On Oct 4, 2013, at 2:08 AM, Jonas Maebe <jonas.maebe@elis.ugent.be> wrote:

On 04 Oct 2013, at 01:23, ariel.burton@roguewave.com wrote:

...

My question is this. How can I find the address of the definition of getpid that was interposed (i.e., the one in libSystem.dylib)?

Calling dlsym with RTLD_NEXT should work for that, although the description for that parameter in the man page (at least under Mac OS X 10.5) seems to be wrong:

*** If dlsym() is called with the special handle RTLD_NEXT, then the search for the symbol is limited to the images which were loaded after the one issuing the call to dlsym(). ***

I think that should read "... images which were loaded *before* the one issuing the call ..."

That depends on your point of view. The dynamic loader starts with the main executable and discovers the libraries it needs to load top-down, which means libSystem is "after" the app itself. But bindings and initializers run bottom-up, which means libSystem is "before" the app itself. Newer versions of the man page describe this more clearly: If dlsym() is called with the special handle RTLD_NEXT, then dyld searches for the symbol in the dylibs the calling image linked against when built. ... -- Greg Parker gparker@apple.com Runtime Wrangler _______________________________________________ Do not post admin requests to the list. They will be ignored. Darwin-dev mailing list (Darwin-dev@lists.apple.com) Help/Unsubscribe/Update your Subscription: https://lists.apple.com/mailman/options/darwin-dev/site_archiver%40lists.app... This email sent to site_archiver@lists.apple.com