Flutterアプリの難読化とエラーレポート(iOS)

FlutterΞϓϦͷ೉ಡԽͱ
ΤϥʔϨϙʔτ(iOS)
Hiroki Matsue
Dec 6th, 2018
Flutter Meetup Tokyo #6

View Slide

Hiroki Matsue (@macs_6)

View Slide

FlutterͰIIJmio޲͚ʹ
ʮΈ͓εΠονʯΛ
ϦϦʔε

View Slide

View Slide

[࣭໰] FlutterͰΞϓϦΛ
ϦϦʔε͍ͯ͠Δਓʁ

View Slide

[࣭໰] ϦϦʔεલʹ
೉ಡԽͨ͠ਓʁ

View Slide

ϦϦʔεؔ࿈ͷυΩϡϝϯτ
https://ﬂutter.io/docs/deployment/ios

View Slide

View Slide

࠷ॳʹॻ͍͚ͯ͋ͬͨͲ
ݟམͱͯͨ͠
(AndroidͷProGuardରԠͯͯ͠ؾ͍ͮͨ)

View Slide

ͪͳΈʹ

View Slide

(ϦϦʔεؔ࿈Ͱ୤ઢ)
ΞΠίϯ࡞੒͸"ﬂutterlaunchericons"࢖͏ͱ
1ͭͷը૾͔Β͍͍ײ͡ʹ࡞ͬͯ͘ΕΔ

View Slide

iOS͸Dartίʔυ෦෼͕
೉ಡԽͷର৅

View Slide

΍Δ͜ͱ͸build࣌ʹ
ΦϓγϣϯΛ͚ͭΔ͚ͩ
(Կނ͔ॳظঢ়ଶͰ͸ରԠ͞Εͯͳ͍ )
https://github.com/ﬂutter/ﬂutter/wiki/Obfuscating-Dart-Code

View Slide

/ios/Flutter/Release.xcconﬁg
EXTRA_GEN_SNAPSHOT_OPTIONS=--obfuscate

View Slide

# /packages/flutter_tools/bin/xcode_backend.sh
local extra_gen_snapshot_options_or_none=""
if [[ -n "$EXTRA_GEN_SNAPSHOT_OPTIONS" ]]; then
extra_gen_snapshot_options_or_none="--extra-gen-snapshot-options=$EXTRA_GEN_SNAPSHOT_OPTIONS"
fi
...
RunCommand "${FLUTTER_ROOT}/bin/flutter" --suppress-analytics \
${verbose_flag} \
build aot \
--output-dir="${build_dir}/aot" \
--target-platform=ios \
--target="${target_path}" \
--${build_mode} \
--ios-arch="${archs}" \
${local_engine_flag} \
${track_widget_creation_flag} \
${extra_gen_snapshot_options_or_none}

View Slide

xcode_backend.sh ͱ͸ʁ
Build PhaseͷRun ScriptͰ࢖ΘΕ͍ͯΔεΫϦϓτ
Xcode͔Β΋Dartίʔυ͕build͞ΕΔͷ͸͜Εͷ͓͔͛

View Slide

(୤ઢ2)
طଘΞϓϦʹFlutterΛಋೖ͢Δ࣌͸
xcode_backend.sh embed
Add2AppϘʔυ্Ͱઈࢍ։ൃத

View Slide

͜ΕͰϏϧυ͢Ε͹
೉ಡԽ׬ྃʂ
Χϯλϯʂ

View Slide

೉ಡԽͷ֬ೝํ๏ʁ

View Slide

App.frameworkΛ֬ೝ͢Δ
$ strings build/ios/Release-iphoneos/Runner.app/Frameworks/App.framework/App
...
get:_vxa@7048458x
get:_aLa@9040228x
get:_DLa@7048458x
...

View Slide

೉ಡԽͷલޙͰൺֱ
before
get:_count@7048458
get:_onData@9040228
get:_isSubscribed@7048458
after
get:_vxa@7048458x
get:_aLa@9040228x
get:_DLa@7048458x

View Slide

Dartίʔυ͕೉ಡԽ͞Εͨ

View Slide

...ϦϦʔεޙͷ͋Δ೔

View Slide

View Slide

SentryͷΤϥʔϨϙʔτ΋
೉ಡԽ͞ΕͯΔ

View Slide

೉ಡԽલͷΤϥʔϨϙʔτ

View Slide

։ൃத͸ؾ͔ͮͳ͔ͬͨ

View Slide

೉ಡԽͷલޙͰൺֱ
before
main.dart in SampleApp.build at line 48
after
SEd in bZ.opa at line 48

View Slide

ࣗ෼΋ಡΊͳ͍

View Slide

ϦϦʔεࡁΞϓϦͷ
Τϥʔ΋ݟ͍ͨ

View Slide

mapϑΝΠϧΛग़ྗ͢Δ
ઌ΄ͲͷυΩϡϝϯτʹ͋ͬͨઃఆ
EXTRA_GEN_SNAPSHOT_OPTIONS=--obfuscate
mapϑΝΠϧΛग़ྗ͢ΔઃఆΛ௥Ճ
EXTRA_GEN_SNAPSHOT_OPTIONS=--obfuscate,
ɹ --save-obfuscation-map=ios_dart_symbols_${FLUTTER_BUILD_NUMBER}.json

View Slide

ग़ྗ͞ΕͨmapϑΝΠϧ
$ cat ios_dart_symbols_5.json
...
"_BuildJsonListener","_Gf",
"CustomSymbolRenderer","cs",
"devicePixelRatio","saa"
...
͜ΕΛࢀর͢Ε͹ಡΊΔ
!

View Slide

աڈʹϦϦʔεͨ͠ΞϓϦͷmapϑΝΠϧʁ
ࢼͨ͠ͱ͜Ζɺ
ੜ੒ݩͷίʔυ͕ಉ͡Ͱ͋Ε͹map΋ಉ͡ʹͳͬͨ

View Slide

·ͱΊ

View Slide

·ͱΊ
• FlutterͩͱiOSͰ΋Dartίʔυͷ೉ಡԽ࡞ۀ͕͋Δ
• stringsίϚϯυͰνΣοΫ͢Δͷָ͕
• mapϑΝΠϧ΋ग़ྗ͓ͯ͘͠ͱSentryղಡʹ࢖͑Δ
# before
main.dart in SampleApp.build at line 48
# after
SEd in bZ.opa at line 48

View Slide

Έ͓εΠονɺੋඇ͝ར༻͍ͩ͘͞

View Slide

Thanks

View Slide

Flutterアプリの難読化とエラーレポート(iOS)

Flutterアプリの難読化とエラーレポート(iOS)

Hiroki Matsue

More Decks by Hiroki Matsue

Other Decks in Technology

Featured

Transcript