>From mmap(2):
MAP_PRIVATE
Create a private copy-on-write mapping. Stores
to the region do not
affect the original file. It is unspecified whether
changes made to the file
after the mmap() call are visible in the mapped region.
So the explanation is simple: if somebody changes the file in disk you
will see the changes, but if you modify it in memory it will don't be
changed... it is done in this way to allow auto-modifiable code
Greetings,
ge
sKUrZ0 escribió:
> It seems that the libs are automatically mapped as private, so now I
> don't know the reason of this alteration :/
>
> open("/usr/lib/libm.so", O_RDONLY) = 3
> read(3, "[EMAIL PROTECTED]"..., 512) = 512
> brk(0) = 0x804a000
> brk(0x806b000) = 0x806b000
> fstat64(3, {st_mode=S_IFREG|0644, st_size=145232, ...}) = 0
> mmap2(NULL, 147584, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3,
> 0) = 0xb7df3000
> mmap2(0xb7e16000, 8192, PROT_READ|PROT_WRITE,
> MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x22) = 0xb7e16000
>
>
> 2008/5/21 pancake <[EMAIL PROTECTED]>:
>
>> Do you know how to private map libs with dlopen?
>>
>> On Wed, 2008-05-21 at 15:17 +0000, sKUrZ0 wrote:
>>
>>> you can avoid this problem it by creating new files instead of
>>> rewriting the same file (so new dlopen calls will open the correct
>>> library).
>>> BTW I think that libraries could also be mapped as private instead of
>>> shared, so changes on the .so will not affect the running program with
>>> the loaded library.
>>>
>>> 2008/5/21 pancake <[EMAIL PROTECTED]>:
>>>
>>>> On Wed, 2008-05-21 at 12:38 +0200, sha0 sha0 wrote:
>>>>
>>>>> Hi,
>>>>>
>>>>> If radare is being used, and then apply changes with "make install",
>>>>> when radare tryes to do a debug_close() a segfault will appear.
>>>>>
>>>>>
>>>> Thats not a bug, thats normal. this happens with all dynamic libraries,
>>>> they are mapped in memory, so any disk change will alter all the running
>>>> process with dlopened files.
>>>>
>>>> I dont know if it's exploitable, but is cool :)
>>>>
>>>> I found this 'feature' few days while working with gstreamer pipelines
>>>> and reinstalling plugins on top of one of the running ones. Producing
>>>> random segmentation faults and exceptions. (maybe putting a
>>>> fullbreakpointed library will make the process trap) :)
>>>>
>>>> Did you ever played with this? Looks interesting .. dynamic library code
>>>> injection in runtime. ;)
>>>>
>>>>
>>>>> The cause is this Makefile's line:
>>>>>
>>>>> -cp -rf src/plug/hack/*.${SHARED_EXT} ${LIBDIR}/radare
>>>>>
>>>> I have changed the ABI, so you need to make clean before.
>>>>
>>>> --pancake
>>>> _______________________________________________
>>>> radare mailing list
>>>> [email protected]
>>>> http://lists.nopcode.org/listinfo.cgi/radare-nopcode.org
>>>>
>>>>
>>>
>>>
>> _______________________________________________
>> radare mailing list
>> [email protected]
>> http://lists.nopcode.org/listinfo.cgi/radare-nopcode.org
>>
>>
>
>
>
>
_______________________________________________
radare mailing list
[email protected]
http://lists.nopcode.org/listinfo.cgi/radare-nopcode.org
