I wanted to write tool that mimic dlopen functionality by allocating executable area using mmap to store my dynamic library executable code.
Then, it has to locate symbols addresses by looking up at the symbols table. It seems to be working just fine, as I only have to find the API symbols addresses (offset for start address of allocated library + offset of symbols inside that library).. The indirect calls to other function within the library are correct since the opcode call uses relative address.
However, some special symbols are defined under section __la_symbol_ptr in __DATA segment which has both read and write permissions.
it looks like dlopen should place the implementation upon runtime (see the empty stub below taken from hopper reverser tool).
I'd like to know what is the motivation to load this symbol upon runtime. and from where does the linker take the implementation, and who's in change to place the implementation, dlopen or dyld (code inside my executable) ?
; Section __la_symbol_ptr
; Range: [0x1010; 0x1018[ (8 bytes)
; File offset : [4112; 4120[ (8 bytes)
; Flags: 0x7
; S_LAZY_SYMBOL_POINTERS
_printf_ptr:
0000000000001010 dq _printf ; DATA XREF=imp___stubs__printf
0000000000001018 db 0x00 ; '.'
0000000000001019 db 0x00 ; '.'
000000000000101a db 0x00 ; '.'
000000000000101b db 0x00 ; '.'
000000000000101c db 0x00 ; '.'
000000000000101d db 0x00 ; '.'
000000000000101e db 0x00 ; '.'
000000000000101f db 0x00 ; '.'
0000000000001020 db 0x00 ; '.'
...
..
.
