Stack Overflow
Stack Overflow

Questions tagged [library-interposition]

This is a practice to override a call to the function from library by the developer's own implementation. Dedicated to add monitoring and/or debugging stuff into functions like malloc().

This is a practice reached by features of dynamic linker to override a call in the application to the function from library by the developer's own implementation. Such mechanism is dedicated to add monitoring and/or debugging stuff into functions like malloc(), realloc(), free().

GNU linker ld allows to do that thanks to the LD_PRELOAD environment variable, which cause the indicated ELF dynamic library to be loaded prior to other libraries linked with the application being executed.

21 questions
12
votes
2 answers

How to hook system calls of my android app (non rooted device)

I am trying to intercept all system calls made by my Android app on a non rooted device. So every time my app writes/reads a file, I want to intercept the system call and encrypt/decrypt the stream for security purposes. The encryption part is no…
John A.
  • 238
  • 1
  • 2
  • 9
11
votes
2 answers

How to dynamically interpose C functions from Python on Linux (without LD_PRELOAD)?

How do I, at run-time (no LD_PRELOAD), intercept/hook a C function like fopen() on Linux, a la Detours for Windows? I'd like to do this from Python (hence, I'm assuming that the program is already running a CPython VM) and also reroute to Python…
Yang
  • 16,037
  • 15
  • 100
  • 142
11
votes
2 answers

LD_PRELOAD for C++ class methods

I need to interpose on a method call in a C++ program (the class resides in a separate shared library). I thought I could use LD_PRELOAD, but i am not sure how this would work (i only found examples of C functions): is there a way to setup…
BruceBerry
  • 1,166
  • 1
  • 9
  • 21
4
votes
1 answer

Interposing of OS X system calls

I need to interpose (get my functions called instead of the original functions) some OS X system calls to overcome a flaw in a piece of closed-source software. Preferably, the resulting solution would work under 10.5 (Leopard) and newer, but I might…
bland328
  • 319
  • 1
  • 4
  • 13
3
votes
3 answers

memory-mapped files in C

I was playing around with memory-mapped files in C and was wondering if there is a way to replace the FILE * from fopen with a memory mapped file transparently. Example: FILE * fp = g_fopen(...); //Program does things to this fp. fclose(); But…
James
  • 3,682
  • 3
  • 22
  • 21
2
votes
1 answer

Library interpositioning

I have been trying to intercept calls to malloc and free, following our textbook (CSAPP book). I have followed their exact code, and nearly the same code that I found online and I keep getting a segmentation fault. I heard our professor saying…
juimdpp
  • 37
  • 1
  • 4
2
votes
1 answer

Can OS X system calls be overridden or interposed on a system-wide basis?

Working under OS X Lion, I've done some work with code injection to interpose system calls on a process-by-process basis recently. I've learned a lot along the way, and it now looks like it would make more sense, at least for research purposes, to…
bland328
  • 319
  • 1
  • 4
  • 13
1
vote
1 answer

Cleaning up function interposition with dlsym

As a malloc wrapper, I use this classical snippet of code: #define _GNU_SOURCE #include #include #include void* malloc(size_t size) { static void* (*real_malloc)(size_t) = NULL; if (!real_malloc) …
ziu
  • 2,634
  • 2
  • 24
  • 39
1
vote
1 answer

How to correctly interpose malloc allowing for LD_PRELOAD chaining

I have a created shared library which interposes malloc() and related calls. The works well but for some caveats. There is one thing that does not work. I am expecting to be able to chain interposers such that I can run something…
Bruce Adams
  • 4,953
  • 4
  • 48
  • 111
1
vote
1 answer

ptrace(PTRACE_ATTACH, pid, 0, 0) error: cannot atttach to pid

i am trying to inject a library in android using PTRACE but when i try to attach ptrace to specific pid for monitoring got an error/; "Cannot attach to pid"... Here is the code // Attach if (0 > ptrace(PTRACE_ATTACH, pid, 0, 0)) { …
Naveen
  • 31
  • 8
1
vote
1 answer

symbol lookup in shared libraries

I have tested such a simple program below /* a shared library */ dispatch_write_hello(void) { fprintf(stderr, "hello\n"); } extern void print_hello(void) { dispatch_write_hello(); } My main program is like this: extern…
HuangJie
  • 1,488
  • 1
  • 16
  • 33
1
vote
1 answer

How can I get the PID of a new process before it executes?

So that I can do some injecting and interposing using the inject_and_interpose code, I need to way to get the PID of a newly-launched process (a typical closed-source user application) before it actually executes. To be clear, I need to do better…
bland328
  • 319
  • 1
  • 4
  • 13
0
votes
4 answers

Problem replacing Linux system calls using LD_PRELOAD

I am trying to write a program that allows a binary to be run, substituting a certain file when requested with another. It is a library with simple replacements for the system call functions, that is used with LD_PRELOAD. The problem is that it…
c4757p
  • 1,728
  • 4
  • 18
  • 25
0
votes
1 answer

Symbol interposition on macOS

I have a program that links against a shared library libfoo. I want to override one of the functions from libfoo inside my program, such that internal calls to that function from within libfoo resolve to the definition in my program. (For context,…
Ismail Badawi
  • 36,054
  • 7
  • 85
  • 97
0
votes
2 answers

How can I debug runtime library interpositioned process?

I'm now studying library interpositioning with C in Ubuntu 18.04, and I'm testing two simple codes to wrap strlen: "mystrlen.c", "mystrlenTest.c". Here is the code I wrote: mystrlen.c #ifdef RUNTIME #define _GNU_SOURCE #include #include…
MVTaxi
  • 3
  • 2
1
2