Once upon a time, people could implement their simple ( not security related ) system virtualization tools with libc syscall wrappers and LD_PRELOAD. That time seemed gone. This is because glibc uses a pair of symbol for each exported function, one of them has the hidden visibility, and is often preferred for internal calls. Calls to symbols with hidden visibility won't go through the PLT, and as a result cannot be overriden easily.
This is why if you override write with LD_PRELOAD, you will not be able to make printf take advantage of it.
This process of making the symbols hidden suppresses symbol lookup, PLT entries, GOT indirections for non branching relocations... But makes LD_PRELOAD a lot less usable.
There is a configure switch in glibc compilation which is supposed to turn these optimizations off, but unfortunately is was broken somewhere after the 2.3 release of glibc. This switch is called "disable-hidden-plt".
I implemented a set of tools to make a selected list of symbols exported again. It was written with minimal assumptions about the C library code, and needs testing. So if you encounter this problem ( for example, if you want to use plasticfs or things like that ), you should definitely give it a try.
If this code proves useful for what I am working on, then I'll rewrite it... for now it is just a bunch of dirty scripts.
It prints interesting information about internal glibc symbols though.
https://sourceforge.net/projects/glibchiddenplt/
Inscription à :
Publier les commentaires (Atom)
Aucun commentaire:
Enregistrer un commentaire