Products Openwall GNU/*/Linux   server OS Linux Kernel Runtime Guard John the Ripper   password cracker Free & Open Source for any platform in the cloud Pro for Linux Pro for macOS Wordlists   for password cracking passwdqc   policy enforcement Free & Open Source for Unix Pro for Windows (Active Directory) yescrypt   KDF & password hashing yespower   Proof-of-Work (PoW) crypt_blowfish   password hashing phpass   ditto in PHP tcb   better password shadowing Pluggable Authentication Modules scanlogd   port scan detector popa3d   tiny POP3 daemon blists   web interface to mailing lists msulogin   single user mode login php_mt_seed   mt_rand() cracker Services Publications Articles Presentations Resources Mailing lists Community wiki Source code repositories (GitHub) Source code repositories (CVSweb) File archive & mirrors How to verify digital signatures OVE IDs What's new

Message-ID: <20150706190651.GY1173@brightrain.aerifal.cx>
Date: Mon, 6 Jul 2015 15:06:51 -0400
From: Rich Felker <dalias@...c.org>
To: musl@...ts.openwall.com
Subject: Re: Making a shared library that intercepts call to main work
 with musl compiled binary

On Mon, Jul 06, 2015 at 10:00:41PM +0300, Alexander Monakov wrote:
> On Mon, 6 Jul 2015, Rich Felker wrote:
> > On Mon, Jul 06, 2015 at 01:00:52PM -0400, Riyad Parvez wrote:
> > > Hi All,
> > > 
> > > I've shared library [1] which intercepts loading of a binary and does some
> > > pre-processing with the command-line arguments via "LD_PRELOAD" technique.
> > > The shared library works fine with glibc compiled binary i.e., it can
> > > intercept the call to main and does some preprocessing. But it can't
> > > intercept call to "main" in musl-compiled binary. I've compiled my binary
> > > in static mode with musl "CC=/musl-gcc -static". How can I make the shared
> > > library work with musl-compiled binary?
> > > 
> > > Thanks
> > > Riyad
> > > 
> > > [1]: https://github.com/dslab-epfl/s2e/blob/master/guest/init_env/init_env.c
> > 
> > I haven't read this code in detail, so I don't have any advice on
> > whether there are other problems, but the basic issue seems to be that
> > you're static linking. The same would happen if you use glibc and
> > static link. If you want the ability to use LD_PRELOAD you need to
> > link dynamically.
> 
> Furthermore, even with dynamic linking you cannot interpose 'main' in the
> executable via LD_PRELOAD.  Even more baffling is that the linked code
> interposes __libc_start_main; I'm lost for words that it happens to work with
> glibc.

Presumably it interposes __libc_start_main because it can't interpose
main. As far as I can tell the only reason it does this is to inject
fake argv. I'm skeptical as to whether it works correctly.

> I think a cleaner solution can be obtained by converting __s2e_init_env in the
> linked code to a constructor that examines environment variables, and moving
> the command line processing to an separate wrapper executable.

Certainly.

Rich

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.