New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

install_name_tool doesn't adjust ad-hoc code signatures #410

Open

sfackler opened this issue Dec 12, 2023 · 1 comment

Contributor

sfackler commented Dec 12, 2023 •

edited

Loading

In Linux using osxcross with the custom clang build:

$ cat test.c
#include <stdio.h>

void hello() {
        printf("hello world\n");
}
$ aarch64-apple-darwin20.4-cc -c -fpic test.c
$ aarch64-apple-darwin20.4-cc -shared -o libtest.dylib test.o
$ cp libtest.dylib libtest-patched.dylib
$ aarch64-apple-darwin20.4-install_name_tool libtest-patched.dylib -id @rpath/libtest.dylib

In macOS:

$ codesign --verify libtest.dylib
$ codesign --verify libtest-patched.dylib
libtest-patched.dylib: invalid signature (code or signature have been modified)
In architecture: arm64

Using the native install_name_tool does preserve a correct signature:

$ cp libtest.dylib libtest-patched.dylib
$ install_name_tool libtest-patched.dylib -id @rpath/libtest.dylib
$ codesign --verify libtest-patched.dylib

The text was updated successfully, but these errors were encountered:

Contributor Author

sfackler commented Dec 13, 2023

It looks like the newest cctools version supports re-signing the binary but needs codedirectory support to be enabled which doesn't seem to be the case right now: https://github.com/tpoechtrager/cctools-port/blob/1009.2-ld64-907/cctools/misc/install_name_tool.c#L337-L347

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment