Correct way to remove all debugging info for .so libraries in Android and .a libraries iOS?

  android, c++, ios, reverse-engineering, rust

My Android & iOS apps uses some algorithms written in C++/Rust. Those algorithms are compiled to .so in Android and .a in iOS. Of course, I do not want the reverse-engineeers to look into the app and figure out the algorithm details easily.

I am not familiar with this field, so I have tried to "strip" the .so files first. It does make the .so file much smaller, and when using file myfile.so I see it says "stripped". However, when the C++/Rust algorithm crashes, it can still be symbolized. I also look into strings myfile.so and see a lot of things like _Z16_y_range_to_rectRKN2cv5RangeEi where y_range_to_rect is one of my internally-used C++ functions, and objdump even sees 0008daf2 <[email protected]@Base>: ...machine instructions... i.e. the function name and its content. Therefore, I am sure that, there still exists a lot of symbols there. The reverse-engineers can still leverage such information to understand the compiled library. What am I doing wrong here – I guess maybe I should find a way to further remove such symbols.

Most importantly, my main question is: What is the correct way to remove all debugging info for .so libraries in Android and .a libraries iOS? I have seen people saying stripping, but from discussions above, stripping is not enough obviously.

Thanks for any suggestions!

Source: Windows Questions C++

LEAVE A COMMENT