[MachO] Handle chained imports with addends #6604

bdash · 2025-04-09T05:13:41Z

They show up in some macOS system executables.

bdash · 2025-04-09T05:29:39Z

I noticed this in a few executables, mostly for references to type info symbols from libc++. The unapplied imports prevent the RTTI analysis from handling these types.

For instance, in /usr/libexec/syspolicyd there are four std::exception subclasses with RTTI that references __ZTVN10__cxxabiv120__si_class_type_infoE + 0x10:

mrowe@dragon:~$ dyld_info -arch arm64e -fixups /usr/libexec/syspolicyd  | grep ' + '
__DATA_CONST    __const          0x100101B60      auth-bind  libc++/__ZTVN10__cxxabiv120__si_class_type_infoE + 0x10 (div=0x0000 ad=0 key=DA)
__DATA_CONST    __const          0x100101BB0      auth-bind  libc++/__ZTVN10__cxxabiv120__si_class_type_infoE + 0x10 (div=0x0000 ad=0 key=DA)
__DATA_CONST    __const          0x100101C00      auth-bind  libc++/__ZTVN10__cxxabiv120__si_class_type_infoE + 0x10 (div=0x0000 ad=0 key=DA)
__DATA_CONST    __const          0x100101C18      auth-bind  libc++/__ZTVN10__cxxabiv120__si_class_type_infoE + 0x10 (div=0x0000 ad=0 key=DA)

[MachO] Handle chained imports with addends

e205fc7

They show up in some macOS system executables.

emesare added this to the H milestone Apr 16, 2025

emesare added File Format: Mach-O Impact: Medium Issue is impactful with a bad, or no, workaround labels Apr 16, 2025

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

[MachO] Handle chained imports with addends #6604

[MachO] Handle chained imports with addends #6604

bdash commented Apr 9, 2025

bdash commented Apr 9, 2025

[MachO] Handle chained imports with addends #6604

Are you sure you want to change the base?

[MachO] Handle chained imports with addends #6604

Conversation

bdash commented Apr 9, 2025

bdash commented Apr 9, 2025