Using LD_PRELOAD wrappers to identify problem use of shared library functions

[William Cohen]

On 03/11/2011 12:29 AM, John Reiser wrote:
> On 03/10/2011 08:25 AM, William Cohen wrote:
>> git repo at:
>>
>> http://fedorapeople.org/gitweb?p=wcohen/public_git/memstomp;a=summary
> 
> Actually: git clone git://fedorapeople.org/home/fedora/wcohen/public_git/memstomp
> 
> The implementation has some properties:
> 1.  Not async signal safe [malloc, fprintf], as noted previously by Daniel Berrange.
> 2.  Not thread safe: unguarded top-level static variables in backtrace-symbols.c.
> 3.  Essentially bundles a private copy of libbfd.

backtrace code was copied from mutrace to get the memstomp proof-of-concept working. It would be preferable to not have static libbfd libraries. Improved backtrace code would address a number of the issues mentioned here (2, 3, and 6).

> 4.  Needs work for a process tree that uses a mixture of 32-bit and 64-bit programs.

In theory, if both the 32-bit and 64-bit versions of the shared libraries are installed in the usual directories, the ldconfig has been run, and absolute paths are not used in LD_PRELOAD then the loader should find the correct version of the library.

> 5.  Does not catch violations in compile-time inlined expansions.

Neither LD_PRELOAD nor patching glibc is going to catch the compile-time inlined expansions. The compiler is going to need to add some check code to catch the problems with the inlined expansions or people are going to need to compile code with "-fno-builtin".

> 6.  SIGSEGVs for violations from just-in-time compiled code: uninit local
>     variables in backtrace_symbols() not set by calls to dl_iterate_phdr.
> 


-Will