I need to allocate an exact set of shared library dependencies of a binary program. I'm working on linux and the project is written in my C++. Thus, I need a recursive ldd-like functionality in C++. How can I do it?
Asked
Active
Viewed 660 times
0
-
Erm... if you have to be specific about the libraries, why not use a static build? Hard-coding dynamic dependencies is bound to become a royal pain when (not if) the day comes where you fail to keep up with the changes in third-party libraries... – DevSolar Jun 22 '12 at 09:13
-
[Recursive-ldd](http://sourceforge.net/projects/recursive-ldd/) does it in Perl... – DevSolar Jun 22 '12 at 09:15
-
Well... I'm not too sure what to do, so I'll be more specific: I have a program with two processes. A main process and a child process what is called by the main and runned in a chroot. To be able to run this child process in the chroot its dependencies should be placed in the chroot environment. But recursively binding /lib, /lib64, /usr/lib, etc is an undesired solution. This is why I would like to determine the a libraries in the main process and copy them to the appropriate place before the chrooted child process is called. – mirage Jun 22 '12 at 09:23
-
yeah, I've already found this perl script. I need a similar solution in c++. – mirage Jun 22 '12 at 09:24
-
I vaguely recall that `ltrace` might be a suitable tool here, but I don't currently have access to a machine with it installed to check. There are various commercial tools that will help, but they're a bit expensive. You could consider using LD_PRELOAD and writing your own minimal system call tracing tool if you felt especially keen. – Rook Jun 22 '12 at 09:36
-
I've found that this command print the same output like `ldd`: `LD_TRACE_LOADED_OBJECTS=1 name_of_executable` But I'm not sure whether I can use it from C++. – mirage Jun 22 '12 at 09:40
-
You can write a .SO file which you pass to the LD_PRELOAD system. I know you can write that in C++, because I've worked on some software that does exactly that. – Rook Jun 22 '12 at 09:53
2 Answers
4
To quote Han Solo, "I got a bad feeling about this". Setting up a chroot for a child process from within a C++ program sounds like some architectural misconception / screwup further up the line. Sorry, no ready-made C++ solution that springs to mind. You could, of course, run ltrace / strace / recursive-ldd and parse their output...
...but generally speaking, the idea is to set up the chroot environment statically (i.e. before any processes are started), not dynamically. With a dynamic approach, an attacker could fool the main process into believing it should give the child process things it shouldn't have in the chroot. That defeats the whole purpose.
Tools for statically setting up chroot environments for a given executable are plenty, tools for doing so dynamically I couldn't find any. This is a hint in itself.
DevSolar
- 67,862
- 21
- 134
- 209
1
In the meantime I've found the following:
linux/gcc: ldd functionality from inside a C/C++ program
where the accepted answer suggests to use:
setenv("LD_TRACE_LOADED_OBJECTS", "1", 1);
FILE *ldd = popen("/lib/libz.so");
I tried it out and worked both from bash and from C++ (ofc in this case I think of an equivalent version). However if I ran either versions for a SUID binary (what I actually have) then I got exit code 5 (i guess permission problems).
Then I traced what ldd exactly does and the following seems fine (at least in command line):
LD_TRACE_LOADED_OBJECTS=1 /lib64/ld-linux-x86-64.so.2 binary_name
The (dummy) question is: what is the equivalent implementation of this in C++?
