Results 1 to 11 of 11

Thread: About customizing my own built-in functions in C

  1. #1

    About customizing my own built-in functions in C

    Greetings EveryOne

    I have been programming for over a year now, and I can say that I am making a good progress teaching myself programming and that's thanks to the contributions of others on the net, so I am sincerely grateful for that.

    Now I want to move further a head, while I was working on an exercise in a book about C, I got a good idea to developed my solution.

    To achieve what I have in mind I need to customize my own fgetc() function, to do so I had to look for fgetc() implementation, as we know the implementation differs from compiler to compiler, lucky GCC is free software with source code available for download.

    After downloading gcc-4.6.2.tar.gz (89.4 MB) from ftp://ftp.gnu.org/gnu/gcc/gcc-4.6.2/, extracting it and going through it file by file I couldn't find the implementation for the standard library, I couldn't find stdio.c.

    Am I looking in the wrong place? Is something wrong with what I am doing?

    Please Someone Guide me in the right direction, Thank You In Advance

    P.S: I forgot to mention I am running on Windows.
    Last edited by Shikatsu; January 3rd, 2012 at 20:47.
    I promise that I have read the FAQ and tried to use the Search to answer my question.

  2. #2
    Red wine, not vodka! ZaiRoN's Avatar
    Join Date
    Oct 2001
    Location
    Italy
    Posts
    922
    Blog Entries
    17
    - Reversing related answer:

    #include <stdio.h>
    void main ()
    {
    FILE *pFile;
    int c;
    pFile = fopen("file_to_read","r");
    c = fgetc(pFile);
    fclose (pFile);
    }

    Compile and debug!

    - Non-reversing related answer:
    use google, you'll find the source somewhere else too...
    A mind is like a parachute. It doesnt work if it's not open.

  3. #3
    Thank you ZaiRoN for your reply.

    Already tired that with my binary gcc, what I get is the assembly code when I set the break point at:

    Code:
    c = fgetc(pFile);
    Or you are suggesting to compile gcc from source first then try to debug it? (didn't try this)

    searched on google for days and days but without luck.

    Thank You for trying to help.
    I promise that I have read the FAQ and tried to use the Search to answer my question.

  4. #4
    http://www.google.com/codesearch#search/&q=fgetc%20lang:%5Ec$&type=cs
    I flout Chuck Norris, Spongebob barbecues underwater!

  5. #5
    Red wine, not vodka! ZaiRoN's Avatar
    Join Date
    Oct 2001
    Location
    Italy
    Posts
    922
    Blog Entries
    17
    I was suggesting to step inside
    fgetc looking at the disasm code of the function, from that point you'll be able to reconstruct the original function (and then to modify it as you desire)
    A mind is like a parachute. It doesnt work if it's not open.

  6. #6

    glibc

    Quote Originally Posted by Shikatsu View Post

    Please Someone Guide me in the right direction, Thank You In Advance

    P.S: I forgot to mention I am running on Windows.
    I think what you are looking for is in glibc, the library that allows the gcc compiler to hook into the OS's API.

    You can start here:
    https://www.gnu.org/software/libc/

    In general you need to get some tools that allow you to search for the linker symbols that you are interested in. On Linux I could do a find command for all shared libraries and have it do a grep -q for the symbols I am interested in, and then finally use the nm command to see if the libraries were providing that reference or requiring a link to that routine. Once you know what library the routine exists in you can then find out where the source for that library resides. On Linux I did a "yum whatprovides /lib/libc-2.14.so" which told me glibc, but I don't think Windows has that capability, so a web search is probably your best bet at that point. The moral of the story is to find the tools you need to dig into your system and resolve the references so you can investigate anything as the need arises.

    Good luck!

  7. #7
    I was suggesting to step inside
    fgetc looking at the disasm code of the function, from that point you'll be able to reconstruct the original function (and then to modify it as you desire)
    I am not that advanced in Assembly, I am still reading about the basics so i don't think that would help me.

    Though i wonder if Assembly would help me figure it out as i need access to FILE struct members as they are implemented in fgetc, how did i knew that, from reading this old book "THE STANDARD C LIBRARY" by P.J.PLAUGER (Prentice, 1992).

    In Page 290, you can find the implementation of fgetc:

    Code:
    #include <stdio.h>
     
    int fgetc(FILE *str)
    {
        // get a character from stream;
        if(0<str->_Nback)
        {
            // deliver pushed back char;
            if(--str->_Nback == 0)
            {
                str->_Rend = str->_Rsave;
            }
     
            return (str->_Back[str->_Nback]);
        }
     
        if(str->_Next < str->_Rend)
        {
     
        }
        else
        if(_Frprep(str) <= 0)
        {
            return EOF;
        }
     
        return (*str->_Next++);
    }
    the implementation above is not valid for gcc but it gives an idea of how the function works.

    I think what you are looking for is in glibc, the library that allows the gcc compiler to hook into the OS's API.

    You can start here:
    https://www.gnu.org/software/libc/
    I have been there again and again and even before posting here but couldn't figure out anything helpful from it.

    In general you need to get some tools that allow you to search for the linker symbols that you are interested in. On Linux I could do a find command for all shared libraries and have it do a grep -q for the symbols I am interested in, and then finally use the nm command to see if the libraries were providing that reference or requiring a link to that routine. Once you know what library the routine exists in you can then find out where the source for that library resides. On Linux I did a "yum whatprovides /lib/libc-2.14.so" which told me glibc, but I don't think Windows has that capability, so a web search is probably your best bet at that point. The moral of the story is to find the tools you need to dig into your system and resolve the references so you can investigate anything as the need arises.
    I couldn't understand much of that as i been on window only, but it sound promising so that made me consider to switch to linux if i can get that privilege (i have to switch to linux at some point though if i want to make a good progress in my learning path), so do you have a tutorial a step by step for what you had described?

    I still like to learn where to access the gcc (c/c++) implementation for window if it's possible.

    As you can see i still need help with this, if any one have some guidance i will be glad to hear it, Thank You.
    I promise that I have read the FAQ and tried to use the Search to answer my question.

  8. #8
    son of Bungo & Belladonna bilbo's Avatar
    Join Date
    Mar 2004
    Location
    Rivendell
    Posts
    310
    I like your idea (use a self-made LIBC)...
    This link is for you: http://www.codeproject.com/KB/library/tlibc.aspx (even if 5 years old)

    Best regards, bilbo
    Non quia difficilia sunt, non audemus, sed quia non audemus, difficilia sunt.[Seneca, Epistulae Morales 104, 26]

  9. #9
    If you want to explore code in any Open Source program/library you can use 'Google Code Search' to read or hyperlink through the source code.

    https://www.google.com/codesearch

    Below is a complete google code search link to the source of fgetc in glibc 2.1.3. From that page you can click on any function on the left panel and read the source of that function.

    https://www.google.com/codesearch#aivgwOHmhBo/mirror/users/u/urnaik/glibc-2.1.3.tar.gz|WbTnQ5DcqbM/glibc-2.1.3/stdio/fgetc.c&q=fgetc%20package:glibc%20lang:^c$&type=cs

    If you plan on changing the code it is best to download the exact version of glibc that you are using and then recompile the entire library. You might be able to recompile the function by itself but it will be more complicated to link that into your application unless you rename your modified function (e.g. my_fgetc()) so that there are no name collisions with the real glibc system functions.

    As for learning Linux/Unix/POSIX/XOpen environments, you can do that without having to wipe your machine and load another operating system.

    1) You can use a LiveCD (http://livecdlist.com/). Just download the ISO file and burn it to a CD/CVD. After burning it to the DVD if you can see several file and directories on the disk you can simply reboot the machine from the DVD to learn Linux, or whatever software system you chose. But If instead you see just one big ISO file on the disk then you didn't do it right. I would tell you how to do it but I don't know what software you are using on your Windows machine. Hopefully your software knows the right way to burn an ISO file.

    2) Another way is to install Cygwin on your Windows machine and learn the Unix command line environment without changing your OS. Many tasks can be done faster via the Cygwin command line and you will be more well rounded as a developer if you can find your way around in both Windows and Unix environments.

  10. #10
    Thank you very much guys for your encouragement.

    I sat down today to work on what Mr. slcoleman suggested as today is my day off, unfortunately i found out that google had shut down codesearch (along with other useful products) for no convincing reason, they redirected me to this page:

    http://code.google.com/hosting/

    but when searching for (glibc fgetc) you get no results at all and if you search for (fgetc) you get only two useless results (they are useless to what i am trying to achieve).

    I can guess that google had done this (shut those products) to protect itself in case the SOPA and PIPA bills got approved in the congress.

    I think some people envy the idea of free knowledge for everyone on the Internet and they wanna keep it for themselves only for obvious reasons.

    So Any Idea Please to approach this, both on Windows & Linux. Thank You Very Very Much For Any Help.
    I promise that I have read the FAQ and tried to use the Search to answer my question.

  11. #11
    son of Bungo & Belladonna bilbo's Avatar
    Join Date
    Mar 2004
    Location
    Rivendell
    Posts
    310
    unfortunately i found out that google had shut down codesearch (along with other useful products)
    too bad to hear that...
    koders.com is indeed a good alternative...

    Best regards
    bilbo
    Non quia difficilia sunt, non audemus, sed quia non audemus, difficilia sunt.[Seneca, Epistulae Morales 104, 26]

Similar Threads

  1. Execryptor EC functions
    By LaBBa in forum Malware Analysis and Unpacking Forum
    Replies: 3
    Last Post: May 13th, 2009, 00:49
  2. Recognize any of these functions?
    By FrankRizzo in forum Advanced Reversing and Programming
    Replies: 3
    Last Post: April 26th, 2007, 18:46
  3. Dll functions
    By ReVeR in forum The Newbie Forum
    Replies: 11
    Last Post: August 13th, 2004, 17:14
  4. Hooking DLL functions
    By Hero in forum The Newbie Forum
    Replies: 1
    Last Post: July 28th, 2004, 08:41
  5. Disabled functions
    By Bazil in forum Malware Analysis and Unpacking Forum
    Replies: 1
    Last Post: March 20th, 2001, 18:24

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •