问题描述
我对swift函数名称规则有疑问。当我在IDA Pro中尝试分析用swift编写的iOS应用程序(也许OS X是相同的情况)时,例如swift-2048,我得到了这样的函数名称:
I have a question about swift function name rule. As I tried in IDA Pro to analyze a iOS app (Maybe OS X is the same case) written in swift, such as swift-2048, I got function name like this :
EXPORT __TFC10swift_204811AppDelegate27applicationWillResignActivefS0_FCSo13UIApplicationT_
__text:00022FAC __TFC10swift_204811AppDelegate27applicationWillResignActivefS0_FCSo13UIApplicationT_
...
__text:00022FCC __TToFC10swift_204811AppDelegate27applicationWillResignActivefS0_FCSo13UIApplicationT_
第一个和第二个函数名称看起来非常相似。只有一个区别是TFC和TToFC。有什么不同?我看到一些函数sub是不同的:
First and second function name looks very similar. Only one difference is "TFC" and "TToFC". What's the different? I saw some function sub is different:
__text:00022FAC EXPORT __TFC10swift_204811AppDelegate27applicationWillResignActivefS0_FCSo13UIApplicationT_
__text:00022FAC __TFC10swift_204811AppDelegate27applicationWillResignActivefS0_FCSo13UIApplicationT_
__text:00022FAC ; DATA XREF: __objc_data:0004A51Co
__text:00022FAC STMFD SP!, {R4,R7,LR}
__text:00022FB0 MOV R4, R0
__text:00022FB4 MOV R0, R1
__text:00022FB8 ADD R7, SP, #4
__text:00022FBC BL _objc_release
__text:00022FC0 MOV R0, R4
__text:00022FC4 LDMFD SP!, {R4,R7,LR}
__text:00022FC8 B _objc_release
__text:00022FC8 ; End of function __TFC10swift_204811AppDelegate27applicationWillResignActivefS0_FCSo13UIApplicationT_
__text:00022FC8
__text:00022FCC
__text:00022FCC ; =============== S U B R O U T I N E =======================================
__text:00022FCC
__text:00022FCC
__text:00022FCC __TToFC10swift_204811AppDelegate27applicationWillResignActivefS0_FCSo13UIApplicationT_
__text:00022FCC ; DATA XREF: __objc_const:00049A28o
__text:00022FCC BX LR
__text:00022FCC ; End of function __TToFC10swift_204811AppDelegate27applicationWillResignActivefS0_FCSo13UIApplicationT_
但其中一些非常相似:
__text:000230B4 EXPORT __TFC10swift_204811AppDelegatecfMS0_FT_S0_
__text:000230B4 __TFC10swift_204811AppDelegatecfMS0_FT_S0_
__text:000230B4 ; DATA XREF: __objc_data:0004A530o
__text:000230B4
__text:000230B4 var_10 = -0x10
__text:000230B4 var_C = -0xC
__text:000230B4
__text:000230B4 STMFD SP!, {R7,LR}
__text:000230B8 MOV R7, SP
__text:000230BC SUB SP, SP, #8
__text:000230C0 MOV R1, #(:lower16:(__TWvdvC10swift_204811AppDelegate6windowGSqCSo8UIWindow_ - 0x230D4))
__text:000230C4 MOV R2, #0
__text:000230C8 MOVT R1, #(:upper16:(__TWvdvC10swift_204811AppDelegate6windowGSqCSo8UIWindow_ - 0x230D4))
__text:000230CC LDR R1, [PC,R1] ; __TWvdvC10swift_204811AppDelegate6windowGSqCSo8UIWindow_
__text:000230D0 STR R2, [R0,R1]
__text:000230D4 STR R0, [SP,#0x10+var_10]
__text:000230D8 MOV R0, #(__TMdC10swift_204811AppDelegate - 0x230E8)
__text:000230E0 ADD R0, PC, R0 ; __TMdC10swift_204811AppDelegate
__text:000230E4 ADD R0, R0, #8
__text:000230E8 STR R0, [SP,#0x10+var_C]
__text:000230EC MOV R1, #(:lower16:(selRef_init - 0x23100))
__text:000230F0 MOV R0, SP
__text:000230F4 MOVT R1, #(:upper16:(selRef_init - 0x23100))
__text:000230F8 LDR R1, [PC,R1] ; selRef_init ; "init"
__text:000230FC BL _objc_msgSendSuper2
__text:00023100 MOV SP, R7
__text:00023104 LDMFD SP!, {R7,PC}
__text:00023104 ; End of function __TFC10swift_204811AppDelegatecfMS0_FT_S0_
__text:00023104
__text:00023108
__text:00023108 ; =============== S U B R O U T I N E =======================================
__text:00023108
__text:00023108
__text:00023108 __TToFC10swift_204811AppDelegatecfMS0_FT_S0_
__text:00023108 ; DATA XREF: __objc_const:00049A64o
__text:00023108
__text:00023108 var_10 = -0x10
__text:00023108 var_C = -0xC
__text:00023108
__text:00023108 STMFD SP!, {R7,LR}
__text:0002310C MOV R7, SP
__text:00023110 SUB SP, SP, #8
__text:00023114 MOV R1, #(:lower16:(__TWvdvC10swift_204811AppDelegate6windowGSqCSo8UIWindow_ - 0x23128))
__text:00023118 MOV R2, #0
__text:0002311C MOVT R1, #(:upper16:(__TWvdvC10swift_204811AppDelegate6windowGSqCSo8UIWindow_ - 0x23128))
__text:00023120 LDR R1, [PC,R1] ; __TWvdvC10swift_204811AppDelegate6windowGSqCSo8UIWindow_
__text:00023124 STR R2, [R0,R1]
__text:00023128 STR R0, [SP,#0x10+var_10]
__text:0002312C MOV R0, #(__TMdC10swift_204811AppDelegate - 0x2313C)
__text:00023134 ADD R0, PC, R0 ; __TMdC10swift_204811AppDelegate
__text:00023138 ADD R0, R0, #8
__text:0002313C STR R0, [SP,#0x10+var_C]
__text:00023140 MOV R1, #(:lower16:(selRef_init - 0x23154))
__text:00023144 MOV R0, SP
__text:00023148 MOVT R1, #(:upper16:(selRef_init - 0x23154))
__text:0002314C LDR R1, [PC,R1] ; selRef_init ; "init"
__text:00023150 BL _objc_msgSendSuper2
__text:00023154 MOV SP, R7
__text:00023158 LDMFD SP!, {R7,PC}
__text:00023158 ; End of function __TToFC10swift_204811AppDelegatecfMS0_FT_S0_
推荐答案
Swift正在使用名称Mangling 用于命名方法,类.....我遇到了这个描述了swift name mangling。关于修剪的部分如下所示。
Swift is using Name Mangling for the naming of methods,classes..... I came across this article which describes about swift name mangling. Section about mangling is shown below.
Swift将关于函数(以及更多)的元数据保存在各自的符号中,这称为名称修改。此元数据包括函数的名称(显然),属性,模块名称,参数类型,返回类型等。以此为例:
Swift keeps metadata about functions (and more) in their respective symbols, which is called name mangling. This metadata includes the function’s name (obviously), attributes, module name, argument types, return type, and more. Take this for example:
class Shape{
func numberOfSides() -> Int {
return 5
}
}
错误的名字对于simpleDescription方法, _TFC9swifttest5Shape17simpleDescriptionfS0_FT_Si 。
The mangled name for the simpleDescription method is _TFC9swifttest5Shape17simpleDescriptionfS0_FT_Si.
以下是细分:
-
_T - 所有人的前缀迅捷的符号。一切都将从此开始。
_T – The prefix for all Swift symbols. Everything will start with this.
F - 功能。
C - 功能一类。 (方法)
C – Function of a class. (method)
9swifttest - 模块名称,带有前缀长度。
9swifttest – The module name, with a prefixed length.
5Shape - 函数所属的类名,同样具有前缀长度。
5Shape – The class name the function belongs to, again, with a prefixed length.
17simpleDescription - 函数名称。
17simpleDescription – The function name.
f - 函数属性。在这种情况下它是'f',这只是一个
正常函数。我们将在一分钟内完成。
f – The function attribute. In this case it’s ‘f’, which is just anormal function. We’ll get to that in a minute.
S0_FT - 我不确定这意味着什么,但似乎标记为
参数和返回类型的开始。
S0_FT – I’m not exactly sure what this means, but it appears to markthe start of the arguments and return type.
'_' - 此下划线将参数类型与返回
类型分开。由于函数不带参数,它直接来自
S0_FT。
‘_’ – This underscore separates the argument types from the returntype. Since the function takes no arguments, it comes directly afterS0_FT.
S - 这是返回类型的开头。 'S'代表
Swift;返回类型是Swift内置类型。下一个字符
确定类型。
S – This is the beginning of the return type. The ‘S’ stands forSwift; the return type is a Swift builtin type. The next characterdetermines the type.
i - 这是Swift内置类型。小写的'I',代表
Int。
i – This is the Swift builtin type. A lowercase ‘I’, which stands forInt.
摘自:
看起来像实际的链接是破碎,找到镜子
looks like actual link is broken, find mirror here
这篇关于Swift逆向工程:swift函数名称规则?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持!