From owner-freebsd-hackers@FreeBSD.ORG Sat Apr 16 23:31:39 2005 Return-Path: Delivered-To: freebsd-hackers@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id B19DA16A4CE for ; Sat, 16 Apr 2005 23:31:39 +0000 (GMT) Received: from daedalus.desk.pl (daedalus.desk.pl [62.233.238.17]) by mx1.FreeBSD.org (Postfix) with ESMTP id 5B69D43D2D for ; Sat, 16 Apr 2005 23:31:39 +0000 (GMT) (envelope-from creep@daedalus.desk.pl) Received: from localhost (localhost [127.0.0.1]) by daedalus.desk.pl (Postfix) with ESMTP id A3916366646 for ; Sun, 17 Apr 2005 01:28:56 +0200 (CEST) Received: from daedalus.desk.pl ([127.0.0.1]) by localhost (daedalus [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 08479-03 for ; Sun, 17 Apr 2005 01:28:55 +0200 (CEST) Received: by daedalus.desk.pl (Postfix, from userid 1023) id 636B436663F; Sun, 17 Apr 2005 01:28:55 +0200 (CEST) Date: Sun, 17 Apr 2005 01:28:55 +0200 From: Marcin To: freebsd-hackers@freebsd.org Message-ID: <20050416232855.GA8698@daedalus.desk.pl> Mime-Version: 1.0 Content-Type: text/plain; charset=iso-8859-2 Content-Disposition: inline User-Agent: Mutt/1.4.1i X-Antivirus: Skaner Antywirusowy DESK.pl X-Mailman-Approved-At: Sun, 17 Apr 2005 12:11:05 +0000 Subject: Determine location of LD_PRELOAD'ed shared libraries/functions. X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Technical Discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 16 Apr 2005 23:31:39 -0000 Hello Hackers, I'd like to find locations of functions exported by shared lib loaded into the running ptrace'd process via LD_PRELOAD. I want do determine this from tracing process. For shared libraries linked with a program i can just open the program file and search for relocation sections, which eventually point to the plt function entries. My problem is that i cannot figure out how to start searching for symbols which are loaded with LD_PRELOAD. I can see where the library is mapped in /proc/*/map (isn't there a better, less freebsd-specific place to search for this info?) but I'm not quite sure how to interpret the mmapped pages. Searching Elf doc's just makes me run in circles; usually the LD_PRELOAD option is just mentioned as it was obvious; I't isn't quite. Sections describing program memory image are in program file. LD_PRELOAD'ed lib is only in the memory, to which programs sections do not apply. Libraries sections can't know to what address they will be mmapped to, so where to search? Program has relocation entries, but there is no spare space there for something unexpected like LD_PRELOADed library (?) Please point me to right direction, because i've got only one idea left: grep dynamic loader for LD_PRELOAD ;). -- m. Brain power of a glass of water.