A linux library to get the file path of the currently running shared library. Emulates use of Win32 GetModuleHandleEx/GetModuleFilename.

Related tags

Utilities whereami
Overview

whereami

A linux library to get the file path of the currently running shared library. Emulates use of Win32 GetModuleHandleEx/GetModuleFilename.

usage

Dynamically link libwhereami.so or statically compile whereami.c into your program. The whereami function will give the file path of the code that called it:

void my_function() {
	char path[PATH_MAX];
	ssize_t error;
	if ((error = whereami(path, PATH_MAX)) < 0) {
		printf("error: %ld\n", error);
	} else {
		printf("%s\n", path); // the path to the executable/library that contains the line where whereami was called
	}
}

Also supplied is a function whereisthis that can be used to query the location of a function or static variable:

void my_function() {
	static int myvar = 0;

	char path[PATH_MAX];
	ssize_t error;

	if ((error = whereisthis(&my_function, path, PATH_MAX)) < 0) {
		printf("error: %ld\n", error);
	} else {
		printf("my_function is in %s\n", path); // the path to the executable/library that contains my_function
	}

	if ((error = whereisthis(&myvar, path, PATH_MAX)) < 0) {
		printf("error: %ld\n", error);
	} else {
		printf("myvar is in %s\n", path); // the path to the executable/library that contains myvar
	}
}

The function whereami__self gives the file path for the whereami library itself. Only really useful for testing.

how it works

On linux, the files associated with mapped addresses can be read from the file /proc/self/maps. This is a kind of virtual file that the kernel automatically generates depending on the process accessing it. It has this format:

$ cat /proc/self/maps
5596711e9000-5596711eb000 r--p 00000000 fd:00 19136663                   /usr/bin/cat
5596711eb000-5596711f0000 r-xp 00002000 fd:00 19136663                   /usr/bin/cat
5596711f0000-5596711f3000 r--p 00007000 fd:00 19136663                   /usr/bin/cat
5596711f3000-5596711f4000 r--p 00009000 fd:00 19136663                   /usr/bin/cat
5596711f4000-5596711f5000 rw-p 0000a000 fd:00 19136663                   /usr/bin/cat
5596728c0000-5596728e1000 rw-p 00000000 00:00 0                          [heap]
7f635ba63000-7f635ba85000 rw-p 00000000 00:00 0 
7f635ba85000-7f635bff5000 r--p 00000000 fd:00 19137364                   /usr/lib/locale/locale-archive
7f635bff5000-7f635c01a000 r--p 00000000 fd:00 19138679                   /usr/lib/x86_64-linux-gnu/libc-2.31.so
7f635c01a000-7f635c192000 r-xp 00025000 fd:00 19138679                   /usr/lib/x86_64-linux-gnu/libc-2.31.so
7f635c192000-7f635c1dc000 r--p 0019d000 fd:00 19138679                   /usr/lib/x86_64-linux-gnu/libc-2.31.so
7f635c1dc000-7f635c1dd000 ---p 001e7000 fd:00 19138679                   /usr/lib/x86_64-linux-gnu/libc-2.31.so
7f635c1dd000-7f635c1e0000 r--p 001e7000 fd:00 19138679                   /usr/lib/x86_64-linux-gnu/libc-2.31.so
7f635c1e0000-7f635c1e3000 rw-p 001ea000 fd:00 19138679                   /usr/lib/x86_64-linux-gnu/libc-2.31.so
7f635c1e3000-7f635c1e9000 rw-p 00000000 00:00 0 
7f635c202000-7f635c203000 r--p 00000000 fd:00 19138675                   /usr/lib/x86_64-linux-gnu/ld-2.31.so
7f635c203000-7f635c226000 r-xp 00001000 fd:00 19138675                   /usr/lib/x86_64-linux-gnu/ld-2.31.so
7f635c226000-7f635c22e000 r--p 00024000 fd:00 19138675                   /usr/lib/x86_64-linux-gnu/ld-2.31.so
7f635c22f000-7f635c230000 r--p 0002c000 fd:00 19138675                   /usr/lib/x86_64-linux-gnu/ld-2.31.so
7f635c230000-7f635c231000 rw-p 0002d000 fd:00 19138675                   /usr/lib/x86_64-linux-gnu/ld-2.31.so
7f635c231000-7f635c232000 rw-p 00000000 00:00 0 
7ffea868f000-7ffea86b0000 rw-p 00000000 00:00 0                          [stack]
7ffea87c4000-7ffea87c8000 r--p 00000000 00:00 0                          [vvar]
7ffea87c8000-7ffea87ca000 r-xp 00000000 00:00 0                          [vdso]
ffffffffff600000-ffffffffff601000 --xp 00000000 00:00 0                  [vsyscall]

The function whereisthis simply opens this file and parses it, searching for the range containing the passed address. The function whereami uses __builtin_return_address to get the address of the function caller, and passes that address to whereisthis.

license

CC0 license badge

CC0 1.0 Universal https://creativecommons.org/publicdomain/zero/1.0/ To the extent possible under law, Blackle Mori has waived all copyright and related or neighboring rights to this work.

Owner
Blackle Morisanchetto
I'm a shark
Blackle Morisanchetto
A cross platform C99 library to get cpu features at runtime.

cpu_features A cross-platform C library to retrieve CPU features (such as available instructions) at runtime. Table of Contents Design Rationale Code

Google 2.1k Aug 12, 2022
convert elf file to single c/c++ header file

elf-to-c-header Split ELF to single C/C++ header file

Musa √únal 2 Nov 4, 2021
An asynchronous directory file change watcher module for Windows, macOS and Linux wrapped for V

A V module for asynchronously watching for file changes in a directory. The module is essentially a wrapper for septag/dmon. It works for Windows, macOS and Linux.

null 16 Jul 29, 2022
Scans all running processes. Recognizes and dumps a variety of potentially malicious implants (replaced/implanted PEs, shellcodes, hooks, in-memory patches).

Scans all running processes. Recognizes and dumps a variety of potentially malicious implants (replaced/implanted PEs, shellcodes, hooks, in-memory patches).

hasherezade 1.4k Aug 8, 2022
Locate the current executable and the current module/library on the file system

Where Am I? A drop-in two files library to locate the current executable and the current module on the file system. Supported platforms: Windows Linux

Gregory Pakosz 366 Aug 7, 2022
A small and portable INI file library with read/write support

minIni minIni is a portable and configurable library for reading and writing ".INI" files. At just below 900 lines of commented source code, minIni tr

Thiadmer Riemersma 270 Aug 8, 2022
Small configuration file parser library for C.

libConfuse Introduction Documentation Examples Build & Install Origin & References Introduction libConfuse is a configuration file parser library writ

null 411 Aug 5, 2022
Dead simple C logging library contained in a single header (.h) file

Seethe Logging so simple, you only need to include a single header file. seethe supports 6 different log levels (DEBUG, INFO, NOTICE, WARNING, ERROR,

Jason Nguyen 27 May 9, 2022
C++ NIF library for the Gamebryo/NetImmerse File Format

nifly C++ NIF library for the Gamebryo/NetImmerse File Format. Created with a clean-room design. Features Reading and writing NIF files (Gamebryo/NetI

null 30 Aug 6, 2022
An easy-to-use C library for displaying text progress bars.

What is this thing? progressbar is a C-class (it's a convention, dammit) for displaying attractive progress bars on the command line. It's heavily inf

Trevor Fountain 429 Jul 29, 2022
A simple and easy-to-use library to enjoy videogames programming

hb-raylib v3.5 Harbour bindings for raylib 3.5, a simple and easy to use library to learn videogames programming raylib v3.5. The project has an educa

MarcosLMG 0 May 24, 2022
Haxe bindings for raylib, a simple and easy-to-use library to learn videogame programming

Haxe bindings for raylib, a simple and easy-to-use library to learn videogame programming, Currently works only for windows but feel free the expand t

FSasquatch 27 Jul 8, 2022
RapidObj is an easy-to-use, single-header C++17 library that loads and parses Wavefront .obj files.

RapidObj About Integration Prerequisites Manual Integration CMake Integration API RapidObj Result Next Steps OS Support Third Party Tools and Resource

Slobodan Pavlic 77 Aug 4, 2022
CppDyn is a library which aims to simplify use of polymorphism in C++20

Cpp Dyn Cpp-Dyn tries to improve C++ runtime polymorphism. Indeed, C++ runtime polymorphism, originally, uses inheritance and virtual methods. Sean Pa

Antoine MORRIER 14 Jun 7, 2022
Simple .INI file parser in C, good for embedded systems

inih (INI Not Invented Here) inih (INI Not Invented Here) is a simple .INI file parser written in C. It's only a couple of pages of code, and it was d

Ben Hoyt 1.8k Aug 6, 2022
ini file parser

Iniparser 4 I - Overview This modules offers parsing of ini files from the C level. See a complete documentation in HTML format, from this directory o

Nicolas D 807 Aug 8, 2022
Beacon Object File (BOF) for remote process injection via thread hijacking

cThreadHijack ___________.__ .______ ___ .__ __ __ ___\__ ___/| |_________ ____ _____

Connor McGarr 141 Aug 1, 2022
A Cobalt Strike Beacon Object File (BOF) project which uses direct system calls to enumerate processes for specific loaded modules or process handles.

FindObjects-BOF A Cobalt Strike Beacon Object File (BOF) project which uses direct system calls to enumerate processes for specific modules or process

Outflank B.V. 241 Aug 2, 2022
A Beacon Object File (BOF) for Cobalt Strike which uses direct system calls to enable WDigest credential caching.

WdToggle A Proof of Concept Cobalt Strike Beacon Object File which uses direct system calls to enable WDigest credential caching and circumvent Creden

Outflank B.V. 196 Jul 18, 2022