Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

How variables are stored after compilation?

I have in my program (written in Java) a variable:

String myPassword

After compiling the code with Android Studio, I get an an android application and I would like to let other people to use it.

But I am scared: is it possible for the users to get the variable value (password) from the application?

Let's say that the password value is "myPass". Its binary is:

01101101 01111001 01010000 01100001 01110011 01110011

Will the application binary contain this sequence in it?

like image 598
NewWorker Avatar asked Feb 21 '18 16:02

NewWorker


1 Answers

If you decompile your classes with javap -c -p -constants for example you would see those Strings:

public class DeleteMe {

   private static final String test = "def";

   public static void main(String[] args) {
      String test = "abc";
   }
}

would yield(the important two lines):

private static final java.lang.String test = "def";
ldc           #2                  // String abc

Otherwise, storing passwords inside your app is really bad, usually people employ some sort of database where passwords are kept for example.

Also the must read about String and char[] for passwords.

like image 186
Eugene Avatar answered Oct 09 '22 06:10

Eugene