search

frida / frida-gum

Cross-platform instrumentation and introspection library written in C
https://frida.re
Other
753 stars 245 forks source link

Regression(?) in Module.enumerateExports and Module.enumerateSymbols #757

Closed leonitousconforti closed 8 months ago

leonitousconforti commented 11 months ago

Every since upgrading Frida server to >= 16.1.0, Module.enumerateExports and Module.enumerateSymbols both yield empty lists and provide no results, despite that I can print a list of symbols using objdump or nm. If I revert back to Frida server 16.0.19, I can print all the symbols and exports of the binary correctly. I tested all versions of Frida sever >= 16.0.19 with all versions of frida-node >= 16.0.19 and my conclusions are that it doesn't matter what version of frida-node I use, but any frida-server >= 16.0.19 doesn't work (i.e it can't find the exports/symbols anymore).

Here is some information about the binary:

libil2cpp.so: ELF 64-bit LSB shared object, ARM aarch64, version 1 (SYSV), dynamically linked, BuildID[sha1]=e0c975c6950ff035f0f696337eaa3760e986c7f6, stripped

If I use nm or objdump on the binary, it can find all the symbols I am interested in:

nm -D libil2cpp.so | grep il2cpp_
```sh 000000000064d040 T il2cpp_add_internal_call 000000000064d048 T il2cpp_alloc 000000000064d9a8 T il2cpp_allocation_granularity 000000000064d050 T il2cpp_array_class_get 000000000064d070 T il2cpp_array_element_size 000000000064d058 T il2cpp_array_get_byte_length 000000000064d054 T il2cpp_array_length 000000000064d05c T il2cpp_array_new 000000000064d064 T il2cpp_array_new_full 000000000064d060 T il2cpp_array_new_specific 000000000064d990 T il2cpp_array_object_header_size 000000000064d074 T il2cpp_assembly_get_image 000000000064d068 T il2cpp_bounded_array_class_get 000000000064dd28 T il2cpp_capture_memory_snapshot 000000000064d0fc T il2cpp_class_array_element_size 000000000064d078 T il2cpp_class_enum_basetype 000000000064dda0 T il2cpp_class_for_each 000000000064d098 T il2cpp_class_from_il2cpp_type 000000000064d0a0 T il2cpp_class_from_name 000000000064d07c T il2cpp_class_from_system_type 000000000064d100 T il2cpp_class_from_type 000000000064d124 T il2cpp_class_get_assemblyname 000000000064d144 T il2cpp_class_get_bitmap 000000000064d140 T il2cpp_class_get_bitmap_size 000000000064d130 T il2cpp_class_get_data_size 000000000064d0d8 T il2cpp_class_get_declaring_type 000000000064d0a4 T il2cpp_class_get_element_class 000000000064d0a8 T il2cpp_class_get_events 000000000064d0c0 T il2cpp_class_get_field_from_name 000000000064d0ac T il2cpp_class_get_fields 000000000064d0f0 T il2cpp_class_get_flags 000000000064d120 T il2cpp_class_get_image 000000000064d0b4 T il2cpp_class_get_interfaces 000000000064d0c8 T il2cpp_class_get_method_from_name 000000000064d0c4 T il2cpp_class_get_methods 000000000064d0cc T il2cpp_class_get_name 000000000064d0d0 T il2cpp_class_get_namespace 000000000064d0b0 T il2cpp_class_get_nested_types 000000000064d0d4 T il2cpp_class_get_parent 000000000064d0b8 T il2cpp_class_get_properties 000000000064d0bc T il2cpp_class_get_property_from_name 000000000064d128 T il2cpp_class_get_rank 000000000064d138 T il2cpp_class_get_static_field_data 000000000064d108 T il2cpp_class_get_type 000000000064d10c T il2cpp_class_get_type_token 000000000064dd98 T il2cpp_class_get_userdata_offset 000000000064d114 T il2cpp_class_has_attribute 000000000064d094 T il2cpp_class_has_parent 000000000064d118 T il2cpp_class_has_references 000000000064d0dc T il2cpp_class_instance_size 000000000064d0f4 T il2cpp_class_is_abstract 000000000064d088 T il2cpp_class_is_assignable_from 000000000064d0e8 T il2cpp_class_is_blittable 000000000064d11c T il2cpp_class_is_enum 000000000064d080 T il2cpp_class_is_generic 000000000064d084 T il2cpp_class_is_inflated 000000000064d0f8 T il2cpp_class_is_interface 000000000064d08c T il2cpp_class_is_subclass_of 000000000064d0e4 T il2cpp_class_is_valuetype 000000000064d0e0 T il2cpp_class_num_fields 000000000064dd90 T il2cpp_class_set_userdata 000000000064d0ec T il2cpp_class_value_size 000000000064db3c T il2cpp_current_thread_get_frame_at 000000000064db44 T il2cpp_current_thread_get_stack_depth 000000000064db2c T il2cpp_current_thread_get_top_frame 000000000064db24 T il2cpp_current_thread_walk_frame_stack 000000000064dd78 T il2cpp_custom_attrs_construct 000000000064dd7c T il2cpp_custom_attrs_free 000000000064dd4c T il2cpp_custom_attrs_from_class 000000000064dd5c T il2cpp_custom_attrs_from_method 000000000064dd74 T il2cpp_custom_attrs_get_attr 000000000064dd70 T il2cpp_custom_attrs_has_attr 000000000064dd44 T il2cpp_debug_get_method_info 000000000064dd38 T il2cpp_debugger_set_agent_options 000000000064d698 T il2cpp_domain_assembly_open 000000000064d694 T il2cpp_domain_get 000000000064d6a0 T il2cpp_domain_get_assemblies 000000000064d6e4 T il2cpp_exception_from_name_msg 000000000064d88c T il2cpp_field_get_flags 000000000064d888 T il2cpp_field_get_name 000000000064d894 T il2cpp_field_get_offset 000000000064d890 T il2cpp_field_get_parent 000000000064d898 T il2cpp_field_get_type 000000000064d89c T il2cpp_field_get_value 000000000064d8a0 T il2cpp_field_get_value_object 000000000064d8a4 T il2cpp_field_has_attribute 000000000064d8b8 T il2cpp_field_is_literal 000000000064d8a8 T il2cpp_field_set_value 000000000064d8ac T il2cpp_field_set_value_object 000000000064d8b0 T il2cpp_field_static_get_value 000000000064d8b4 T il2cpp_field_static_set_value 000000000064d6ec T il2cpp_format_exception 000000000064d758 T il2cpp_format_stack_trace 000000000064d04c T il2cpp_free 000000000064dd2c T il2cpp_free_captured_memory_snapshot 000000000064d8c8 T il2cpp_gc_collect 000000000064d8cc T il2cpp_gc_collect_a_little 000000000064d8d8 T il2cpp_gc_disable 000000000064d8d4 T il2cpp_gc_enable 000000000064d8f8 T il2cpp_gc_foreach_heap 000000000064d8f4 T il2cpp_gc_get_heap_size 000000000064d8e8 T il2cpp_gc_get_max_time_slice_ns 000000000064d8f0 T il2cpp_gc_get_used_size 000000000064d974 T il2cpp_gc_has_strict_wbarriers 000000000064d8dc T il2cpp_gc_is_disabled 000000000064d8e4 T il2cpp_gc_is_incremental 000000000064d97c T il2cpp_gc_set_external_allocation_tracker 000000000064d980 T il2cpp_gc_set_external_wbarrier_tracker 000000000064d8ec T il2cpp_gc_set_max_time_slice_ns 000000000064d8e0 T il2cpp_gc_set_mode 000000000064d8d0 T il2cpp_gc_start_incremental_collection 000000000064d96c T il2cpp_gc_wbarrier_set_field 000000000064d940 T il2cpp_gchandle_foreach_get_target 000000000064d984 T il2cpp_gchandle_free 000000000064d93c T il2cpp_gchandle_get_target 000000000064d92c T il2cpp_gchandle_new 000000000064d934 T il2cpp_gchandle_new_weakref 000000000064d03c T il2cpp_get_corlib 000000000064d6e8 T il2cpp_get_exception_argument_null 000000000064dcfc T il2cpp_image_get_assembly 000000000064dd24 T il2cpp_image_get_class 000000000064dd0c T il2cpp_image_get_class_count 000000000064dd08 T il2cpp_image_get_entry_point 000000000064dd04 T il2cpp_image_get_filename 000000000064dd00 T il2cpp_image_get_name 000000000064cf38 T il2cpp_init 000000000064cf70 T il2cpp_init_utf16 000000000064dd3c T il2cpp_is_debugger_attached 000000000064db20 T il2cpp_is_vm_thread 000000000064d9e4 T il2cpp_method_get_class 000000000064d9ec T il2cpp_method_get_declaring_type 000000000064d9f0 T il2cpp_method_get_flags 000000000064d9c4 T il2cpp_method_get_from_reflection 000000000064d9cc T il2cpp_method_get_name 000000000064d9c8 T il2cpp_method_get_object 000000000064d9e0 T il2cpp_method_get_param 000000000064d9dc T il2cpp_method_get_param_count 000000000064da28 T il2cpp_method_get_param_name 000000000064d9c0 T il2cpp_method_get_return_type 000000000064da24 T il2cpp_method_get_token 000000000064d9e8 T il2cpp_method_has_attribute 000000000064d9d0 T il2cpp_method_is_generic 000000000064d9d4 T il2cpp_method_is_inflated 000000000064d9d8 T il2cpp_method_is_instance 000000000064da94 T il2cpp_monitor_enter 000000000064da9c T il2cpp_monitor_exit 000000000064daa0 T il2cpp_monitor_pulse 000000000064daa4 T il2cpp_monitor_pulse_all 000000000064da98 T il2cpp_monitor_try_enter 000000000064daac T il2cpp_monitor_try_wait 000000000064daa8 T il2cpp_monitor_wait 000000000064d7c8 T il2cpp_native_stack_trace 000000000064da5c T il2cpp_object_get_class 000000000064da60 T il2cpp_object_get_size 000000000064da64 T il2cpp_object_get_virtual_method 000000000064d988 T il2cpp_object_header_size 000000000064da68 T il2cpp_object_new 000000000064da8c T il2cpp_object_unbox 000000000064d9a0 T il2cpp_offset_of_array_bounds_in_array_object_header 000000000064d998 T il2cpp_offset_of_array_length_in_array_object_header 000000000064db6c T il2cpp_override_stack_backtrace 000000000064da2c T il2cpp_profiler_install 000000000064da38 T il2cpp_profiler_install_allocation 000000000064da34 T il2cpp_profiler_install_enter_leave 000000000064da40 T il2cpp_profiler_install_fileio 000000000064da3c T il2cpp_profiler_install_gc 000000000064da44 T il2cpp_profiler_install_thread 000000000064da30 T il2cpp_profiler_set_events 000000000064da58 T il2cpp_property_get_flags 000000000064da4c T il2cpp_property_get_get_method 000000000064da48 T il2cpp_property_get_name 000000000064da54 T il2cpp_property_get_parent 000000000064da50 T il2cpp_property_get_set_method 000000000064d6d4 T il2cpp_raise_exception 000000000064dd40 T il2cpp_register_debugger_agent_transport 000000000064dd34 T il2cpp_register_log_callback 000000000064d044 T il2cpp_resolve_icall 000000000064dae0 T il2cpp_runtime_class_init 000000000064dac8 T il2cpp_runtime_invoke 000000000064dab0 T il2cpp_runtime_invoke_convert_args 000000000064dae4 T il2cpp_runtime_object_init 000000000064dae8 T il2cpp_runtime_object_init_exception 000000000064daec T il2cpp_runtime_unhandled_exception_policy_set 000000000064d010 T il2cpp_set_commandline_arguments 000000000064d020 T il2cpp_set_commandline_arguments_utf16 000000000064d034 T il2cpp_set_config 000000000064d004 T il2cpp_set_config_dir 000000000064d030 T il2cpp_set_config_utf16 000000000064d008 T il2cpp_set_data_dir 000000000064db68 T il2cpp_set_default_thread_affinity 000000000064dd30 T il2cpp_set_find_plugin_callback 000000000064d038 T il2cpp_set_memory_callbacks 000000000064d00c T il2cpp_set_temp_dir 000000000064d000 T il2cpp_shutdown 000000000064d928 T il2cpp_start_gc_world 000000000064d168 T il2cpp_stats_dump_to_file 000000000064d628 T il2cpp_stats_get_value 000000000064d924 T il2cpp_stop_gc_world 000000000064daf4 T il2cpp_string_chars 000000000064db08 T il2cpp_string_intern 000000000064db0c T il2cpp_string_is_interned 000000000064daf0 T il2cpp_string_length 000000000064daf8 T il2cpp_string_new 000000000064db04 T il2cpp_string_new_len 000000000064db00 T il2cpp_string_new_utf16 000000000064dafc T il2cpp_string_new_wrapper 000000000064db14 T il2cpp_thread_attach 000000000064db10 T il2cpp_thread_current 000000000064db18 T il2cpp_thread_detach 000000000064db1c T il2cpp_thread_get_all_attached_threads 000000000064db40 T il2cpp_thread_get_frame_at 000000000064db64 T il2cpp_thread_get_stack_depth 000000000064db38 T il2cpp_thread_get_top_frame 000000000064db28 T il2cpp_thread_walk_frame_stack 000000000064dcd8 T il2cpp_type_equals 000000000064dc20 T il2cpp_type_get_assembly_qualified_name 000000000064dcd0 T il2cpp_type_get_attrs 000000000064db78 T il2cpp_type_get_class_or_element_class 000000000064db7c T il2cpp_type_get_name 000000000064dd80 T il2cpp_type_get_name_chunked 000000000064db70 T il2cpp_type_get_object 000000000064db74 T il2cpp_type_get_type 000000000064dcc4 T il2cpp_type_is_byref 000000000064dce8 T il2cpp_type_is_pointer_type 000000000064dcdc T il2cpp_type_is_static 000000000064d7c4 T il2cpp_unhandled_exception 000000000064dd48 T il2cpp_unity_install_unitytls_interface 000000000064d9b0 T il2cpp_unity_liveness_calculation_begin 000000000064d9b4 T il2cpp_unity_liveness_calculation_end 000000000064d9b8 T il2cpp_unity_liveness_calculation_from_root 000000000064d9bc T il2cpp_unity_liveness_calculation_from_statics 000000000064da90 T il2cpp_value_box ```

and I can indeed access the symbols at those offsets inside Frida.

I can see a lot has changed between 16.0.19 and 16.1.0. I think I am going to start with the changes in frida-gum, if you have any idea or insights about where I should start looking though that would be extremely helpful.

oleavr commented 8 months ago

Thank you so much for reporting! :raised_hands: