Shared library wrapper

Replace function calls in binaries with external scripts for debugging or closed-source patching purposes using an LD_PRELOAD shared library.

sowrapper allows to create shared object files that can be used to override function calls in binaries with external tools (or even scripts). In order to accomplish this, it relies on the LD_PRELOAD functionality: From a simple interface description, a wrapper function is generated that calls the actual handler. Non-complex arguments and return values are passed along.

Its main purpose is for debugging or experimentally closed-source patching. However, for real-word mission-critical scenarios, a properly patched library replacement or wrapper implementation should be considered.

Creating wrapper libraries

Assume you have a binary in which you want to replace atoi() calls with a version that returns negated values instead. First, we create a replacement, e.g. the following atoi.sh:

#!/bin/bash
echo "$(( -1 * ${1} ))"

Next, we create the config.h header with the following contents:

#define NAME atoi // function name to replace
#define BINARY ./atoi.sh // binary or script to call instead - preferably an absolute path
#define RV TYPE_INT // return type, available types: TYPE_INT, TYPE_STR (char*), TYPE_CSTR
#define ERROR_RV 0 // return value in case of errors
#define ARG1 TYPE_CSTR // type of first argument (currently up to 3 supported)

That’s all – everything left to do is make and calling LD_PRELOAD=./sowrapper.so ./bin instead of ./bin. The script’s output will be parsed according to the return type and gets thus provided as integer.

Code & Download