fishhook with dyld 3.0

[LeoNatan]

https://developer.apple.com/videos/play/wwdc2017/413/

Apple is revamping its dynamic linker. One of the major changes is that they will be doing full symbol resolution at launch time, rather than using the on demand resolution using trampolines. Is this a risk for fishhook’s operation?

Right now, they new dynamic linker is not enabled for user applications. This is expected to happen somewhen soon.

[kastiglione]

Is this a risk for fishhook’s operation?

Maybe. I had heard that some APIs, like dlopen, would cause apps to use the old dyld behavior. If that's the case then it will still be possible to use fishhook if needed. If Apple one day forces apps to use dyld 3, then yes fishhook will no longer be applicable.

[LeoNatan]

Dylibs loaded by dlopen are handled the old way, but then rebinding will only work for those dylibs.

I think there is a linker flag to achieve this if an apps functionality is broken. Just wanted to make sure I understood correctly the implications. Let’s keep this issue open for now, as it will be interesting to see how things go. I am familiar with projects that inject code by inserting LC_LOAD_DYLIB commands statically, and then on launch use fishhook to rebind symbols. As I understand it, such a project would fail to rebind, if the binary was not linked with that flag (so they might have to modify more portions of the binary in addition to inserting LC_LOAD_DYLIB commands).

[kastiglione]

https://mobile.twitter.com/lgerbarg/status/882055176298704896

According to this third party apps have another year before being able to use dyld3.

[dzan]

Any news on this now that iOS11 is released? On twitter people reported it was used in e.g. Safari already.

[mmmulani]

I'm having trouble getting fishhook to work on iOS 11.1 on a project where it previously worked, so perhaps they enabled dyld 3.0 in 11.1?

[kastiglione]

perhaps they enabled dyld 3.0 in 11.1

if you find out anything, please follow up

[LeoNatan]

I don’t believe this to be the case. We’re using fishhook with Xcode 9.2 projects on iOS 11.2 and have observed no issues (other than already-known ones).

[dzan]

Dyld3 source is available here; https://opensource.apple.com/tarballs/dyld/dyld-519.2.1.tar.gz

I haven't had the time yet to look into it but maybe someone else has? Please let us know what you find and if the fishhook approach is still valid.

[lanza]

As far as I can tell this shouldn't be an issue unless some of the APIs are deprecated.

fishhook still works even if you call it after the symbol you are rebinding has been bound. (e.g. sin(); rebind_symbol({ "sin", my_sin, orig_sin }); sin();) Watching that video seems like the only thing changing is that the loader will be loading a cached version of the image with the symbols already resolved. Am I missing some aspect?