Class
GumDarwinGrafter
Description [src]
final class Gum.DarwinGrafter : GObject.Object
{
/* No available fields */
}Grafts instrumentation trampolines into a Mach-O binary ahead of time.
Where code signing is strictly enforced, executable pages cannot be patched
at runtime, so GumInterceptor cannot hook by rewriting code on the
fly. The grafter works around this by reserving a trampoline at each chosen
code offset and writing the modified binary back to disk; once that binary is
loaded, the interceptor claims the matching grafted trampoline instead of
patching. This is what the gum-graft command-line tool wraps.
Choose the offsets to instrument explicitly with
gum_darwin_grafter_add() and/or have them ingested automatically via
GumDarwinGrafterFlags, then call gum_darwin_grafter_graft().
g_autoptr(GError) error = NULL;
GumDarwinGrafter * grafter = gum_darwin_grafter_new_from_file (
"/path/to/app", GUM_DARWIN_GRAFTER_FLAGS_INGEST_FUNCTION_STARTS);
gum_darwin_grafter_add (grafter, 0x4118);
if (!gum_darwin_grafter_graft (grafter, &error))
g_printerr ("Failed to graft: %s\n", error->message);
g_object_unref (grafter);
Instance methods
gum_darwin_grafter_add
Adds code_offset to the set of locations that will receive a grafted
trampoline. The offset is relative to the start of the Mach-O image.
gum_darwin_grafter_graft
Grafts trampolines for all collected code offsets and writes the modified binary back to its original path. Fails if the binary has already been grafted; if there is nothing to instrument it succeeds without touching the file.
Signals
Signals inherited from GObject (1)
GObject::notify
The notify signal is emitted on an object when one of its properties has its value set through g_object_set_property(), g_object_set(), et al.