Hi,
I am looking for a solution to find some relativity between *.c and its *.out file in gcc (g++) execution.
as example gcc hello.c -o hello.out
I am looking to find how we can surely conclude that hello.out is generated from hello.c
This I am looking to find semantically identical files, which can be regenerated if it is needed.
Also I am thinking to trace all system calls associated with gcc execution and parse input and output file name, then stored those pair in table.
This seems very difficult, but no whereto start that why I choose this way.

All suggestions are appreciated
Regards
Shanim

Well, of course the easiest way to relate hello.c to hello.out is run gcc hello.c and compare the output to hello.out. In fact, it's probably the only reliable way, and you'd better use the same version of gcc. If you used a different version of gcc or another compiler, you *might* be able to use sequence matching (as is used for comparing DNA sequences and plagiarized text) to see if stretches of the compiled code are "similar enough". You'd have to set up some arbitrary criteria, and there would be false positives and negatives.

Reversing the process is probably not even theoretically possible, as there isn't a 1:1 reversible mapping between source code and compiled code.

Running a continuous audit on all uses of gcc would work too, for all future compilations.

Thanks for reply,
First solution is good but not feasible for my case ( recompile same file then compare current .out with previous .out)

I am looking for an audit of the gcc, when you compile your file first time at the same time it will create a semantic pair
(hello.c and hello.out) or related pair and stored this information somewhere in table or log.
But I don't know how to audit gcc, how to find that pair, how to trace all system calls, where to start???

Please help me.

Regards
Manish

That I can't help you with; maybe someone from Linux-Security using pam? could help you.