I am implementing some limited remote debugging functionality for an application written in C running on a Linux box. The goal is to communicate with the application and lookup the value of an arbitrary variable or run an arbitrary function.
I am able to lookup symbols through dlsym()
calls, but I am unable to determine if the address returned refers to a function or a variable. Is there a way to determine typing information via this symbol table?
You can read the file
/proc/self/maps
and parse the first three fields of each line:Then you search the line that contains the address you are looking for and check the permissions:
r-x
: it is code;rw-
: it is writable data;r--
: it is read-only data;rwxp
: generated code, ...).For example the following program:
...in my system gives this output:
...and these are the relevant lines from
/proc/<pid>/maps
:So the addresses are: code, data and data.