Saturday, 18 January 2014

[system] ldd - print shared library dependencies

$ whatis ldd
ldd (1)              - print shared library dependencies

ldd có sẵn trên máy bạn vì nó nằm trong package glibc

Từ khóa
shared libraries: hiểu đơn giản hết cỡ thì nó là các library được chương trình load vào khi chạy. (Chi tiết xem ở cuối bài)

Theo man 1 ldd 
ldd prints the shared libraries required by each program or shared library specified on the command line.

Vậy ldd dùng để xem 1 chương trình (hay một library) phụ thuộc (sử dụng) library nào.

Ví dụ:

hvn@archhvn: ~ () $ ldd /usr/bin/ldd
    not a dynamic executable => ldd không dùng thư viện nào
hvn@archhvn: ~ () $ ldd /bin/ls (0x00007fff2e7fe000) => /usr/lib/ (0x00007fd382293000) => /usr/lib/ (0x00007fd38208a000) => /usr/lib/ (0x00007fd381ce0000) => /usr/lib/ (0x00007fd381adb000)
    /lib64/ (0x00007fd382497000)
hvn@archhvn: ~ () $ ldd /bin/bash (0x00007fff003fe000) => /usr/lib/ (0x00007fbec940a000) => /usr/lib/ (0x00007fbec91a5000) => /usr/lib/ (0x00007fbec8fa1000) => /usr/lib/ (0x00007fbec8bf7000)
    /lib64/ (0x00007fbec9650000)

Shared libraries
are libraries that are loaded by programs when they start. When a shared library is installed properly, all programs that start afterwards automatically use the new shared library. It's actually much more flexible and sophisticated than this, because the approach used by Linux permits you to:
  • update libraries and still support programs that want to use older, non-backward-compatible versions of those libraries;
  • override specific libraries or even specific functions in a library when executing a particular program.
  • do all this while programs are running using existing libraries.

Chú ý về security (từ man 1 ldd)
       In  the  usual case, ldd invokes the standard dynamic linker (see with the LD_TRACE_LOADED_OBJECTS environment variable set to 1,  which causes the linker to display the library dependencies.  Be aware, however, that in some  circumstances,  some  versions  of  ldd  may       attempt  to  obtain  the  dependency information by directly executing the program.  Thus, you should never employ ldd on an untrusted executable, since this may result in the execution of arbitrary code.  A safer alternative when dealing with untrusted executables is:

           $ objdump -p /path/to/program | grep NEEDED

Bài viết thực hiện trên:
$ uname -a
Linux archhvn 3.12.5-1-ARCH #1 SMP PREEMPT Thu Dec 12 12:57:31 CET 2013 x86_64 GNU/Linux