New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
helpers: Added dynamic symbol resolver #128
helpers: Added dynamic symbol resolver #128
Conversation
Dynamic symbols are very important to attach u(ret)probe on common libraries such as openssl, libc, etc.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This is great, thank you! Just one comment, let me know what you think!
helpers/elf.go
Outdated
|
||
// DynamicSymbolToOffset attempts to resolve a dynamic 'symbol' name in the binary found at | ||
// 'path' to an offset. The offset can be used for attaching a u(ret)probe | ||
func DynamicSymbolToOffset(path, symbol string) (uint32, error) { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
What do you think about adding this logic to SymbolToOffset
instead? If the named symbol isn't in the symbol table, check dynamic symbols. Is it possible to have a name collision?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I'm in favor of your suggestion, I didn't want to "break" anyone using the original function, so ill change the code accordingly.
regarding the name collision - so the short answer would be yes, but it is only because the dynamic symbol table contains exported functions that will appear in the regular symbol table.
a nice answer in stack overflow https://reverseengineering.stackexchange.com/a/21623
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
created a simple SO (followed https://www.cprogramming.com/tutorial/shared-libraries-linux-gcc.html)
and checked both the regular symbol table and the dynamic symbol table
you can see the duplications
Thanks! |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Couple of small suggestions (let me know WYT) but otherwise LGTM!
Co-authored-by: grantseltzer <grantseltzer@gmail.com>
Co-authored-by: grantseltzer <grantseltzer@gmail.com>
Great suggestions! |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I messed up that error name woops lol, thanks for the contribution!
Dynamic symbols are very important to attach u(ret)probe on common libraries such as openssl, libc, etc.
issue: #129