Frequently Asked Questions

Contents

  1. What is shrinking?
  2. What is obfuscation?
  3. Does ProGuard work with JDK1.4?
  4. Does ProGuard work with J2ME?
  5. Does ProGuard handle Class.forName calls?
  6. Does ProGuard handle resource files?
  7. Does ProGuard have support for Ant?
  8. Does ProGuard come with a GUI?
  9. Can ProGuard reconstruct obfuscated stack traces?
 

What is shrinking?

Java source code (.java files) is typically compiled to bytecode (.class files). Complete programs or program libraries are usually zipped up and distributed as Java archives (.jar files). Bytecode is more compact than Java source code, but it may still contain a lot of unused code, especially if it uses program libraries. Shrinking programs such as ProGuard can analyze bytecode and remove unused packages, classes, fields, and methods. The program remains functionally equivalent, including the information given in exception stack traces.

 

What is obfuscation?

By default, compiled bytecode still contains a lot of debugging information: source file names, line numbers, field names, method names, argument names, variable names, etc. This information makes it straightforward to decompile the bytecode and reverse-engineer entire programs. Sometimes, this is not desirable. Obfuscators such as ProGuard can remove the debugging information and replace all names by meaningless character sequences, making it much harder to reverse-engineer the code. It further compacts the code as a bonus. The program remains functionally equivalent, except for the class names, method names, and line numbers given in exception stack traces.

 

Does ProGuard work with JDK1.4?

Yes. Class files compiled with the javac compiler of JDK1.4 are targeted at JRE 1.2 by default. These class files have a slightly different structure from older class files. The new class files fall within the original Java bytecode specifications, so they will run on most virtual machines, but they may trip some obfuscators. ProGuard handles both class file structures correctly.

 

Does ProGuard work with J2ME?

Yes. ProGuard itself runs in J2SE, but you can freely specify the run-time environment at which your programs are targeted, including J2ME. More specifically, you'll specify midpapi.zip as the run-time library, instead of J2SE's traditional rt.jar. All of ProGuard's powerful configuration options remain available. The example section of the ProGuard User Manual illustrates how to process a single midlet or all midlets in your input jar, for instance.

 

Does ProGuard handle Class.forName calls?

Yes. ProGuard automatically handles Class.forName("SomeClass") and SomeClass.class constructs. The referenced classes are preserved in the shrinking phase, and the string arguments are properly replaced in the obfuscation phase.

With variable string arguments, it's generally not possible to determine their possible values. They might be read from a configuration file, for instance. However, ProGuard will note constructs like "(SomeClass)Class.forName(variable).newInstance()". These might be an indication that the class or interface SomeClass and/or its implementations may need to be preserved. The user can adapt his configuration accordingly.

 

Does ProGuard handle resource files?

Yes, in the sense that ProGuard copies all non-class resource files from the input jars to the output jar. Their names and contents remain unchanged.

 

Does ProGuard have support for Ant?

Not specifically, but ProGuard can be used in an Ant build process as a straightforward Java program, using any combination of command line options and configuration files. Specific support is on the list of things to do. (I've always wondered about build tools that require all of their tools to be adapted. Personally, I still appreciate make).

 

Does ProGuard come with a GUI?

No. ProGuard is a command-line tool. It can easily be integrated into any automatic build process. Configuration is done using a few compact and powerful options; just have a look at the examples in the ProGuard User Manual. A graphical user interface to create configuration files is on the list of things to do, but it has a fairly low priority.

 

Can ProGuard reconstruct obfuscated stack traces?

Yes. ProGuard comes with a companion tool, ReTrace, that can 'de-obfuscate' stack traces produced by obfuscated applications. The reconstruction is based on the mapping file that ProGuard can write out. If line numbers have been obfuscated away, a list of alternative method names is presented for each obfuscated method name that has an ambiguous reverse mapping. Please refer to the ProGuard User Manual for more details.


Copyright © 2002 Eric Lafortune.