Skip to content

libc ¤

Modules:

  • dispatch
  • facade

    Implements the libc API.

  • glibc

    Perform queries specific to the GNU C Library.

  • musl

    Perform queries specific to the musl libc.

  • unknown

    Answers libc-specific questions in a non-commital way when

  • util

Classes:

Functions:

  • addr

    The start load address of the libc shared object file.

  • filepath

    The filepath of the libc shared object.

  • has_debug_info

    Do we have debugging information like structure types?

  • has_exported_symbols

    Do we have exported library symbols (e.g. fscanf, read, write)?

  • has_internal_symbols

    Do we have internal library symbols?

  • loader_addr

    The start load address of the ld shared object file.

  • loader_filepath

    The filepath of the ld shared object.

  • relocations_by_section_name

    Returns pwndbg.aglib.elf.relocations_by_section_name() for the libc shared object file.

  • section_address_by_name

    Get the start load address of the section section_name in the libc shared

  • section_by_name

    Returns pwndbg.aglib.elf.section_by_name() for the libc shared object file.

  • urls

    Get useful URLs regarding this libc implementation.

  • version

    Get the version of the libc implementation as a tuple.

  • which

__all__ module-attribute ¤

__all__ = [
    "LibcProvider",
    "LibcType",
    "LibcURLs",
    "which",
    "addr",
    "filepath",
    "has_debug_info",
    "has_exported_symbols",
    "has_internal_symbols",
    "loader_addr",
    "loader_filepath",
    "relocations_by_section_name",
    "section_address_by_name",
    "section_by_name",
    "urls",
    "version",
]

LibcProvider ¤

Bases: Protocol

Libc implementations must conform to this protocol in order to be properly used by the facade.

Methods:

  • type

    Which libc implementation is currently active?

  • version

    Get the version of the libc implementation as a tuple.

  • has_internal_symbols

    Do we have internal library symbols?

  • has_debug_info

    Do we have debugging information like structure types?

  • urls

    Get useful URLs regarding this libc implementation.

  • verify_libc_candidate

    Verify whether the mapping with the provided name is implementing

  • verify_ld_candidate

    Verify whether the mapping with the provided name is implementing

  • libc_same_as_ld

    Returns whether the libc and the ld are loaded as one object file for this libc

type ¤

type() -> LibcType

Which libc implementation is currently active?

version ¤

version(libc_filepath: str) -> tuple[int, ...]

Get the version of the libc implementation as a tuple.

If the implementation cannot recover the version, it returns (-1, -1).

has_internal_symbols ¤

has_internal_symbols(libc_filepath: str) -> bool

Do we have internal library symbols?

Symbols are global variables and functions.

If the library is dynamically linked, even if it is stripped it will retain its exported symbols (e.g. fscanf) because they are required for dynamic linking.

This funcions checks if the non-exported symbols (like __GI_exit, __run_exit_handlers, intitial) are also available. The check must not be based on a function, and must be based on a variable so as not to trip ourselves over MiniDebugInfo. (read: https://pwndbg.re/dev/contributing/libc-provider/#has_internal_symbols)

If we have debug info we should also have debug symbols.

has_debug_info ¤

has_debug_info() -> bool

Do we have debugging information like structure types?

urls ¤

urls(ver: tuple[int, ...] | None) -> LibcURLs

Get useful URLs regarding this libc implementation.

ver is the version tuple. If a libc implements the version() function it must assert ver is not None, otherwise it must assert ver is None.

verify_libc_candidate ¤

verify_libc_candidate(mapping_name: str) -> bool

Verify whether the mapping with the provided name is implementing this specific libc.

This must be accurate enough that no other libc implementation will provide a conflicting answer. Returning False means both "reject" and "i don't know".

A libc implementation must implement at least one of verify_libc_candidate and verify_ld_candidate. The other may simply return False.

verify_ld_candidate ¤

verify_ld_candidate(mapping_name: str) -> bool

Verify whether the mapping with the provided name is implementing this specific libc's loader.

This must be accurate enough that no other libc implementation will provide a conflicting answer. Returning False means both "reject" and "i don't know".

A libc implementation must implement at least one of verify_libc_candidate and verify_ld_candidate. The other may simply return False.

libc_same_as_ld ¤

libc_same_as_ld() -> bool

Returns whether the libc and the ld are loaded as one object file for this libc implementation.

If this returns True, verify_ld_candidate must directly call verify_libc_candidate.

LibcType ¤

Bases: Enum

Attributes:

GLIBC class-attribute instance-attribute ¤

GLIBC = 'glibc'

MUSL class-attribute instance-attribute ¤

MUSL = 'musl'

UNKNOWN class-attribute instance-attribute ¤

UNKNOWN = 'unknown'

LibcURLs dataclass ¤

LibcURLs(
    versioned_readable_source: str,
    versioned_compressed_source: str,
    homepage: str,
    git: str,
)

Attributes:

versioned_readable_source instance-attribute ¤

versioned_readable_source: str

versioned_compressed_source instance-attribute ¤

versioned_compressed_source: str

homepage instance-attribute ¤

homepage: str

git instance-attribute ¤

git: str

addr ¤

addr() -> int

The start load address of the libc shared object file.

If the program is statically linked this will return the address of the main objfile. May be the same as loader_addr() for some libc's.

filepath ¤

filepath() -> Path

The filepath of the libc shared object.

There may not be a backing file for this Path if we are remote debugging. If the program is statically linked this will return the path of the main objfile. This may have the same value as loader_filepath() for some libc's.

has_debug_info ¤

has_debug_info() -> bool

Do we have debugging information like structure types?

has_exported_symbols ¤

has_exported_symbols() -> bool

Do we have exported library symbols (e.g. fscanf, read, write)?

If the library is dynamically linked, they will always be there. If it is statically linked and stripped, they may be missing.

has_internal_symbols ¤

has_internal_symbols() -> bool

Do we have internal library symbols?

If the library is dynamically linked, even if it is stripped it will retain its exported symbols (e.g. fscanf) because they are required for dynamic linking.

This funcions checks if the non-exported symbols (like __GI_exit, __run_exit_handlers, intitial) are also available.

Symbols are global variables and functions. Internal symbols also come with debug info.

loader_addr ¤

loader_addr() -> int

The start load address of the ld shared object file.

If the program is statically linked this will return the address of the main objfile. May be the same as addr() for some libc's.

loader_filepath ¤

loader_filepath() -> Path

The filepath of the ld shared object.

There may not be a backing file for this Path if we are remote debugging. If the program is statically linked this will return the path of the main objfile. This may have the same value as filepath() for some libc's.

relocations_by_section_name ¤

relocations_by_section_name(section_name: str) -> tuple[Relocation, ...]

Returns pwndbg.aglib.elf.relocations_by_section_name() for the libc shared object file.

section_address_by_name ¤

section_address_by_name(section_name: str) -> int

Get the start load address of the section section_name in the libc shared object file.

section_by_name ¤

section_by_name(section_name: str) -> tuple[int, int, bytes] | None

Returns pwndbg.aglib.elf.section_by_name() for the libc shared object file.

urls ¤

urls() -> LibcURLs

Get useful URLs regarding this libc implementation.

version ¤

version() -> tuple[int, ...]

Get the version of the libc implementation as a tuple.

If you are calling this, you must know exactly which libc is being used.

If the version couldn't be determined, (-1, -1) will be returned.

which ¤

which() -> LibcType