Alias Function encrypt problem

[VantIer]

Hello Sir, I am newbee to learn ELF. I am reading kitshield's code to learn something. It is a great project! But I found something I didn't understand。 When adding inner layer to program, shield will search function symbols that alias to other. It will be skipped to avoid double encryption。 But if now we have func A and func B. When the A being encrypted, shield will find B and skip; When the B being encrypted, shield will find A and skip. So every func who has another func alias to it, it will not be encrypted. Is that how it's designed？

`/* Statically linked binaries contain several function symbols that alias

• eachother (_IO_vfprintf and fprintf in glibc for instance). Detect and
• skip them here as to not double-encrypt. / const Elf64_Sym alias = elf_get_first_fcn_alias(elf, sym); if (alias) { verbose("not encrypting function %s as it aliases %s", elf_get_sym_name(elf, sym), elf_get_sym_name(elf, alias)); continue; }

const Elf64_Sym elf_get_first_fcn_alias( const struct mapped_elf elf, const Elf64_Sym *sym) { ELF_FOR_EACH_SYMBOL(elf, cursor) { if (ELF64_ST_TYPE(cursor->st_info) == STT_FUNC && sym->st_value == cursor->st_value && sym != cursor) { return cursor; } }

return NULL; } `

[GunshipPenguin]

Hi there,

Thanks for bringing this to my attention. This was an oversight on my part when writing the code to skip aliased functions. I meant for aliased functions to actually be encrypted, but you're right that they are not. I've fixed that with commit 0ebcd26abed290221cc0d986ea517bac0595f157.

Cheers, Rhys