I am trying to write a program that allows a binary to be run, substituting a certain file when requested with another. It is a library with simple replacements for the system call functions, that is used with LD_PRELOAD. The problem is that it catches opens for reading (the substitute file is read instead), but writes always go back to the actual, specified file. Are there any other "open" system calls I should know about?
我正在尝试编写一个允许二进制文件运行的程序,当用另一个文件请求时替换某个文件。它是一个简单替换系统调用函数的库,与LD_PRELOAD一起使用。问题是它捕获打开(替换文件被读取),但写入总是返回到实际的指定文件。我应该知道还有其他“开放式”系统调用吗?
4 个解决方案
#1
Nevermind -- stupid mistake.
没关系 - 愚蠢的错误。
Wasn't checking both absolute and relative paths...
没有检查绝对路径和相对路径......
#2
I am not sure what the cause of your problem is, but using strace on your program might give some insight. It should be part of any sane Linux distribution.
我不确定你问题的原因是什么,但在你的程序中使用strace可能会给你一些见解。它应该是任何理智的Linux发行版的一部分。
#3
If it's open for writing, it's most likely going through the creat function (I'm guessing fopen would be redirecting you there). Check your fcntl.h for a complete list.
如果它是开放的写作,它很可能通过creat函数(我猜fopen将重定向你)。检查fcntl.h以获取完整列表。
#4
substituting a certain file when requested with another
在请求时用另一个文件替换某个文件
Sounds like you check only for the input file (do you check by filename?). You need to check and substitute the output file, too.
听起来你只检查输入文件(你用文件名检查?)。您还需要检查并替换输出文件。
If you output goes to one of the standard outputs, then you need to close and reopen them with your output substitute) before you fork into the executable.
如果输出转到其中一个标准输出,那么在分叉到可执行文件之前,需要关闭并用输出替换它们重新打开它们。
To find all system calls that your executable makes you can use strace.
To find all library calls that your executable makes you can use ltrace.
要查找可执行文件所做的所有系统调用,可以使用strace。要查找可执行文件生成的所有库调用,可以使用ltrace。
#1
Nevermind -- stupid mistake.
没关系 - 愚蠢的错误。
Wasn't checking both absolute and relative paths...
没有检查绝对路径和相对路径......
#2
I am not sure what the cause of your problem is, but using strace on your program might give some insight. It should be part of any sane Linux distribution.
我不确定你问题的原因是什么,但在你的程序中使用strace可能会给你一些见解。它应该是任何理智的Linux发行版的一部分。
#3
If it's open for writing, it's most likely going through the creat function (I'm guessing fopen would be redirecting you there). Check your fcntl.h for a complete list.
如果它是开放的写作,它很可能通过creat函数(我猜fopen将重定向你)。检查fcntl.h以获取完整列表。
#4
substituting a certain file when requested with another
在请求时用另一个文件替换某个文件
Sounds like you check only for the input file (do you check by filename?). You need to check and substitute the output file, too.
听起来你只检查输入文件(你用文件名检查?)。您还需要检查并替换输出文件。
If you output goes to one of the standard outputs, then you need to close and reopen them with your output substitute) before you fork into the executable.
如果输出转到其中一个标准输出,那么在分叉到可执行文件之前,需要关闭并用输出替换它们重新打开它们。
To find all system calls that your executable makes you can use strace.
To find all library calls that your executable makes you can use ltrace.
要查找可执行文件所做的所有系统调用,可以使用strace。要查找可执行文件生成的所有库调用,可以使用ltrace。