search

kubo / plthook

Hook function calls by replacing PLT(Procedure Linkage Table) entries.
762 stars 156 forks source link

plthook_open error: dlopen error: library "data/user/0/com.kyhsgeekcode.disassembler/files/tmp.so" wasn't loaded and RTLD_NOLOAD prevented it #9

Closed yhs0602 closed 4 years ago

yhs0602 commented 5 years ago

I really thank you for this library! However,

I got this error using this code:

                plthook_t *plthook;
        unsigned int pos = 0; /* This must be initialized with zero. */
        const char *name;
        void **addr;
        if (plthook_open(&plthook, filename) != 0)
        {
            __android_log_print(ANDROID_LOG_ERROR, "Disassembler","plthook_open error: %s\n", plthook_error());
            return NULL;
        }

So I tried modifying to 

static int plthook_open_shared_library(plthook_t **plthook_out, const char *filename)
{
    void *hndl = dlopen(filename, RTLD_LAZY /*| RTLD_NOLOAD*/);
    struct link_map *lmap = NULL;

    if (hndl == NULL) {
        set_errmsg("dlopen error: %s", dlerror());
        return PLTHOOK_FILE_NOT_FOUND;
    }

Then I get this error:

12-25 19:36:12.580 E/linker (954): library "/storage/emulated/0/adaTest/libhello-jni.so" ("/storage/emulated/0/adaTest/libhello-jni.so") needed or dlopened by "/data/app/com.kyhsgeekcode.disassembler-2/lib/arm/libhello-jni.so" is not accessible for the namespace: [name="classloader-namespace", ld_library_paths="", default_library_paths="/data/app/com.kyhsgeekcode.disassembler-2/lib/arm:/data/app/com.kyhsgeekcode.disassembler-2/base.apk!/lib/armeabi-v7a", permitted_paths="/data:/mnt/expand:/data/data/com.kyhsgeekcode.disassembler"] 12-25 19:36:12.580 E/Disassembler(954): plthook_open error: dlopen error: dlopen failed: library "/storage/emulated/0/adaTest/libhello-jni.so" needed or dlopened by "/data/app/com.kyhsgeekcode.disassembler-2/lib/arm/libhello-jni.so" is not accessible for the namespace "classloader-namespace"

Do you know how to use it well on android?

yhs0602 commented 5 years ago

When I copy the .so file to internal storage(/data/data/com.kyhsgeekcode.disassembler/files/tmp.so) I get this error with the above (modified)code. 12-25 19:38:56.450 E/Disassembler(954): plthook_open error: create_link_map_fname error

kubo commented 5 years ago

@KYHSGeekCode Sorry for my too late reply. I had not used plthook in android. Now I have learned how to run tests in android emulators and have some experience about Android NDK.

The RTLD_NOLOAD option is by design. Plthook changes PLT entries in the current process. The file to be hooked must be loaded.

If you need to hook function calls in a not-loaded library, use the latest code of plthook and pass the return value of dlopen() to plthook_open_by_handle(). The internal logic of plthook for macOS was changed by this commit.