How find absolute address of symbol of shared libraries?

I want to write a little function's tracer. I use ptrace.

When I see a CALL instruction, I want to show the function name equivalent to the address call.

My tracer work with symbols with absolute address (sym开发者_开发问答bol define in the main binary). But I don't know how I can get the absolute address in virtual memory of the function of the shared library. Detect the call to libc's functions for example.

I notice that the address of the function in the shared library is relative to the file.

Does the following equation is good?

Absolute address of symbol = address of the shared library in virtual memory +
                             relative address of the symbol.

How can I get the absolute address of a symbol from a shared library?

I think you want to look into how dynamic linking works, specifically the global offset table. http://www.gentoo.org/proj/en/hardened/pic-guide.xml is kind of a start, but getting this to work reliably across systems might be tricky.

The book 'Linkers and Loaders' contains answers to such questions, as well as the background explanations. It might be worth a read. What applies to ELF doesn't apply on Windows, but the book covers both - and some other systems too.

As soon as you did not describe the system you work on, this article clarifies that at least the described task can be solved for some cases, not for all.
If I were in your situation, I would search for corresponding binary fragments in memory and in the library. Then, as soon as memory and library are aligned, the problem is solved. So yes, the equation is good as soon as the library cannot be split and loaded as independent parts.