Wrapping dlsym

Wrapping dlsym. Copyright by h1web. Licensed under the GPL. Today I've made an interesting discovery.
I found out how to wrap dlsym, which is kind of like the ELF equivalent to GetProcAddress.
This is interesting because it allows us to wrap several other functions that are being dynamically imported.
The concept was clear for me before, but a big problem occured. If you wrap dlsym, you somehow need to get the original address to dlsym to resolve the symbols the target program wants to resolve. But since we wrapped it, this is not possible anymore.
In fact it is. libc has a private backend to a lot of functions, including dlsym. So we just use that backend to solve that problem. The private function would be __libc_dlsym. It's declared like the normal one. Here's an example on what you can do with it. It's an ET wallhack:


/* dlsym wrap example.

   Copyright 2007, Henrik "h1web" Friedrichsen


   All rights reserved.



   This program is free software; you can redistribute it and/or modify

   it under the terms of the GNU General Public License as published by


   the Free Software Foundation; either version 2, or (at your option)

   any later version.

  

   This program is distributed in the hope that it will be useful,


   but WITHOUT ANY WARRANTY; without even the implied warranty of

   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the


   GNU General Public License for more details.

  

   You should have received a copy of the GNU General Public License


   along with this program; if not, write to the Free Software

   Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.


*/

#include <stdio.h>

#include <stdlib.h>

#define __USE_GNU

#include <dlfcn.h>

#include <GL/gl.h>



#include "sdk/cg_local.h"




typedef int (*syscall_t)(int callnum, ...);

syscall_t psyscall = 0;

int syscall(int callnum, int* arg1, int* arg2, int* arg3, int* arg4, int* arg5, int* arg6, int* arg7, int* arg8, int* arg9, int* arg10)


{

        if(callnum == CG_R_ADDREFENTITYTOSCENE) {

                refEntity_t* ent = (refEntity_t*)arg1;

                ent->renderfx = RF_DEPTHHACK;


        }

        return (*psyscall)(callnum, arg1, arg2, arg3, arg4, arg5, arg6, arg7, arg8, arg9, arg10);


}



typedef void (*dllEntry_t)(void*);

dllEntry_t pdllEntry = 0;

void dllEntry(void* syscallptr)


{

        psyscall = (syscall_t)syscallptr;

        (*pdllEntry)((void*)&syscall);

}




extern void *__libc_dlsym   (void *__map, __const char *__name);

typedef void* (*dlsym_t)(void*, const char*);


dlsym_t pdlsym = 0;

void *dlsym(void *handle, const char *symbol)


{

        void* result = __libc_dlsym(handle, symbol); // the replacement we are going to use


        if(!strcmp(symbol, "dllEntry")) {

                Dl_info info;

                if(dladdr(result, &info) && strstr(info.dli_fname, "cgame")) {


                        pdllEntry = (dllEntry_t)result;

                        return (void*)dllEntry;

                }

        }

        return result;


}