Can gdb make a function pointer point to another location?

Question

I\'ll explain:

Let\'s say I\'m interested in replacing the rand() function used by a certain application.

So I attach gdb to this process and ma

Answer 1

I have a new solution, based on the new original constraints. (I am not deleting my first answer, as others may find it useful.)

I have been doing a bunch of research, and I think it would work with a bit more fiddling.

1. In your .so rename your replacement rand function, e.g my_rand
2. Compile everything and load up gdb
3. Use info functions to find the address of rand in the symbol table

4. Use dlopen then dlsym to load the function into memory and get its address

   call (int) dlopen("my_rand.so", 1) -> -val-

   call (unsigned int) dlsym(-val-, "my_rand") -> my_rand_addr

5. -the tricky part- Find the hex code of a jumpq 0x*my_rand_addr* instruction
6. Use set {int}*rand_addr* = *my_rand_addr* to change symbol table instruction
7. Continue execution: now whenever rand is called, it will jump to my_rand instead

This is a bit complicated, and very round-about, but I'm pretty sure it would work. The only thing I haven't accomplished yet is creating the jumpq instruction code. Everything up until that point works fine.