I had dynamically load a shared library for target process. Target process has a function
void printNum(). Is it possible to get it address in shred library?
actually i need start address of .text segment + function offset, but in target process i can get it with &printNum, is it posiible to do the same but in shared librarry?
Asked
Active
Viewed 707 times
0
ipolit__
- 23
- 4
-
Yes, the shared library can access external symbols. – Ian Abbott Apr 30 '21 at 16:10
-
POSIX provides [`dlopen`](https://pubs.opengroup.org/onlinepubs/009695399/functions/dlopen.html) and [`dlsym`](https://pubs.opengroup.org/onlinepubs/7908799/xsh/dlsym.html). – Import Accelerate Apr 30 '21 at 16:34
1 Answers
0
Is it possible to get it address in shred library?
Maybe.
It's easy if the main executable exports the symbol in its dynamic symbol table. If so, you can access its address using the same &printNum syntax.
To see whether the main executable exports the symbol, use nm -D a.out | grep ' printNum'.
If the main executable doesn't export the symbol, and you try to access it from the foo.so with &printNum, your dlopen("foo.so", ...) will fail with "printNum: unresolved symbol" or a similar error.
If you can't rebuild the main executable with e.g. -rdynamic flag, things get trickier.
If the main executable has symbol table (i.e. it is no stripped), the function will be visible in the output from nm a.out. You can read the symbol table using this code, and obtain the address of printNum from it. If a.out is position-independent, you will also need to find the address where it is loaded, using e.g. dl_iterate_phdr().
If the main executable doesn't have symbol table (i.e. it is stripped), then there is no way to find where printNum actually is, and the answer in that case is "no".
Employed Russian
- 199,314
- 34
- 295
- 362