fishhook icon indicating copy to clipboard operation
fishhook copied to clipboard
verified publisher icon facebook

fishhook with dyld 3.0

Open LeoNatan opened this issue 8 years ago • 9 comments

https://developer.apple.com/videos/play/wwdc2017/413/

Apple is revamping its dynamic linker. One of the major changes is that they will be doing full symbol resolution at launch time, rather than using the on demand resolution using trampolines. Is this a risk for fishhook’s operation?

Right now, they new dynamic linker is not enabled for user applications. This is expected to happen somewhen soon.

LeoNatan avatar Jun 25 '17 17:06 LeoNatan

Is this a risk for fishhook’s operation?

Maybe. I had heard that some APIs, like dlopen, would cause apps to use the old dyld behavior. If that's the case then it will still be possible to use fishhook if needed. If Apple one day forces apps to use dyld 3, then yes fishhook will no longer be applicable.

kastiglione avatar Jun 27 '17 01:06 kastiglione

Dylibs loaded by dlopen are handled the old way, but then rebinding will only work for those dylibs.

I think there is a linker flag to achieve this if an apps functionality is broken. Just wanted to make sure I understood correctly the implications. Let’s keep this issue open for now, as it will be interesting to see how things go. I am familiar with projects that inject code by inserting LC_LOAD_DYLIB commands statically, and then on launch use fishhook to rebind symbols. As I understand it, such a project would fail to rebind, if the binary was not linked with that flag (so they might have to modify more portions of the binary in addition to inserting LC_LOAD_DYLIB commands).

LeoNatan avatar Jun 27 '17 08:06 LeoNatan

https://mobile.twitter.com/lgerbarg/status/882055176298704896

According to this third party apps have another year before being able to use dyld3.

kastiglione avatar Jul 05 '17 15:07 kastiglione

Any news on this now that iOS11 is released? On twitter people reported it was used in e.g. Safari already.

dzan avatar Oct 13 '17 07:10 dzan

I'm having trouble getting fishhook to work on iOS 11.1 on a project where it previously worked, so perhaps they enabled dyld 3.0 in 11.1?

mmmulani avatar Dec 01 '17 21:12 mmmulani

perhaps they enabled dyld 3.0 in 11.1

if you find out anything, please follow up

kastiglione avatar Dec 06 '17 21:12 kastiglione

I don’t believe this to be the case. We’re using fishhook with Xcode 9.2 projects on iOS 11.2 and have observed no issues (other than already-known ones).

LeoNatan avatar Dec 06 '17 22:12 LeoNatan

Dyld3 source is available here; https://opensource.apple.com/tarballs/dyld/dyld-519.2.1.tar.gz

I haven't had the time yet to look into it but maybe someone else has? Please let us know what you find and if the fishhook approach is still valid.

dzan avatar Jan 19 '18 10:01 dzan

As far as I can tell this shouldn't be an issue unless some of the APIs are deprecated.

fishhook still works even if you call it after the symbol you are rebinding has been bound. (e.g. sin(); rebind_symbol({ "sin", my_sin, orig_sin }); sin();) Watching that video seems like the only thing changing is that the loader will be loading a cached version of the image with the symbols already resolved. Am I missing some aspect?

lanza avatar Jan 22 '18 04:01 lanza