PLT interposed functions cannot use SHIVA_HELPER_CALL_EXTERNAL without creating a call loop #36
Description
Patches can interpose functions within the executable, and they can also interpose functions that are PLT stubs within the executable; in other words-- any shared library function that is already being called by the executable will have a PLT stub and Shiva supports interposing those.
This works fine, as we've seen with pacman hacking we interpose GlutIdleFunc() which is a libglut4.0 function.
In any case, during the EBOSS evaluation-2 challenges we ran into a bug where when interposing a shared library function uv_getaddrinfo it was crashing when then trying to call bac kto the original uv_getaddrinfo(). This is because it calls to uv_getaddrinfo@plt -- but unfortunately this PLT stub entry has been patched to jmp to the new uv_getaddrinfo.
To fix this we need to make sure that external calls to the original interposed PLT entry will instead invoke the shared library function directly by patching the patch objects internal plt/got table with the address to the shared library function instead of to the PLT entry.