Skip to content

dispatch ¤

Classes:

LibcType ¤

Bases: Enum

Attributes:

GLIBC class-attribute instance-attribute ¤

GLIBC = 'glibc'

MUSL class-attribute instance-attribute ¤

MUSL = 'musl'

UNKNOWN class-attribute instance-attribute ¤

UNKNOWN = 'unknown'

LibcURLs dataclass ¤

LibcURLs(
    versioned_readable_source: str,
    versioned_compressed_source: str,
    homepage: str,
    git: str,
)

Attributes:

versioned_readable_source instance-attribute ¤

versioned_readable_source: str

versioned_compressed_source instance-attribute ¤

versioned_compressed_source: str

homepage instance-attribute ¤

homepage: str

git instance-attribute ¤

git: str

LibcProvider ¤

Bases: Protocol

Libc implementations must conform to this protocol in order to be properly used by the facade.

Methods:

  • type

    Which libc implementation is currently active?

  • version

    Get the version of the libc implementation as a tuple.

  • has_internal_symbols

    Do we have internal library symbols?

  • has_debug_info

    Do we have debugging information like structure types?

  • urls

    Get useful URLs regarding this libc implementation.

  • verify_libc_candidate

    Verify whether the mapping with the provided name is implementing

  • verify_ld_candidate

    Verify whether the mapping with the provided name is implementing

  • libc_same_as_ld

    Returns whether the libc and the ld are loaded as one object file for this libc

type ¤

type() -> LibcType

Which libc implementation is currently active?

version ¤

version(libc_filepath: str) -> tuple[int, ...]

Get the version of the libc implementation as a tuple.

If the implementation cannot recover the version, it returns (-1, -1).

has_internal_symbols ¤

has_internal_symbols(libc_filepath: str) -> bool

Do we have internal library symbols?

Symbols are global variables and functions.

If the library is dynamically linked, even if it is stripped it will retain its exported symbols (e.g. fscanf) because they are required for dynamic linking.

This funcions checks if the non-exported symbols (like __GI_exit, __run_exit_handlers, intitial) are also available. The check must not be based on a function, and must be based on a variable so as not to trip ourselves over MiniDebugInfo. (read: https://pwndbg.re/dev/contributing/libc-provider/#has_internal_symbols)

If we have debug info we should also have debug symbols.

has_debug_info ¤

has_debug_info() -> bool

Do we have debugging information like structure types?

urls ¤

urls(ver: tuple[int, ...] | None) -> LibcURLs

Get useful URLs regarding this libc implementation.

ver is the version tuple. If a libc implements the version() function it must assert ver is not None, otherwise it must assert ver is None.

verify_libc_candidate ¤

verify_libc_candidate(mapping_name: str) -> bool

Verify whether the mapping with the provided name is implementing this specific libc.

This must be accurate enough that no other libc implementation will provide a conflicting answer. Returning False means both "reject" and "i don't know".

A libc implementation must implement at least one of verify_libc_candidate and verify_ld_candidate. The other may simply return False.

verify_ld_candidate ¤

verify_ld_candidate(mapping_name: str) -> bool

Verify whether the mapping with the provided name is implementing this specific libc's loader.

This must be accurate enough that no other libc implementation will provide a conflicting answer. Returning False means both "reject" and "i don't know".

A libc implementation must implement at least one of verify_libc_candidate and verify_ld_candidate. The other may simply return False.

libc_same_as_ld ¤

libc_same_as_ld() -> bool

Returns whether the libc and the ld are loaded as one object file for this libc implementation.

If this returns True, verify_ld_candidate must directly call verify_libc_candidate.