bhook 的dlopen未监控到加载的so #48
Labels
bug
Something isn't working
Comments
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
bytehook Version
1.0.5
Android OS Version
6
Android ABIs
armeabi-v7a
Device Manufacturers and Models
xiaomi 4
Describe the Bug
我通过注册回调函数:
bytehook_add_dlopen_callback(dlopen_pre_callback, dlopen_callback, NULL);发现加载so后未被监控到。
于是我修改bh_hook_manager_verify_got_value输出了一下日志
rs = dladdr(*((void **)got_addr), &info);
BH_LOG_INFO("dladdr: %s got_addr=%p callee: %s %s", got_addr, info.dli_fname, info.dli_sname);
...
if (NULL == info.dli_sname) {
ElfW(Sym) *sym = bh_elf_find_export_func_symbol_by_symbol_name(callee_elf, task->sym_name);
BH_LOG_INFO("callee: %s(%s), sym:%p", callee_elf->pathname, task->sym_name, sym);
if (NULL != sym && STT_GNU_IFUNC == ELF_ST_TYPE(sym->st_info)) {
BH_LOG_INFO("hook chain: verify bypass ifunc: %s in %s", task->sym_name, info.dli_fname);
r = 0;
}
}
日志如下:
06-22 18:23:57.609 32110-32110/? I/bhook: hook symbol(dlopen) in /system/lib/libart.so
06-22 18:23:57.609 32110-32110/? I/bhook: trampo: created for GOT b4abcbf0 at b5de608c, size 20 + 8 = 28
06-22 18:23:57.609 32110-32110/? I/bhook: hook chain: created for GOT b4abcbf0, orig func ab53e961
06-22 18:23:57.609 32110-32110/? I/bhook: hook chain: add(new) func, GOT b4abcbf0, func b377cf61
06-22 18:23:57.610 32110-32110/? I/bhook: dladdr got_addr=b4abcbf0 callee: /system/lib/libsechook.so (null)
06-22 18:23:57.610 32110-32110/? I/bhook: /system/lib/libsechook.so(dlopen), sym:0x0
06-22 18:23:57.610 32110-32110/? I/bhook: hook chain: del func, GOT b4abcbf0, func b377cf61
这个问题可能是因为dlopen已经被别的库(/system/lib/libsechook.so)hook了,然后bhook就不处理了?
The text was updated successfully, but these errors were encountered: