ByteHook v1.0.5

[caikelun]

Bugs fixed

• Fixed an issue where calling dlclose in some proxy functions could cause a deadlock.

This is a very rare case: in the hook operation flow of ByteHook itself, some functions used are hooked, and dlclose is called in the proxy function. For example: the call of mmap to mmap64 in libc.so is hooked, and dlclose is called in mmap64_proxy. ByteHook can prevent itself from being hooked by PLT, but cannot prevent other dynamic libraries on the call chain from being hooked.

New features

• Added interfaces (native layer bytehook_add_ignore and java layer addIgnore) for setting the dynamic libraries that need to be ignored globally.

We may need to ignore some dynamic libraries globally. For example, some hardened dynamic libraries from third parties may contain some unknown protection errors. Executing hooks on these dynamic libraries may cause unknown problems. Hooks to dlopen and dlclose inside ByteHook are also not available.

Improve

• Add clang_format configuration and format code.
• Add java checkstyle configuration.
• Update version for gradle and AGP.

Bugs 修复

• 修复了在某些 proxy 函数中调用 dlclose 可能引起死锁的问题。

这是一种非常罕见的情况：在 ByteHook 自身的 hook 操作流程中，某些用到的函数被 hook 了，而在 proxy 函数中调用了 dlclose。比如：libc.so 中 mmap 对 mmap64 的调用被 hook 了，在 mmap64_proxy 中调用了 dlclose。ByteHook 能避免自身被 PLT hook，但是无法阻止调用链上其他动态库被 hook。

新特性

• 增加了接口（native 层 bytehook_add_ignore 和 java 层 addIgnore），用于设置全局需要忽略的动态库。

我们可能需要全局的忽略某些动态库，例如某些来自第三方的加固过的动态库，可能包含某些未知的防护错误，对这些动态库执行 hook 可能引起未知的问题。包括 ByteHook 内部对 dlopen 和 dlclose 的 hook 也不能进行。

改进

• 增加 clang_format 配置，并格式化代码。
• 增加了 java checkstyle 配置。
• 升级 gradle 和 AGP 的版本。

---

This discussion was created from the release ByteHook v1.0.5.