I'm trying to find the address range that my native Android library's code occupies in the process' address space. I'm reading and parsing /proc/self/maps. There are two sections for the library. One is code, the other one is data, I presume. I need to tell them apart. However, the difference between them is, well, kinda circumstantial. Testing on Android 2.3.3.
The code section's permissions are r-xp, the data's are rwxp - both are executable. I feel uneasy basing the decision upon writeability - what if on same flavors of Android, there's a read-only data section?
The other difference is offset of the mapped section relative to the file - the code section has offset 0. Again, what if some iteration of the linker places data before code?
The tools, like GDB and Android's stack walker, have no problem telling me what module does a code address belong to, and what's its offset in the library. Just sayin'.
EDIT: on Android 4.0, the sections are different: there's r-xp, r--p, rw-p. So that lets me identify the executable section failry easily - but what about earlier Androids?
Found a workaround. Fortunately, those are my libraries, so I can get a address that's for sure within the code block by having a function that returns its own address. Then I match it against section boundaries.
void *TestAddress()
{
return TestAddress; //That's within the code block, that's for sure.
}
This won't work for third party libraries, because a function address of an imported function would correspond to the import thunk, not to the real function's body.
Related
I am trying out mXparser in an android app and I almost have it working. But, if I parse the following expression "10/3" then it returns: 3.33333333335. Why this rounding in the end? and how do I tell mXparser to return 3.33333333333 instead?
I am writing the app using kotlin and has added mXparser through Maven.
Alternatively, do you know of a better/more used/more maintained math parser library for Android?
The reason is that computers calculate in base 2, not base 10. The number 10/3 has an infinite expansion in both base 2 and base 10 meaning it must be truncated. The decimal expansion of 10/3 is 3.333..., which when you cut it off simplifies to a bunch of 3's; while the binary expansion is 11.010101010101... and when you cut it off and convert back to decimal, it's totally believable that you could get the 5 at the end.
I'm not sure you can get around that when using a computer since computers have to use binary and they also have to truncate the binary expansion.
Any system based around IEEE 754 double precision will give the same answer. That includes all major programming languages. This is a very frequent SO question. See for example Is floating point math broken?
The solution is to never use the default Double.toString() method for your output. Use and output with specific number of decimal places and the problem goes away.
A more complex solution is to use a ration representation of your numbers, so the result of 10/3 is stored internally as a rational number {numerator:10,denominator:3}. This works for basic arithmetic but can't work with function like cos(x) or sqrt(x). The Jep parsing evaluation library does have options to allow ration number. (disclaimer I'm one of the authors of Jep).
I'm a student in computer science. As part of my master's project, I'm trying to intercept calls to functions in native libraries on the Android platform. The goal is to decide whether to allow the call or deny it in order to improve security.
Following the approach of a research paper 1, I want to modify the Procedure Linkage Table (PLT) and the Global Offset Table (GOT) of the ELF file. The idea is that I want to make all the function calls point to my own intercepting function, which decides whether to block the call or pass it through to the original target function.
The ELF specification 2 says (in Book III, Chapter 2 Program Loading and Dynamic Linking, page 2-13, Sections "Global Offset Table" and "Procedure Linkage Table") that the actual contents and form of the PLT and the GOT depend upon the processor. However, in the documentation "ELF for the ARM Architecture" 3, I was unable to see the exact specification of either of those tables. I am concentrating on ARM and not considering other architectures at the moment.
I have 3 questions:
How can I map a symbol to a GOT or PLT entry?
Where do I find the precise specification of the GOT and PLT for ARM processors?
As the PLT contains machine code; will I have to parse that code in order to modify the target address, or do all PLT entries look identical, so that I could just modify the memory at a constant offset for each PLT entry?
Thanks,
Manuel
You need to parse ELF headers and look up the symbol index by the string name in the SHT_DYNSYM. Then iterate over the GOT (which would be called ".rela.plt") and find the entry with the matching index.
I don't know about the formal spec, but you can always study the android linker source and disassemble some binaries to notice the patterns
Usually PLT is just common code and you don't need to modify it. It's actually designed this way because if linker had to modify it, you would end up with RWX memory which is undesirable. So you just need to rewrite the entry in the GOT. By default the GOT entries point to the resolver routine that will find the needed function and write the entry to the GOT. That's on Linux. On Android the address are already resolved.
I did something for the x86_64 Linux
https://github.com/astarasikov/sxge/blob/vaapi_recorder/apps/src/sxge/apps/demo1_cube/hook-elf.c
And also there's a blog about doing what you want on Android
https://www.google.de/amp/shunix.com/android-got-hook/amp/
I have an XML file that I want to extract data from using XQuery.
So far, the only library I found that allows such thing is MXQuery but the project seems to be abandonned.
Is there any other way to make XQuery work on Android ?
I have started building an XQuery app months ago. You would enter a query directly in the app and have it evaluated there. I was thinking it could become almost like an IDE, with one big query text field filling the screen, and then you click run and it shows the XML result.
Unfortunately urgent matters have happened and I have not gotten further than setting up the compiler for an empty project directory :( (huge annoyance, I set it up with ant and Sherlock-activity, and then those became deprecated and I had to start over with gradle and ActionbarActivity)
Earlier I made a command line tool that seems to run on Android, but you need a terminal emulator app. (afair I have fixed the memory issue mentioned in the later comments)
I also made an app for public libraries to automatically renew all books that you have lend from the library. It keeps a history of lend books and you can search that history, e.g. to get a list of all books that you have lend about a certain topic. Or find the book that you have lend the most often. The twist is you search with XQuery. Normal people enter $books[title = "foo"], but you can write serialize(<foo>bar</foo>) or doc("file:///whatever")/foo to run any XQuery on any local file inside the app. However, the entire query has to fit in one line, is not saved and the app is in German. (it will ask for the username/password of your public library account, but accepts an empty username, too).
I have queried the call log on Android. Some calls have 0 and other have 1 for the CallLog.Calls.CACHED_NUMBER_TYPE field. What do these numbers mean? Does 1 mean "Home"? Where is this documented?
AFAIK, it is not explicitely documented. But if you read the source code of android you'll see that what is used are integers defined in
http://developer.android.com/reference/android/provider/ContactsContract.CommonDataKinds.Phone.html
(See allowed DATA2).
About how to retreive that in the relevant android source : for example in the tests =>
https://github.com/android/platform_packages_providers_contactsprovider/blob/c085b3eeebf13ebdfb197444747354a1d6eced2b/tests/src/com/android/providers/contacts/CallLogProviderTest.java#L81
If you want to do more things with call logs and callers infos that I've extracted a standalone version of Android's CallerInfo class :
http://code.google.com/p/csipsimple/source/browse/trunk/CSipSimple/src/com/csipsimple/models/CallerInfo.java
It allows me to cache by my own display name (which is not necessarily done by all android contact apps of all manufacturers -- HTC sense).
Also, keep in mind that all these Cached values may be erased by the contact app when it will refresh the screen. If you want to make sure your value remain the only way I found for now is to create an associated contact.
See https://github.com/Wysie/android_packages_apps_Contacts/blob/c3772f17c37817ebb4eb925146c3a633aa258aa2/src/com/android/contacts/RecentCallsListActivity.java#L364
(The source code of the call log app, that automatically refresh cached values).
Warning this code may differ on custom distrib from manufacturers. From example, as I said, HTC do that differently in their HTC Sense. And even inside android AOSP versions it changes. And no doubt samsung do things their own way in their UI for example.
It's good to have consistency in file names.
MyActivity.java contains the public class MyActivity
I would like the xml file with its layout to be called res/layout/MyActivity.xml
But I get an error message saying "Invalid file name: must contain only [a-z0-9_.]"
So two questions:
Why is the character set so limited (not even upper case? Come on!) - Ah - this restriction is probably in place so you will never be screwed by filesystems that don't make a distinction between upper and lower case, like Apple's HFS+ (although see Wikipedia for the gory story http://en.wikipedia.org/wiki/Comparison_of_file_systems#cite_note-note-35-77 )
Which filenames are restricted - all of res? just res/layout? res/layout plus some other folders?
Can anyone confirm 1, and give details on 2?
Thanks,
Peter
Why is the character set so limited
Because the name has to be a valid Java identifier, so you can use constants like R.layout.foo to identify the layout at runtime.
Which filenames are restricted - all
of res? just res/layout? res/layout
plus some other folders?
Anything in res/
Not sure of the reason for #1. Never seen an explanation in any readings about Resources. For #2 from my experience anything that will be used as a id in java e.g., R.drawable.marker, R.string.default_message has to follow those rules of [a-z0-9_].
When using MacOS X as a development platform, almost any developer dealing with cross platform code will sooner or later run into the issue that source code from a Linux/UNIX project cannot be built after download/checkout/clone because the project has two identically named files in a single directory that only vary in case; and on OS X that means you end up with just one file as the second one will overwrite the first one.
Of course HFS+ can be case-sensitive, but this can only be configured when you format a partition and by default all Macs come with preinstalled OS X on a preformatted partition with a case-insensitive HFS+ (as that is the default mode for HFS+). So you would first have to reformat your newly bought Mac and reinstall OS X to achieve that goal. And then be prepared for trouble as many apps rely on case-insensitivity on the Mac; a very famous example is Steam (you cannot run Steam from a case-sensitive HFS+).
And it's not just MacOS. FAT is case-insensitive and while NTFS can be case-sensitive (just like HFS+), it isn't by default. Also I think SMB isn't as per protocol spec (at least older versions). The filesystem used on CDs isn't, and so on.
So I guess to avoid any troubles straight from the beginning, Google thought it's a good idea to force files to be all lower case, in which case it doesn't matter what filesystem you are using or how it is configured. Of course, that's a bit stupid if you can still run into that issue with your source code files, however that these may be mixed case is a decision that predates Android and that has been made by Sun many years before Google even dreamed of that system.