inject-hook-cflumen icon indicating copy to clipboard operation
inject-hook-cflumen copied to clipboard
verified publisher icon Chainfire

Hooks injected into ODEX-ed processes are never called on 9.0/Pie

Open Chainfire opened this issue 7 years ago • 5 comments

As the title states, when injected into an ODEX-ed process on Android 9.0/Pie, the hooks are sometimes installed but never called.

Sometimes works on release APK's, but doesn't work on for example system_server.

Chainfire avatar Dec 14 '18 08:12 Chainfire

Partially resolved by 377b0ee6aaa37b653b4d6449f26f25fbe552ad5e , by finding and replacing the function pointers in library's r/o and r/w sections as well.

There are still some test cases (not in code in this repo) where it doesn't work but should, possibly due to the ART framework copying the function pointers somewhere for calls made from (AOT-compiled) Java code. Not sure.

Chainfire avatar Dec 19 '18 23:12 Chainfire

To add, this could be due to linker namespaces as well, the linker separating the symbol tables (or something along those lines) so resolving is off.

Chainfire avatar May 12 '19 00:05 Chainfire

Like

thuykieu99 avatar Jan 17 '20 04:01 thuykieu99

#1

thuykieu99 avatar Jan 17 '20 05:01 thuykieu99