2019-06-26 06:14:36 亲,请 登录 或者 注册
新闻主页 国内新闻 国外新闻 民生资讯 社会动态 各地新闻 经济资讯 时证要闻
 
当前位置:: 瞬间新闻网 >> 社会动态 >> 利用IDA和LLDB探索WebCore的C++类的继承关系 内容
利用IDA和LLDB探索WebCore的C++类的继承关系
来源:瞬间新闻网 时间:2015-12-23   点击发表评论


开刀的类名叫 PluginWidgetIOS,利用lldb可以得到:


(lldb)imagelookup-r-sPluginWidgetIOS

7symbolsmatchtheregularexpression'PluginWidgetIOS'in/Applications/Xcode.app/Contents/Developer/Platforms/iPhoneSimulator.platform/Developer/SDKs/iPhoneSimulator6.1.sdk/System/Library/PrivateFrameworks/WebKit.framework/WebKit:
Address:WebKit[0x0003a5a0](WebKit.__TEXT.__text+231680)
Summary:WebKit`PluginWidgetIOS::~PluginWidgetIOS()Address:WebKit[0x0003a5b0](WebKit.__TEXT.__text+231696)
Summary:WebKit`PluginWidgetIOS::~PluginWidgetIOS()Address:WebKit[0x0003a6f0](WebKit.__TEXT.__text+232016)
Summary:WebKit`PluginWidgetIOS::platformLayer()constAddress:WebKit[0x0003a750](WebKit.__TEXT.__text+232112)
Summary:WebKit`PluginWidgetIOS::willProvidePluginLayer()constAddress:WebKit[0x0003a7b0](WebKit.__TEXT.__text+232208)
Summary:WebKit`PluginWidgetIOS::attachPluginLayer()Address:WebKit[0x0003a810](WebKit.__TEXT.__text+232304)
Summary:WebKit`PluginWidgetIOS::detachPluginLayer()Address:WebKit[0x001335e0](WebKit.__DATA.__data+560)
Summary:vtableforPluginWidgetIOS
其中有用的信息是:
Address:WebKit[0x001335e0](WebKit.__DATA.__data+560)

Summary:vtableforPluginWidgetIOS
用IDA打开WebCore的静态库,goto(快捷键g)vtable所在的地址0x1335e0,可以看到:
__data:001335E0;`vtablefor'PluginWidgetIOS

__data:001335E0__ZTV15PluginWidgetIOSdb0;DATAXREF:__nl_symbol_ptr:__ZTV15PluginWidgetIOS_ptro
__data:001335E1db0
__data:001335E2db0
__data:001335E3db0
__data:001335E4db0
__data:001335E5db0
__data:001335E6db0
__data:001335E7db0
__data:001335E8ddoffset__ZN15PluginWidgetIOSD1Ev;PluginWidgetIOS::~PluginWidgetIOS()
__data:001335ECddoffset__ZN15PluginWidgetIOSD0Ev;PluginWidgetIOS::~PluginWidgetIOS()
__data:001335F0ddoffset__ZN7WebCore6Widget12setFrameRectERKNS_7IntRectE;WebCore::Widget::setFrameRect(WebCore::IntRectconst)
__data:001335F4ddoffset__ZN7WebCore6Widget5paintEPNS_15GraphicsContextERKNS_7IntRectE;WebCore::Widget::paint(WebCore::GraphicsContext*,WebCore::IntRectconst)
__data:001335F8ddoffset__ZN12PluginWidget14invalidateRectERKN7WebCore7IntRectE;PluginWidget::invalidateRect(WebCore::IntRectconst)
__data:001335FCddoffset__ZN7WebCore6Widget8setFocusEb;WebCore::Widget::setFocus(bool)
__data:00133600" target="_blank" title="查看00133600的资料">00133600ddoffset__ZN7WebCore6Widget4showEv;WebCore::Widget::show(void)
__data:00133604" target="_blank" title="查看00133604的资料">00133604ddoffset__ZN7WebCore6Widget4hideEv;WebCore::Widget::hide(void)
__data:00133608" target="_blank" title="查看00133608的资料">00133608ddoffset__ZN7WebCore6Widget16setParentVisibleEb;WebCore::Widget::setParentVisible(bool)
__data:0013360Cddoffset__ZNK7WebCore6Widget11isFrameViewEv;WebCore::Widget::isFrameView(void)
__data:00133610" target="_blank" title="查看00133610的资料">00133610ddoffset__ZNK7WebCore6Widget12isPluginViewEv;WebCore::Widget::isPluginView(void)
__data:00133614" target="_blank" title="查看00133614的资料">00133614ddoffset__ZNK7WebCore14PluginViewBase16isPluginViewBaseEv;WebCore::PluginViewBase::isPluginViewBase(void)
__data:00133618" target="_blank" title="查看00133618的资料">00133618ddoffset__ZNK7WebCore6Widget11isScrollbarEv;WebCore::Widget::isScrollbar(void)
__data:0013361Cddoffset__ZN7WebCore6Widget9setParentEPNS_10ScrollViewE;WebCore::Widget::setParent(WebCore::ScrollView*)
__data:00133620" target="_blank" title="查看00133620的资料">00133620ddoffset__ZN7WebCore6Widget11handleEventEPNS_5EventE;WebCore::Widget::handleEvent(WebCore::Event*)
__data:00133624" target="_blank" title="查看00133624的资料">00133624ddoffset__ZN7WebCore6Widget12notifyWidgetENS_18WidgetNotificationE;WebCore::Widget::notifyWidget(WebCore::WidgetNotification)
__data:00133628" target="_blank" title="查看00133628的资料">00133628ddoffset__ZN7WebCore6Widget17frameRectsChangedEv;WebCore::Widget::frameRectsChanged(void)
__data:0013362Cddoffset__ZN7WebCore6Widget22widgetPositionsUpdatedEv;WebCore::Widget::widgetPositionsUpdated(void)
__data:00133630" target="_blank" title="查看00133630的资料">00133630ddoffset__ZN7WebCore6Widget25transformsAffectFrameRectEv;WebCore::Widget::transformsAffectFrameRect(void)
__data:00133634" target="_blank" title="查看00133634的资料">00133634ddoffset__ZNK7WebCore6Widget23convertToContainingViewERKNS_7IntRectE;WebCore::Widget::convertToContainingView(WebCore::IntRectconst)
__data:00133638" target="_blank" title="查看00133638的资料">00133638ddoffset__ZNK7WebCore6Widget25convertFromContainingViewERKNS_7IntRectE;WebCore::Widget::convertFromContainingView(WebCore::IntRectconst)
__data:0013363Cddoffset__ZNK7WebCore6Widget23convertToContainingViewERKNS_8IntPointE;WebCore::Widget::convertToContainingView(WebCore::IntPointconst)
__data:00133640" target="_blank" title="查看00133640的资料">00133640ddoffset__ZNK7WebCore6Widget25convertFromContainingViewERKNS_8IntPointE;WebCore::Widget::convertFromContainingView(WebCore::IntPointconst)
__data:00133644" target="_blank" title="查看00133644的资料">00133644ddoffset__ZNK7WebCore6Widget13axObjectCacheEv;WebCore::Widget::axObjectCache(void)
__data:00133648" target="_blank" title="查看00133648的资料">00133648ddoffset__ZNK15PluginWidgetIOS13platformLayerEv;PluginWidgetIOS::platformLayer(void)
__data:0013364Cddoffset__ZNK15PluginWidgetIOS22willProvidePluginLayerEv;PluginWidgetIOS::willProvidePluginLayer(void)
__data:00133650" target="_blank" title="查看00133650的资料">00133650ddoffset__ZN15PluginWidgetIOS17attachPluginLayerEv;PluginWidgetIOS::attachPluginLayer(void)
__data:00133654" target="_blank" title="查看00133654的资料">00133654ddoffset__ZN15PluginWidgetIOS17detachPluginLayerEv;PluginWidgetIOS::detachPluginLayer(void)
__data:00133658" target="_blank" title="查看00133658的资料">00133658ddoffset__ZN7WebCore14PluginViewBase12scriptObjectEPN3JSC14JSGlobalObjectE;WebCore::PluginViewBase::scriptObject(JSC::JSGlobalObject*)
__data:0013365Cddoffset__ZN7WebCore14PluginViewBase27privateBrowsingStateChangedEb;WebCore::PluginViewBase::privateBrowsingStateChanged(bool)
__data:00133660" target="_blank" title="查看00133660的资料">00133660ddoffset__ZN7WebCore14PluginViewBase12getFormValueERN3WTF6StringE;WebCore::PluginViewBase::getFormValue(WTF::String)
__data:00133664" target="_blank" title="查看00133664的资料">00133664ddoffset__ZN7WebCore14PluginViewBase6scrollENS_15ScrollDirectionENS_17ScrollGranularityE;WebCore::PluginViewBase::scroll(WebCore::ScrollDirection,WebCore::ScrollGranularity)
__data:00133668" target="_blank" title="查看00133668的资料">00133668ddoffset__ZN7WebCore14PluginViewBase19horizontalScrollbarEv;WebCore::PluginViewBase::horizontalScrollbar(void)
__data:0013366Cddoffset__ZN7WebCore14PluginViewBase17verticalScrollbarEv;WebCore::PluginViewBase::verticalScrollbar(void)
__data:00133670ddoffset__ZN7WebCore14PluginViewBase16wantsWheelEventsEv;WebCore::PluginViewBase::wantsWheelEvents(void)
__data:00133674align10h

这是PluginWidgetIOS的虚函数表。从分号后的注释可以看到函数直接的执行地址,分别有指向Widget、PluginWidget、PluginViewBase的函数,可以知道PluginWidgetIOS是他们的直接或间接子类。


再利用lldb分别imagelookup这三个类,就可以看出继承链为:


PluginWidgetIOS-PluginViewBase-PluginWidget-Widget

因为PluginWidget的虚表里不会出现PluginViewBase,Widget的虚表里不会出现PluginWidget和PluginViewBase。当然,这三个类在开源码中也能找到继承关系。



email:hursing@163.com

weibo:@hursing

微信:(干IT的应该都能猜出来)

QQ:(比上面那个动多点脑筋还是能找到的)

程序员内部培训

hursing:
@wy5761:感觉不能完全依赖公司文化。公司大到一定程度,会招收很多的应届生,不能指望他们一来就很...



程序员内部培训

wy5761:
赞!写的很好!对于培训,也许有总比没有好,不过效果就难说了。优秀的程序员、优秀的团队肯定不是培训出来...



利用Objective-C运行时hook函数的三种方法

hursing:
@u012005181:经过测试确实是这样。.m文件不能用inline。我把原本的inline删掉就...



程序员内部培训

HorkyChen:
赞!写得很好!公司由小及大,开始遇到问题时,见神杀神,实在杀不掉就绕着走,都是直接的从解决问题的术的...



程序员内部培训

hursing:
@u011731233:嗯,解bug能力是锻炼出来的,包含基础知识和思维方式,后者很难培训出来。这是...



程序员内部培训

u011731233:
就算有些简单的培训也远远不够应付实际开发中遇到的各种bug。人家用码农来贬低程序员,其实当程序员要求...



IDA反汇编/反编译静态分析iOS模拟器程序(九)block

yinhanmsn:
@hursing:恩,感谢大神指导。同时也希望大神有时间能出篇C++stripsymbol的文章...



IDA反汇编/反编译静态分析iOS模拟器程序(九)block

hursing:
@yinhanmsn:只要是objC写的代码,类名函数名变量名都会看得到,跟block没关系,除非你...






 
推荐新闻
 
 
手机浏览
瞬间新闻网 Total 0.034712(s) query 6, 报料QQ:点击这里给我发消息