NN – WordPress

July 26, 2009

Scripts Part 3

Filed under: script — by NN @ 4:13 am

We are back, and now we have a different problem with scripts.
On the one hand we want things just work, on the other hand we don’t want always to expose our code to the end user.
So what the dilemma?

1. We can use the same code for production and for debugging. It is good enough when we don’t have some special features in our code.
2. We can obfuscate the code in the production stage. Why would we this at all? Perhaps we have some meaningful algorithm or we don’t want to expose functions and variables names.
And then we have a problems.
How the code should be obfuscated? The question is so difficult, so for sure I can say it depends.

There are some possible scenarios for obfuscation.
1. change names. We get the same code structure and we have auto generated dictionary to translate real name to obfuscated name and vice versa.
2. Change code. We get a different code structure. It differs from the real one. In this case our debugging capabilities are not so high.
3. We can use both 1 and 2 thus providing unreadable and not debuggable code.
4. I didn’t mention it before, but we can also optimize our code. Here we get the different code in the production.
5.compilation. Some script engines provide support for internal byte code. We can compile our script code to the byte code, so there will be no any original text.

Thoughts.
The problem is very interesting yet not trivial.
If you are sure in your code, the best is to obfuscate, optimize and compile to byte code. This brings almost no additional information about you code.
But, if your are not sure in your code, or you want to be able to debug it (especially if you want to debug in the production code), you can throw away thoughts about obfuscation.
I belive that the real answer depends on the situation.

June 13, 2009

Scripts Part I

Filed under: script — by NN @ 8:17 am

Dynamic and static.

What the difference and why do we need both, or perhaps don’t need :)

What the different between two approaches ?
The static approach means that all control paths are known before the application runs, the dynamic approach means that we can create on the fly different control paths.

It is easy to see that static approach is a subset of dynamic approach.
So why don’t we use dynamic in all ?
There are two main reasons:

  • Performance: When we have a knowledge about all control paths in our program, we can optimize it easy
  • Strictness: The most problems can be caught before we run our program and not when the program runs.

    • It seems that the best is something like dynamic environment but with a good performance and with ability for static checking. I will return to this statement some when after.

    Let’s start from some examples and analyze why we have two approaches:
    1. C – static language.
    2. Perl – dynamic language.

    In C we have a well written program with all static checks we have and we know everything to happen, in Perl we create code dynamically and run it thus providing flexibility and no checks :)
    I know, it wasn’t a good competition. It was to demonstrate the competition.

    Another example: We have a well designed program but we want to improve it simply by adding some dynamic abilities to our program. See Microsoft Word and VBA for example.

    So what is the scripting language ? I won’t bother you with wikipedia and encyclopedia. I just tell you what I think.
    The main advantage of scripting language is no need for compilation.
    That’s why many languages have a success, you don’t have to wait Hours!! till you have your program compiled. Of course you pay in performance, but who cares about performance too much ?

    Ok, but what about Virtual Machine based languages ? Here you have a very interesting case, on the one hand you have dynamic environment with JIT compilation with good optimizations, on the other hand you have static or dynamic language on top over.
    E.g. .Net is a dynamic environment while most languages for .Net are static.
    So I can claim that C# is a script language because you have C# interpreter ! C# Interpreter :)

    It was a prelude. And now the back to the post. I will talk about adding scripting technology to C++ programs.
    Why C++ ? Because sometimes you have to use it.
    Of course I prefer .Net but you don’t have .Net anywhere, at least for now. I’m still waiting for MSIL based smartphone ;)

    Let’s see our candidates:
    Lua
    Squirrel
    tiscript
    JScript + VBScript
    C interpreter
    And more :)

    The purpose is simple, I want some code base and then everyone can use abilities very simple and extend my program.

    The choice is right to you.

    Powered by WordPress.com