iPhone神秘组装
我正在研究一个 iPhone 汇编函数,其中包含对库函数 open 和 fcntl 的调用。一般来说,我不熟悉汇编语言,因此很难理解程序的执行。我想知道的是 open 和 fcntl 函数的参数。任何其他解释此功能的作用也是非常受欢迎的。
代码:
-[Utilities openFileAsset]:
00000a94 b590 push {r4, r7, lr}
00000a96 af01 add r7, sp, #4
00000a98 b088 sub sp, #32
00000a9a ab01 add r3, sp, #4
00000a9c 6018 str r0, [r3, #0]
00000a9e 466b mov r3, sp
00000aa0 6019 str r1, [r3, #0]
00000aa2 ab01 add r3, sp, #4
00000aa4 681a ldr r2, [r3, #0]
00000aa6 4b4a ldr r3, [pc, #296] (0xbd0)
00000aa8 447b add r3, pc
00000aaa 681b ldr r3, [r3, #0]
00000aac 1c10 adds r0, r2, #0
00000aae 1c19 adds r1, r3, #0
00000ab0 f001ee46 blx 0x2740 ; symbol stub for: _objc_msgSend
00000ab4 1c03 adds r3, r0, #0
00000ab6 b2db uxtb r3, r3
00000ab8 2b00 cmp r3, #0
00000aba d100 bne.n 0xabe
00000abc e086 b.n 0xbcc
00000abe 4b45 ldr r3, [pc, #276] (0xbd4)
00000ac0 447b add r3, pc
00000ac2 681b ldr r3, [r3, #0]
00000ac4 681b ldr r3, [r3, #0]
00000ac6 1c1a adds r2, r3, #0
00000ac8 4b43 ldr r3, [pc, #268] (0xbd8)
00000aca 447b add r3, pc
00000acc 681b ldr r3, [r3, #0]
00000ace 1c10 adds r0, r2, #0
00000ad0 1c19 adds r1, r3, #0
00000ad2 2201 movs r2, #1
00000ad4 f001ee34 blx 0x2740 ; symbol stub for: _objc_msgSend
00000ad8 1c02 adds r2, r0, #0
00000ada 23f0 movs r3, #240
00000adc 005b lsls r3, r3, #1
00000ade 1c10 adds r0, r2, #0
00000ae0 2102 movs r1, #2
00000ae2 1c1a adds r2, r3, #0
00000ae4 f001ee84 blx 0x27f0 ; symbol stub for: _open
00000ae8 1c02 adds r2, r0, #0
00000aea 4b3c ldr r3, [pc, #240] (0xbdc)
00000aec 447b add r3, pc
00000aee 681b ldr r3, [r3, #0]
00000af0 601a str r2, [r3, #0]
00000af2 4b3b ldr r3, [pc, #236] (0xbe0)
00000af4 447b add r3, pc
00000af6 681b ldr r3, [r3, #0]
00000af8 681b ldr r3, [r3, #0]
00000afa 1c18 adds r0, r3, #0
00000afc 2104 movs r1, #4
00000afe 2204 movs r2, #4
00000b00 f001ee0e blx 0x2720 ; symbol stub for: _fcntl
I am studying a iPhone-assembly function containing calls to library functions open and fcntl. Being unfamiliar with assembly language in general I have trouble understanding the program execution. What I would like to know are the parameters for open and fcntl functions. Any other explanation what this function does is most welcome as well.
Code:
-[Utilities openFileAsset]:
00000a94 b590 push {r4, r7, lr}
00000a96 af01 add r7, sp, #4
00000a98 b088 sub sp, #32
00000a9a ab01 add r3, sp, #4
00000a9c 6018 str r0, [r3, #0]
00000a9e 466b mov r3, sp
00000aa0 6019 str r1, [r3, #0]
00000aa2 ab01 add r3, sp, #4
00000aa4 681a ldr r2, [r3, #0]
00000aa6 4b4a ldr r3, [pc, #296] (0xbd0)
00000aa8 447b add r3, pc
00000aaa 681b ldr r3, [r3, #0]
00000aac 1c10 adds r0, r2, #0
00000aae 1c19 adds r1, r3, #0
00000ab0 f001ee46 blx 0x2740 ; symbol stub for: _objc_msgSend
00000ab4 1c03 adds r3, r0, #0
00000ab6 b2db uxtb r3, r3
00000ab8 2b00 cmp r3, #0
00000aba d100 bne.n 0xabe
00000abc e086 b.n 0xbcc
00000abe 4b45 ldr r3, [pc, #276] (0xbd4)
00000ac0 447b add r3, pc
00000ac2 681b ldr r3, [r3, #0]
00000ac4 681b ldr r3, [r3, #0]
00000ac6 1c1a adds r2, r3, #0
00000ac8 4b43 ldr r3, [pc, #268] (0xbd8)
00000aca 447b add r3, pc
00000acc 681b ldr r3, [r3, #0]
00000ace 1c10 adds r0, r2, #0
00000ad0 1c19 adds r1, r3, #0
00000ad2 2201 movs r2, #1
00000ad4 f001ee34 blx 0x2740 ; symbol stub for: _objc_msgSend
00000ad8 1c02 adds r2, r0, #0
00000ada 23f0 movs r3, #240
00000adc 005b lsls r3, r3, #1
00000ade 1c10 adds r0, r2, #0
00000ae0 2102 movs r1, #2
00000ae2 1c1a adds r2, r3, #0
00000ae4 f001ee84 blx 0x27f0 ; symbol stub for: _open
00000ae8 1c02 adds r2, r0, #0
00000aea 4b3c ldr r3, [pc, #240] (0xbdc)
00000aec 447b add r3, pc
00000aee 681b ldr r3, [r3, #0]
00000af0 601a str r2, [r3, #0]
00000af2 4b3b ldr r3, [pc, #236] (0xbe0)
00000af4 447b add r3, pc
00000af6 681b ldr r3, [r3, #0]
00000af8 681b ldr r3, [r3, #0]
00000afa 1c18 adds r0, r3, #0
00000afc 2104 movs r1, #4
00000afe 2204 movs r2, #4
00000b00 f001ee0e blx 0x2720 ; symbol stub for: _fcntl
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(1)
您需要去获取 ARM ABI 文档。
只要您只需要第一个或两个参数,Greg 的“so你在 objc_msgSend() 中崩溃了”是一个很好的参考(我一直使用它)。
(剧透:前三个参数是 r0、r1 和 r2...或多或少)
You need to go and grab the ARM ABI documentation.
As long as you only need the first parameter or two, Greg's "so you crashed in objc_msgSend()" is a great reference (I use it all the time).
(Spoiler: first three args are r0, r1, and r2.... more or less)