false</c>.</value>
</member>
</members>
</doc>
public class DS1307
{
/// <summary>
/// Gets a value indicating whether clock is in halt state.
/// </summary>
/// <value><c>true</c> if clock is in halt state; otherwise, <c>false</c>.</value>
public bool IsClockHalted
{
get
{
byte data = I2CBus.Transfer(Address, 0x00);
return (data & 0x80) != 0;
}
}
/// <summary>
/// An I2C bus instance.
/// </summary>
private II2CBus I2CBus;
/// <summary>
/// Device address at I2C bus.
/// </summary>
private byte Address;
}
Rebuild the project and here is the corresponding content of MyLib.XML file:<?xml version="1.0"?>
<doc>
<assembly>
<name>MyLib</name>
</assembly>
<members>
<member name="F:MyLib.DS1307.I2CBus">
<summary>
An I2C bus instance.
</summary>
</member>
<member name="F:MyLib.DS1307.Address">
<summary>
Device address at I2C bus.
</summary>
</member>
<member name="P:MyLib.DS1307.IsClockHalted">
<summary>
Gets a value indicating whether clock is in halt state.
</summary>
<value><c>true</c> if clock is in halt state; otherwise, <c>false</c>.</value>
</member>
</members>
</doc>
And now we have information about private assembly items right in MyLib.XML file... This is shocking from security point of view.
It is worth to mention that XML documentation files are often distributed together with product assemblies, so you can estimate an amount of possible intellectual property leakage that can be brought by XML documentation files.
Solution
XML Documentation Filter built in Eazfuscator.NET comes to the rescue.
Let’s protect MyLib project with Eazfuscator.NET by drag’n’dropping the project from Solution Explorer of Visual Studio onto the green zone of Eazfuscator.NET Assistant:Then rebuild the project in Release configuration with Visual Studio and take a look on MyLib.XML file content:
<?xml version="1.0"?>Voila. What we see is that all private documentation is gone. The only documented item is a public property in terms of inter-assembly visibility. Exactly what’s expected without security compromises.
<doc>
<assembly>
<name>MyLib</name>
</assembly>
<members>
<member name="P:MyLib.DS1307.IsClockHalted">
<summary>
Gets a value indicating whether clock is in halt state.
</summary>
<value>
<c>true</c> if clock is in halt state; otherwise, <c>false</c>.</value>
</member>
</members>
</doc>
That was just a simple sample, but I assure you that XML Documentation Filter gives a considerable effect on bigger assemblies. XML documentation for non-public assembly items is automatically pruned so that essential knowledge about component internals does not leak to the rest of the world.
Labels: features