0

I am trying to find a way to inject a .so file into another process. This .so file contains a replacement handler for SIGSEGV and a function for replacing the hooked process's SIGSEGV handler with the aforementioned replacement handler. I want to inject this .so file into a running process so I can call the function and thus make it so that SIGSEGV doesn't crash applications (I am running this in a VM to be safe). I have looked for information on injecting .so files or replacing signal handlers, but none helped for me. I'm still confused on how to inject a shared library without having to use LD_PRELOAD. Any help?

ChrisNonyminus
  • 55
  • 1
  • 3
  • Does the process already have a handler for `SIGSEGV`? If not, what do you expect to replace? Usually this is handled by the default, which kills the process without calling a handler. – Barmar Apr 18 '22 at 20:39

1 Answers1

1

I want to inject this .so file into a running process so I can call the function and thus make it so that SIGSEGV doesn't crash applications (I am running this in a VM to be safe).

  1. You cannot inject a shared library into a running process without the process's assistance -- probably in the form of the process opening it via dlopen().

  2. It's a fool's errand anyway. You cannot rescue a process that segfaults by catching the SIGSEGV. If you install a handler that catches the signal and returns normally then the program's subsequent behavior is undefined. The segfault is not the problem. Rather, it is the symptom.

John Bollinger
  • 160,171
  • 8
  • 81
  • 157
  • 1
    The program's subsequent behavior being undefined is what I want, though. I am fuzzing a program by randomly replacing instructions in its code with slightly modified versions of each instruction (to see how it glitches out), and although it works, the modified instructions cause a segfault and a crash, which I don't want. – ChrisNonyminus Apr 18 '22 at 20:38
  • @ChrisNonyminus, it sounds like the segfault and crash you observe ***is*** how the program glitches out. In any event, go back up the page a bit to point (1): you cannot inject a shared library into a running process without its cooperation. – John Bollinger Apr 18 '22 at 20:48
  • 2
    @ChrisNonyminus *the modified instructions cause a segfault and a crash, which I don't want* And what do you think will happen when your forcibly-installed `SIGSEGV` handler ignores `SIGSEGV` and returns the process back to the exact same instruction? – Andrew Henle Apr 18 '22 at 21:34