mirekfranc/disassembly.txt

## disassembly.txt
# protected -O3
0000000000000710 <bar>:
 710:   48 8d 3d 0e 00 00 00    lea    0xe(%rip),%rdi        # 725 <_fini+0x9>
 717:   e9 b4 fe ff ff          jmpq   5d0 <puts@plt>

# default -O3
0000000000000730 <bar>:
 730:   e9 cb fe ff ff          jmpq   600 <foo@plt>
 735:   0f 1f 00                nopl   (%rax)

## output.txt
# Let's say I comment the last line a we keep liba.so around...

$ bash protected.sh
original
overriden
$ objdump -R liba.so | grep JUMP_SLOT
00000000002009c8 R_X86_64_JUMP_SLOT  puts
00000000002009d0 R_X86_64_JUMP_SLOT  __gmon_start__
00000000002009d8 R_X86_64_JUMP_SLOT  __cxa_finalize
$ bash protected.sh GOPLT
overriden
overriden
$ objdump -R liba.so | grep JUMP_SLOT
00000000002009f8 R_X86_64_JUMP_SLOT  puts
0000000000200a00 R_X86_64_JUMP_SLOT  __gmon_start__
0000000000200a08 R_X86_64_JUMP_SLOT  foo
0000000000200a10 R_X86_64_JUMP_SLOT  __cxa_finalize

## protected.sh
#/bin/bash

# with GOPLT argument one can override calls to a function from within the same library

cat > a.h <<EOF
#ifndef A_H__
#define A_H__

extern void foo (void);
extern void bar (void);

#endif
EOF

cat > a.c <<EOF
#include <stdio.h>
#include "a.h"

#ifdef GOPLT
#define VISIBLE
#else
#define VISIBLE __attribute__ ((visibility ("protected")))
#endif

void VISIBLE foo (void)
{
        puts ("original");
}

void bar (void)
{
        foo ();
}
EOF

cat > b.c <<EOF
#include <stdio.h>

void foo (void)
{
        puts ("overriden");
}
EOF

cat > main.c <<EOF
#include "a.h"

int main (void)
{
        bar ();
        foo ();

        return 0;
}
EOF

gcc -D${1:-NOTHING} -O0 -shared -fPIC -Wl,-soname,liba.so a.c -o liba.so
gcc -O0 -shared -fPIC -Wl,-soname,libb.so b.c -o libb.so
gcc -O0 main.c -o main -I. -L. -la
LD_PRELOAD=libb.so LD_LIBRARY_PATH=. ./main

rm -rf liba.so libb.so main a.c b.c main.c a.h
	# protected -O3
	0000000000000710 <bar>:
	710: 48 8d 3d 0e 00 00 00 lea 0xe(%rip),%rdi # 725 <_fini+0x9>
	717: e9 b4 fe ff ff jmpq 5d0 <puts@plt>

	# default -O3
	0000000000000730 <bar>:
	730: e9 cb fe ff ff jmpq 600 <foo@plt>
	735: 0f 1f 00 nopl (%rax)
	# Let's say I comment the last line a we keep liba.so around...

	$ bash protected.sh
	original
	overriden
	$ objdump -R liba.so \| grep JUMP_SLOT
	00000000002009c8 R_X86_64_JUMP_SLOT puts
	00000000002009d0 R_X86_64_JUMP_SLOT __gmon_start__
	00000000002009d8 R_X86_64_JUMP_SLOT __cxa_finalize
	$ bash protected.sh GOPLT
	overriden
	overriden
	$ objdump -R liba.so \| grep JUMP_SLOT
	00000000002009f8 R_X86_64_JUMP_SLOT puts
	0000000000200a00 R_X86_64_JUMP_SLOT __gmon_start__
	0000000000200a08 R_X86_64_JUMP_SLOT foo
	0000000000200a10 R_X86_64_JUMP_SLOT __cxa_finalize
	#/bin/bash

	# with GOPLT argument one can override calls to a function from within the same library

	cat > a.h <<EOF
	#ifndef A_H__
	#define A_H__

	extern void foo (void);
	extern void bar (void);

	#endif
	EOF

	cat > a.c <<EOF
	#include <stdio.h>
	#include "a.h"

	#ifdef GOPLT
	#define VISIBLE
	#else
	#define VISIBLE __attribute__ ((visibility ("protected")))
	#endif

	void VISIBLE foo (void)
	{
	puts ("original");
	}

	void bar (void)
	{
	foo ();
	}
	EOF

	cat > b.c <<EOF
	#include <stdio.h>

	void foo (void)
	{
	puts ("overriden");
	}
	EOF

	cat > main.c <<EOF
	#include "a.h"

	int main (void)
	{
	bar ();
	foo ();

	return 0;
	}
	EOF

	gcc -D${1:-NOTHING} -O0 -shared -fPIC -Wl,-soname,liba.so a.c -o liba.so
	gcc -O0 -shared -fPIC -Wl,-soname,libb.so b.c -o libb.so
	gcc -O0 main.c -o main -I. -L. -la
	LD_PRELOAD=libb.so LD_LIBRARY_PATH=. ./main

	rm -rf liba.so libb.so main a.c b.c main.c a.h