hook基础库函数可以实现多种功能,比如:
1.malloc/free,内存监控;
2.pthread_create,线程泄漏;
3.open/close,fd泄漏;
有助于程序的稳定性检测。
本文记录hook方法和原理,持续补充
glic malloc hook,plt hook(xhook)
文章目录
1 glic malloc hook
原理:glic提供__malloc_hook
, __realloc_hook
, __free_hook
可以实现hook自定义mallco/free函数
__malloc_initialize_hook
是弱变量malloc初始化的时候会调用1次,赋值指向hook指针初始化函数my_init_hook
,__malloc_hook
指向自定义的malloc函数my_malloc_hook
,在调用malloc
的时候,实际会调用到my_malloc_hook
my_malloc_hook
中,还原__malloc_hook
,再调用mallco
,真正分配内存,最后__malloc_hook
指向my_malloc_hook
,下次调用malloc
时,再次进入my_malloc_hook
。
__malloc_hook = old_malloc_hook;
result = malloc(size);
old_malloc_hook = __malloc_hook;
__malloc_hook = my_malloc_hook;
free和realloc同理。
man __malloc_initialize_hook,直接查看源码和例子
定义:
#include <malloc.h>
void *(*__malloc_hook)(size_t size, const void *caller);
void *(*__realloc_hook)(void *ptr, size_t size, const void *caller);
void *(*__memalign_hook)(size_t alignment, size_t size,
const void *caller);
void (*__free_hook)(void *ptr, const void *caller);
void (*__malloc_initialize_hook)(void);
void (*__after_morecore_hook)(void);
例子:
#include <stdio.h>
#include <malloc.h>
/* Prototypes for our hooks. */
static void my_init_hook(void);
static void *my_malloc_hook(size_t, const void *);
/* Variables to save original hooks. */
static void *(*old_malloc_hook)(size_t, const void *);
/* Override initializing hook from the C library. */
void (*__malloc_initialize_hook) (void) = my_init_hook;
static void
my_init_hook(void)
{
printf("in my_init_hook __malloc_hook:%p \n", __malloc_hook);
old_malloc_hook = __malloc_hook;
__malloc_hook = my_malloc_hook;
}
static void *
my_malloc_hook(size_t size, const void *caller)
{
void *result;
/* Restore all old hooks */
__malloc_hook = old_malloc_hook;
/* Call recursively */
result = malloc(size);
/* Save underlying hooks */
old_malloc_hook = __malloc_hook;
/* printf() might call malloc(), so protect it too. */
printf("malloc(%u) called from %p returns %p\n",
(unsigned int) size, caller, result);
/* Restore our own hooks */
__malloc_hook = my_malloc_hook;
return result;
}
int main(){
int *a = (int *)malloc(10);
int *c = (int *)malloc(20);
int *b = new int;
return 0;
}
结果:
malloc(10) called from 0x5647f6d77b07 returns 0x5647f7e07280
malloc(20