修补code /符号成一个动态链接ELF二进制 [英] Patching code/symbols into a dynamic-linked ELF binary
问题描述
假设我有一个ELF二进制文件的动态联系,我想重写/重定向某些库的调用。我知道我可以用 LD_ preLOAD 做到这一点,但我想独立于环境的解决方案,在二进制的永久性,而且工程的setuid / setgid的二进制文件,其中没有一个 LD_ preLOAD 可以实现。
Suppose I have an ELF binary that's dynamic linked, and I want to override/redirect certain library calls. I know I can do this with LD_PRELOAD, but I want a solution that's permanent in the binary, independent of the environment, and that works for setuid/setgid binaries, none of which LD_PRELOAD can achieve.
我想要做的是从另外的目标文件(可能在新的章节,如果必要的话)从这些目标文件添加code,并添加符号二进制的符号表,这样的新增版本code被取代共享库code的使用。我认为这应该是可能的,而不在现有的code实际执行了任何重新定位;即使他们是在同一个文件,这应该能够在运行时的惯常方式PLT解析(对于什么是值得我只在乎功能,而不是数据)。
What I'd like to do is add code from additional object files (possibly in new sections, if necessary) and add the symbols from these object files to the binary's symbol table so that the newly added version of the code gets used in place of the shared library code. I believe this should be possible without actually performing any relocations in the existing code; even though they're in the same file, these should be able to be resolved at runtime in the usual PLT way (for what it's worth I only care about functions, not data).
请不要给我沿着线回答:你不想这样做!或这是不可移植的!什么我的工作是略ABI不兼容的备用共享库的实现接口的二进制文件的方式。有问题的platform是i386-linux的(即32位),如果它很重要。除非我弄错了什么是可能的,我可以写一些工具来分析ELF文件并执行我的黑客,但我怀疑有使用GNU链接和其他工具来完成,而不需要写新的code一个奇特的方式。
Please don't give me answers along the line of "You don't want to do this!" or "That's not portable!" What I'm working on is a way of interfacing binaries with slightly-ABI-incompatible alternate shared-library implementations. The platform in question is i386-linux (i.e. 32-bit) if it matters. Unless I'm mistaken about what's possible, I could write some tools to parse the ELF files and perform my hacks, but I suspect there's a fancy way to use the GNU linker and other tools to accomplish this without writing new code.
推荐答案
我建议 elfsh 等。从 ERESI 项目工具,如果你想仪器ELF文件本身。与I386-Linux兼容是没有问题的,因为我已经用它自己为同一目的。
I suggest the elfsh et al. tools from the ERESI project, if you want to instrument the ELF files themselves. Compatibility with i386-linux is not a problem, as I've used it myself for the same purpose.
有关如何渡是这里。
这篇关于修补code /符号成一个动态链接ELF二进制的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
