Skip to content

Objc Call Snapshots

Jump to bottom
高级页面仔 edited this page Oct 24, 2020 · 5 revisions

Requirements

  • iblessing version >= 0.4.5

Objc Call Snapshots

The objc-msg-xref scanner will produce a call snapshots in json format (binary_call-snapshots.iblessing.json), it records all parameter snapshots before calling objc_msgSend:

In order to reduce the size of json as much as possible, most of the keys are abbreviated, snapshots of each call follows the format below:

  • id -> method id in xref report
  • cls -> class name
  • clsa -> class address
  • m -> method name
  • ma -> method implementation address
  • calls -> all snapshots for this method (ignore self and cmd, starts from X2)
  • e -> type encoding
  • t -> type name
  • v -> value
  • r -> is resolved
  • p -> is primary type
{
	"snapshots": [{
		"id": 66,
		"cls": "IBSRoot",
		"clsa": 4295024352,
		"m": "-[IBSRoot rootInstanceMethodWithPrimaryBOOL:primaryInt:primaryFloat:primaryDouble:]",
		"ma": 4295000772,
		"calls": [
			[{
				"e": "B",
				"t": "bool",
				"v": "0x1",
				"r": true,
				"p": true
			}, {
				"e": "i",
				"t": "int",
				"v": "0xaaaa",
				"r": true,
				"p": true
			}, {
				"e": "f",
				"t": "float",
				"v": "0x1",
				"r": false,
				"p": true
			}, {
				"e": "d",
				"t": "double",
				"v": "0x0",
				"r": false,
				"p": true
			}]
		]
	}, {
		"id": 67,
		"cls": "IBSRoot",
		"clsa": 4295024352,
		"m": "-[IBSRoot rootInstanceMethodWithCTypesPrimaryStruct:primaryStructPtr:rawPtrVal:constCString:dynamicCString:]",
		"ma": 4295000808,
		"calls": [
			[{
				"e": "{PrimaryStruct=ii*}",
				"t": "",
				"v": "0xbbbb0000aaaa",
				"r": false,
				"p": false
			}, {
				"e": "^{PrimaryStruct=ii*}",
				"t": "",
				"v": "0x10000bda8",
				"r": false,
				"p": false
			}, {
				"e": "^v",
				"t": "",
				"v": "0x2ffffff50",
				"r": false,
				"p": false
			}, {
				"e": "*",
				"t": "char *",
				"v": "0x1024",
				"r": false,
				"p": false
			}]
		]
	}, {
		"id": 70,
		"cls": "IBSRoot",
		"clsa": 4295024352,
		"m": "-[IBSRoot rootInstanceMethodWithOCObjectConstOCStringVal:constOCDictVal:dynamicOCStringVal:dynamicOCDict:selfInput:localAllocate:]",
		"ma": 4295000436,
		"calls": [
			[{
				"e": "id",
				"t": "NSString",
				"v": "const oc string",
				"r": true,
				"p": false
			}, {
				"e": "id",
				"t": "",
				"v": "0x10000de20",
				"r": false,
				"p": false
			}, {
				"e": "id",
				"t": "NSString",
				"v": "dynamic string",
				"r": true,
				"p": false
			}, {
				"e": "id",
				"t": "",
				"v": "0x10000de20",
				"r": false,
				"p": false
			}, {
				"e": "id",
				"t": "IBSCallTester",
				"v": "",
				"r": false,
				"p": false
			}, {
				"e": "id",
				"t": "InstanceObject",
				"v": "",
				"r": false,
				"p": false
			}]
		]
	}],
	"version": "0.1"
}

Limit

  • There is currently no SIMD support, so floating-point argument parsing is not supported.
  • There is no objc runtime simulation procedure now, so we can only get type of some objc objects and the values of const strings.
  • In order to be cross-platform, we cannot use Foundation framework, so the method signature parsers is not so reliable for some complex C++ template types.

Scanners

Generators

Clone this wiki locally