0

I'd like to ship libfoo.a, which is composed of foo.o--which in turn depends on libVendorBar.a and libVendorZoo.a.

When I link and generate my libfoo.a I notice that symbols in libVendor*.a are still public and visible for potential client applications to link against.

Due to many reasons outside of my control, I absolutely do not want 3rd party clients to be able to directly link against the vendor libraries.

How do I force gcc to resolve all libVendor symbols for libfoo and discard them, so that only symbols from libfoo are visible?

I'm not using any LD_FLAGS currently and everything is statically linked.

R.D.
  • 2,471
  • 2
  • 15
  • 21
  • have you seen this https://linux.die.net/man/1/strip ? – zappy Dec 19 '17 at 06:45
  • `strip` doesn't do what I want even with `-K`. It seems to discard something called the archive index from the static library. [If I regenerate the index via `ranlib`](https://stackoverflow.com/questions/11346240/ranlib-and-static-library), the linked binary is *super* strange, with every "branch and link" instruction jumping to itself and creating an infinite loop. I spent half-a-day debugging the fallout of `strip` and `ranlib` before realizing that I'm doing something fundamentally wrong. Surely there must be something within `gcc` that can do what I want? – R.D. Dec 19 '17 at 07:16
  • According to https://stackoverflow.com/questions/33851045/gcc-a-static-library-with-undefined-symbols what I'm looking for is the `-static` flag, which fully resolves all symbols. I'm hoping this also means that gcc will be smart enough to discard most of the symbols. I guess I'll update this post tomorrow if it works out. – R.D. Dec 19 '17 at 07:25

1 Answers1

1

Unfortunately static libraries do not have equivalent of -fvisibility=hidden used for shared libraries. You can achieve what you need with more work though:

  • first link all necessary code into foo.o:

    ld -r foo.o -Lpath/to/vendor/libs -lBar -lZoo -o foo_linked.o

    This would allow you can to ship libfoo.a without vendor libs (vendor symbols are still present in it).

  • Unfortunately you can't simply remove vendor symbols from library symtab (e.g. via objcopy -L and strip --strip-symbol) because linker will need them for relocation processing during final executable link. But you can at least rename them to something unreadable:

    for sym in all symbols you want to hide; do
  id=$(echo $sym | md5sum | awk '{print $1}')
  objcopy --redefine-sym $sym=f_$id foo_linked.o
done

    Note however that this wouldn't stop motivated user from reverse engineering vendor's code.

yugr
  • 19,769
  • 3
  • 51
  • 96