When obfuscating with ProGuard, does -keepattributes SourceFile,LineNumberTable make the resulting apk easier to reverse engineer?

Question 1

When obfuscating with ProGuard, does -keepattributes SourceFile,LineNumberTable make the resulting apk easier to reverse engineer?

java android proguard

wirbly · Jul 18, 2011 · Viewed 9k times · Source

Answer

Answer

ProGuard manual > Examples > Producing useful obfuscated stack traces

The SourceFile attribute is required, because Oracle/Sun's Java virtual machine otherwise does not include line numbers in stack traces, which is what you really want (and which is quite harmless on its own). I haven't checked if this is true for Android's Dalvik virtual machine.

As for a solution, ProGuard can keep the SourceFile attribute but replace its contents by a meaningless string of your choice, e.g.

-renamesourcefileattribute SourceFile

The value of the string is not important for interpreting the stack traces. Picking a string like "SourceFile" avoids increasing the class file sizes, because this string is already present by definition.

Question 2

I find myself needing more detail in my reported stack traces, but I'm concerned that by including the extra data (by using -keepattributes SourceFile,LineNumberTable) I'm making my app even easier to reverse engineer. Is this the case, and if so, by how much?

When obfuscating with ProGuard, does -keepattributes SourceFile,LineNumberTable make the resulting apk easier to reverse engineer?

Answer

Related questions