I am disassembling libc-2.23.so, there exists a thunk method called j_free which jumps at the location pointed to by free_ptr pointer in glibc. Why do those even exist while free() itself is exported?
1 Answer
In ELF, all symbols are global. it means that a symbol in another module (e.g. main executable) can override the glibc's free. that's why all calls to it go through a GOT pointer. On the first call, the dynamic linker will go through all symbols in all modules and pick up the first one offering free. If no other modules export it, the libc one will be used.
-
Does it make sense to have calls internal to
libcto be routed throughpltinstead of a relative call?sherlock– sherlock2017-05-04 09:06:38 +00:00Commented May 4, 2017 at 9:06 -
yes, because it needs to be prepared for possibility that they're overridden by an external module.2017-05-04 09:21:39 +00:00Commented May 4, 2017 at 9:21
libc-2.23.so, seems thatj_freeis a thunk method