helpers: Added dynamic symbol resolver #128
Conversation
Dynamic symbols are very important to attach u(ret)probe on common libraries such as openssl, libc, etc.
helpers/elf.go
Outdated
|
|
||
| // DynamicSymbolToOffset attempts to resolve a dynamic 'symbol' name in the binary found at | ||
| // 'path' to an offset. The offset can be used for attaching a u(ret)probe | ||
| func DynamicSymbolToOffset(path, symbol string) (uint32, error) { |
There was a problem hiding this comment.
What do you think about adding this logic to SymbolToOffset instead? If the named symbol isn't in the symbol table, check dynamic symbols. Is it possible to have a name collision?
There was a problem hiding this comment.
I'm in favor of your suggestion, I didn't want to "break" anyone using the original function, so ill change the code accordingly.
regarding the name collision - so the short answer would be yes, but it is only because the dynamic symbol table contains exported functions that will appear in the regular symbol table.
a nice answer in stack overflow https://reverseengineering.stackexchange.com/a/21623
There was a problem hiding this comment.
created a simple SO (followed https://www.cprogramming.com/tutorial/shared-libraries-linux-gcc.html)
and checked both the regular symbol table and the dynamic symbol table
you can see the duplications
Thanks! |
Co-authored-by: grantseltzer <grantseltzer@gmail.com>
Co-authored-by: grantseltzer <grantseltzer@gmail.com>
Great suggestions! |
Dynamic symbols are very important to attach u(ret)probe on common libraries such as openssl, libc, etc.
issue: #129