We are using C++ on a IOS project and Apple llvm 3 compiler for ARM architecture. I have noticed that IDA can open the ARM exe file and in the exports tab i found virtual table constructors for lots of c++ code (something like `construction vtable for'BaseClass-in-OtherClass 00AB6AC5' where BaseClass and OtherClass are actual c++ classes) and from there you can find addresses for other subroutines.
I'm unfamiliar with IDA but i think that from there you can find sensitive subroutines and change them for other purposes. I would like to know how all the symbol names made it into the release build ( we are missing a compiler switch? ) and if this stuff can indeed be used to easily track down routines that work with sensitive information.
Is there a way to remove all the names from the build?
Thanks, Raxvan.
strip -x Myapp.app/Contents/MacOS/Myappshould remove all symbols not required for running the program. (There is probably some XCode setting for this too.) You may need to play with visibility options to make sure all private symbols are marked properly.Note that you won't be able to remove the Objective-C names (classes, fields and methods), as they're encoded in the Objective-C metadata structures in the data segment of the program and are required by the Objective-C runtime.
Another source of symbolic information is C++ RTTI (Run-time Type Information). IDA currently does not use it but it's possible to recover class names with some additional scripts. You can turn off RTTI generation with
-fno-rttibut this will break your code if you usedynamic_cast<>ortypeidoperators.