How to override a function in binary from outside?
Hi all,
I am working on a problem that goes as follows:
GIVEN:
I have the executable file ready with me. I have the source code has a function named f(). I know the entire signature of the function. However, I do not have the source code available with me. I donot have any other header file etc with me either.
PROBLEM:
Now, I need to override this function f() with my own function f(). How can I achieve that?
Any pointers on this would be welcome.
Have or do not have a source code?I have the source code has a function named f(). I know the entire signature of the function. However, I do not have the source code available with me.
All problems in computer science can be solved by another level of indirection,
except for the problem of too many layers of indirection.
– David J. Wheeler
I am sorry, I meant the following:
I know the source code has a function named f(). I know the entire signature of the function. However, I do not have the source code available with me.
Also, main function exists in the existing executable. So, I do not intend to use this executable as a library and then call all the functions in the new code.
It's basically the same mechanism which a virus uses to infect an executable.
So a good question is why you feel the need to be able to do this?
If you dance barefoot on the broken glass of undefined behaviour, you've got to expect the occasional cut.
If at first you don't succeed, try writing your phone number on the exam paper.
@Salem
I wasn't aware I need to prove my intentions before asking a technical question.
However, if this is really important for you to understand the reason behind this, I am trying to overcome a problem with the OCI library functions OCILobWrite and OCILobWriteAppend. These functions are used to update values into Large Object data types in Oracle Database. However, when these functions are called, triggers are not fired even if they are defined for each row of the table on which update is done(after event).
I plan to override these functions with my own functions in given binary so that the triggers will be fired in event of update done on a table using these functions.
These triggers will then be used to log all DML occuring on ORACLE DB.
Now, Can we please concentrate on the problem on hand and stop worrying if this is going to be used for wrong purposes.
______________________
You can bring the worst or best out of anything, it's just a matter of application!
You'd be surprised how many requests we get here about things that SHOULD NOT BE DONE.
And whilst you look like you have a valid case, I'm not entirely sure that it is a safe thing to do - databases are quite sensitive, and you could probably break a lot of things if you get it wrong.
The gneral principle for patching software is to modify the code in the existing function to jump elsewhere, and in this "elsewhere" location put the new code. If necessary, jump back to where you came from. The simples way to do this is by modifying the original executable file (so you need to shut down the executable).
--
Mats
Compilers can produce warnings - make the compiler programmers happy: Use them!
Please don't PM me for help - and no, I don't do help over instant messengers.
> However, when these functions are called, triggers are not fired
So is that a bug, a feature, or by design?
Interesting...
http://www.stanford.edu/dept/itss/do...s.htm#i1005107
http://www.cs.bris.ac.uk/maintain/or...faq.htm#127706
I suppose the next question would be which OS/Compiler you're using, and which version of OCI.
If you dance barefoot on the broken glass of undefined behaviour, you've got to expect the occasional cut.
If at first you don't succeed, try writing your phone number on the exam paper.
Mats,
Thanks for the update. I am new to this forum and am still getting acccustomed to the ways.
I am aware of the general way in which patch is implemented, however, I have a unique situation here. I do not have the source code for some applications that are updating the database here. I just have the binaries and I need to log the DMLs fired from them too.
Other applications that I do have access to have already been modified, compiled and linked to prepare binaries and are working fine.
But the binaries without code are the ones that are an issue.
The art of understanding binary files is part of "reverse enginering". For a large database executable, like Oracle, it is far from trivial to understand what goes on and how to then apply a patch.
Not sure how you'd find the function you want. A sampling profiler and LOTS of storing of LOB's might give you some sort of starting points.
--
Mats
Compilers can produce warnings - make the compiler programmers happy: Use them!
Please don't PM me for help - and no, I don't do help over instant messengers.
Why not report the problem to Oracle and let them fix it properly?
"I am probably the laziest programmer on the planet, a fact with which anyone who has ever seen my code will agree." - esbo, 11/15/2008
"the internet is a scary place to be thats why i dont use it much." - billet, 03/17/2010
@Salem
Unfortunately, this is by design in OCI.
OS: HPUX
COMPILER: GCC
OCI version: 10g
@cpjust
Please go thru the 1st link provided by Salem, This is not really a problem if coding is done properly.
Ideally, any call to a OCI function(other than open/close) should be done inside open/close operations. If that is done, triggers will be fired.
However, as it turns out, that is not the case always.
People perform open, then multiple operations and finally, close.
This leads to trigger being fired only once.
What are LOBs large binary objects?
I mean what are they when you strip away the gobbledegook language?
Just data in a database?
Oh and what are triggers? part of a gun I presume?
Last edited by esbo; 01-29-2009 at 05:18 PM.
You may want to take a look at Microsoft Detours. It basically intercepts the call to your original Oracle function and redirects processing to your customized function.
EDIT: Please disregard this post. I just realized it's not relevent to the OP's OS.
Last edited by BobS0327; 01-29-2009 at 07:49 PM. Reason: Wrong OS
