Safe to open P-code files?

31 views (last 30 days)
Engenuity
Engenuity on 20 Dec 2016
Commented: Engenuity on 22 Dec 2016
Hi,
My question and concern is that I have purchased some .p and .m files from a MATLAB software developer. I would like to know what risks I assume by opening the files, especially the .p files that I cannot review to ensure safe operation (risks such as spreading a fatal virus to my employer's entire network, etc). My limited research on p-coded files explained that no one except those who have purchased the rights to view source code (million dollar rights) from MathWorks will be able to open or view the .p files. Are there any tools in addition to requiredFilesandProducts that I can use to determine a threat? Or is author trust the ultimate answer?
Thanks in advance.
  3 Comments
Walter Roberson
Walter Roberson on 20 Dec 2016
The original source file of .p files is discarded. There is, though, still information about variable names. It seems likely to me that somewhere along the way that Mathworks wrote a "decompile" tool for .p files that would produce some version of source from a .p file. But that is speculation.
Jan
Jan on 21 Dec 2016
Edited: Jan on 21 Dec 2016
The existence of a P-code decompiler is mentioned in this forum and TMW did not delete the corresponding thread. After an intervention the tool has been removed from the linked web page.

Sign in to comment.

Accepted Answer

Jan
Jan on 20 Dec 2016
Edited: Jan on 21 Dec 2016
A funny question.
If you run a P-file, you do this in Matlab. Matlab is compiled code and very powerful. It calls thousands of library functions, which have been programmed by more or less reliable programmers. Therefore even plain Matlab code can crash your machine and flood your network by a denial of service attack. E.g. the lib for sprintf contained a bug in former Matlab versions, which allowed to gain admin privileges on the local computer. If such a command appears anywhere in a bunch of 20'000 lines, you will never find it.
Therefore P-coding does not increase the threat-level remarkably. Note that even the Matlab engine is not the main problem of the computer, but the operating system and all software to contact the internet as browsers and file viewer. It is been proven nearly every week, that we cannot trust the programmers of Windows, MacOS, Linux, AcrobatReader, Flash, Java, Firefox, InternetExplorer, IrfanView, VLC, etc., although they try to do their very best. But by accident, they leave possibilities in the programs, which can be exploitet by evil attackers or which block the computer or network autonomously.
Of course you can examine P-files with Matlab's debugger. You can set breakpoints, step through the code line by line and observe the current WorkSpace [EDITED: in older Matlab versions]. The profiler and comamnds like inmem reveal the called functions in addition. This is a strange feature and I cannot imagine, why Mathworks decided to allow this. In consequence the obfuscation level of P-coding is not high, although you cannot obtain the original source code.
I do not run P-files from the FileExchange, because it is suspicious for me, that someone wants to publish code without letting others see, what he has written. But I ran the huge Matlab system, although it could contain spyware also and I do not have any chance to detect this.
My advice: Trust the programmer, but do not trust too much. In the real life only redundant not connected machines and solid backup strategy help to reduce the effects of attacks or accidents. Neither trust nor control can be more reliable.
  3 Comments
Jan
Jan on 21 Dec 2016
@David: You are right: Modern Matlab versions do not allow to debug P-coded functions. This implies, that older Matlab versions can still do this.
The OP asked for the threat level of running P-files. Depending on the license agreement he has accepted, he is not even allowed to reverse engineer the program, even if it is delivered as M-file. Therefore the limited obfuscation level of P-files is not the point. But if he really want to examine the functions and is allowed to do this, than it matters that the lisence agreement of Matlab does not allow to examine or reveal the details of the obfuscation methods in P-files.
When I sell code, I ship 98% as M-files and 2% as P-files. I do not rely on the P-files to be undiscoverable, but you cannot do this on the fly or by accident. You need time and a certain effort, such that you know, that you are reverse engineering. In this case, a EULA on paper, which is manually signed before the customer has bought the software, is more reliable than P-coding.
Engenuity
Engenuity on 22 Dec 2016
@Jan: Great points, I didn't think of it that way. Note - I did not sign a license agreement, although the software is licensed via MAC addressing, go figure! Fortunately most peeps, including me, are bound by ethics, not just legal contracts.
When I first ran the trial version of said software, the p-code attempted to access the internet. At the time I did not realize that this was to check the time/clock for trial expiration purposes. For something like that, I want to verify what's going on. Also, I would like to verify that the p-coded script that grabbed my MAC address is only sending MAC information back to the developer. Etc, etc.
I suppose I could dictate the terms of "no p-codes," but I think the developer has a certain right to attempt to protect his work against lazy thieves.
Also, risk may be based partially on how deep you pockets go. In the event of a malware incident, a big corporation is financially able to compensate damages as opposed to a poor guy writing code in his basement. But I suppose the former has more lawyers too! :)
Back to my original question about tools to analyze p-coded files - the tools available are:

Sign in to comment.

More Answers (1)

David Barry
David Barry on 20 Dec 2016
Edited: David Barry on 20 Dec 2016
Yes author trust is the ultimate answer. If you don't trust them then why work with them? Alternatively you should have stated in your terms and conditions with said supplier that you want open access to all source code. p-code is a way for people to obfuscate intellectual property not distribute viruses.

Categories

Find more on Programming in Help Center and File Exchange

Products

Community Treasure Hunt

Find the treasures in MATLAB Central and discover how the community can help you!

Start Hunting!