[BUG] SB2 x86 hooking vs glibc

asked 2019-06-13 14:27:58 +0300

tortoisedoc gravatar image

updated 2019-06-20 22:00:24 +0300

I personally have encoutered this problem on x86 target. I don't know if it exists on ARM; but given the code of glibc is the same, i guess it should? Note also that this bug appears only on SB2, not on real devices.

SB2 relies heavily on hooking of glibc public api's to provide development functionalities for individual targets.

Glibc has a "dark" side to it, however - an "internal" (private) api (prefixed with __libc), which for other glibc-related reasons exist; this api provides private versions of the public api's which usually are hooked by SB2.

As the symbols of this api are private, they cant be hooked by SB2. So you have glibc working black magic behind the scenes.

An example, the sem_open function:

https://bugs.merproject.org/show_bug.cgi?id=2000

Another example is the spawn api.

And if you care to throw a read (tl;dr;), here's the story :

http://kastlunger.blogspot.com/2019/04/lets-do-time-warp-again-or-compile-llvm.html

edit retag flag offensive close delete

Comments

@James can you tag this (@sledges suggested)? thanks!

tortoisedoc ( 2019-06-14 13:11:00 +0300 )edit