shadowhook v1.0.7

[caikelun]

Bugs fixed

1. Avoid crashes in x86 Houdini environment.

ShadowHook currently only supports arm and arm64 architectures. When running in the x86 Houdini environment, if you use ShadowHook to hook the system library of the x86 architecture, it will crash.

In particular, when the user tries to hook the library that has not been loaded into the memory through shadowhook_hook_sym_name() or shadowhook_hook_sym_name_callback(), ShadowHook will hook the linker‘s do_dlopen internally in order to automatically complete the hook work when the library is loaded into memory in the future, and the linker of the x86 Houdini environment is also of the x86 architecture, which leads to a crash.

We now check the architecture of the hooked ELF file before hooking. If the architecture does not match, the corresponding error code will be returned. We have added error codes 34 and 35, which correspond to the two cases of "the architecture of the ELF that the user wants to hook does not match" and "the architecture of the linker does not match" respectively.

Improve

1. Avoid compile warnings caused by shadowhook.h header file.

Previously, the BYTEHOOK_STACK_SCOPE macro in the shadowhook.h header file contained a temporary variable starting with a double underscore, which caused a compilation warning (reserved-identifier) in some compiler versions.

2. Ignore the extra suffix generated by LLVM during symbol lookup.

LLVM may add additional suffixes to symbols in ELF .symtab. The format of the suffix is .xxxx.hash, such as _ZN3artL21IsSafeToCallAbortSafeEv.__uniq.55395457626730424248235132913560037531.llvm.1533082929482216501, the _ZN3artL21IsSafeToCallAbortSafeEv is called canonical name, the hash section in the suffix may change after recompilation.

Passing only the canonical name is now supported when passing symbol names in shadowhook_dlsym(), shadowhook_dlsym_symtab(), shadowhook_hook_sym_name() and shadowhook_hook_sym_name_callback().

Bugs 修复

1. 避免在 x86 houdini 环境中发生崩溃。

ShadowHook 目前只支持 arm 和 arm64 架构，在 x86 Houdini 环境中运行时，如果用 ShadowHook 来 hook x86 架构的系统库就会发生崩溃。

尤其是，当用户通过 shadowhook_hook_sym_name() 或 shadowhook_hook_sym_name_callback() 试图 hook 还未加载到内存中的 so 库时，ShadowHook 为了在这个 so 库未来被加载到内存时自动的完成 hook 工作，会在内部 hook linker 的 do_dlopen，而 x86 Houdini 环境的 linker 也是 x86 架构的，这就导致了崩溃。

我们现在在 hook 之前先检测被 hook ELF 文件的架构，如果架构不匹配，会返回对应的错误码。我们新增了错误码 34 和 35，分别对应 “用户希望 hook 的 ELF 的架构不匹配” 和 “linker 的架构不匹配” 这两种情况。

改进

1. 避免 shadowhook.h 头文件引起的编译警告。

之前 shadowhook.h 头文件中 BYTEHOOK_STACK_SCOPE 宏中包含一个以双下划线开头的临时变量，这在某些编译器版本中会引发一个编译警告（reserved-identifier）。

2. 符号查找时忽略 LLVM 产生的额外后缀。

LLVM 可能为 ELF .symtab 中的符号添加额外的后缀，后缀的格式是 .xxxx.hash，比如 _ZN3artL21IsSafeToCallAbortSafeEv.__uniq.55395457626730424248235132913560037531.llvm.1533082929482216501，其中的 _ZN3artL21IsSafeToCallAbortSafeEv 称为 canonical name，后缀中的 hash 重新编译后可能发生变化。

现在，在 shadowhook_dlsym()，shadowhook_dlsym_symtab()，shadowhook_hook_sym_name() 和 shadowhook_hook_sym_name_callback() 中传递符号名时，支持只传递 canonical name。

---

This discussion was created from the release shadowhook v1.0.7.