汇编代码:

; 状态:R0 = imageFileName, R1 = mainBundle, R2 = isRetina

PUSH    {R4-R7,LR} ; R0 = imageFileName, R1 = mainBundle, R2 = isRetina

ADD      R7, SP, #0xC

PUSH.W  {R8,R10,R11}

STR.W    R2, [SP,#0x18+var_1C]!

MOV      R4, R0  ; R4 = R0 = imageFileName

MOV      R0, #(selRef_length - 0x17BB0) ; selRef_length

MOV      R10, R1 ; R10 = R1 = mainBundle

ADD      R0, PC ; selRef_length

LDR      R1, [R0] ; "length"

MOV      R0, R4  ; R0 = R4 = imageFileName

BLX.W    _objc_msgSend ; [imageFileName length]

MOVS     R6, #0  ; R6 = 0

CMP      R0, #0  ; check if R0 is 0

BEQ.W    loc_17D1C ; if R0 is 0, goto the label

MOV      R0, R4  ; R0 = R4 = imageFileName

MOV      R1, R10 ; R1 = R10 = mainBundle

BL     __UICacheNameForImageAtPath ; arg_0:imageFileName, arg_1:mainBundle, result:com.proteas.hello_Default.png

MOVW     R8, #(:lower16:(__MergedGlobals_36 - 0x17BD4))

MOV      R5, R0  ; R5 = R0 = imageCacheName

MOVT.W   R8, #(:upper16:(__MergedGlobals_36 - 0x17BD4))

ADD      R8, PC ; __MergedGlobals_36

ADD.W    R11, R8, #0x10 ; R11 = R8 + 16

MOV      R0, R11 ; lock, OSSpinLock*, 访问全局变量,加锁

BLX.W    _OSSpinLockLock ; arg_0: OSSpinLock*

LDR.W    R0, [R8,#(dword_62C524 - 0x62C510)] ; R0 = cachedImageMap, key:imageCacheName, value:UIImageObject

MOVS      R6, #0  ; R6 = 0

CBZ       R0, loc_17BEC ; if cachedImageMap is nil, goto the label

MOV       R1, R5  ; R1 = R5 = imageCacheName

BLX.W _CFDictionaryGetValue ; CFDictionaryGetValue(cachedImageMap, imageCacheName)

MOV       R6, R0  ; R6 = R0 = cachedUIImageObject

loc_17BEC:

MOV       R0, #(selRef_retainCount - 0x17BF8) ; selRef_retainCount

ADD       R0, PC ; selRef_retainCount

LDR       R1, [R0] ; "retainCount"

MOV       R0, R6  ; R0 = R6 = cachedUIImageObject

BLX.W     _objc_msgSend ; [cachedUIImageObject retainCount]

CBNZ     R0, loc_17C08 ; if retainCount of cachedUIImageObject is not 0, goto the label

MOV      R0, R11 ; lock

BLX.W    _OSSpinLockUnlock

B        loc_17C50

loc_17C08:

MOV      R0, #(selRef__isCached - 0x17C14) ; selRef__isCached

ADD      R0, PC ; selRef__isCached

LDR      R1, [R0] ; R1 = "_isCached"

MOV      R0, R6  ; R0 = R6 = cachedUIImageObject

BLX.W    _objc_msgSend ; R0 = isCached

TST.W    R0, #0xFF ; check if R0 is true

BNE      loc_17C46 ; if not cached, goto the label

MOV      R0, #(selRef_retain - 0x17C2C) ; selRef_retain

ADD      R0, PC ; selRef_retain

LDR      R1, [R0] ; "retain"

MOV      R0, R6  ; R0 = R6 = cachedUIImageObject

BLX.W    _objc_msgSend ; [cachedUIImageObject retain]

MOVW     R0, #(:lower16:(selRef__setCached_ - 0x17C40))

MOVS     R2, #1  ; R2 = 1

MOVT.W   R0, #(:upper16:(selRef__setCached_ - 0x17C40))

ADD      R0, PC ; selRef__setCached_

LDR      R1, [R0] ; "_setCached:"

MOV      R0, R6  ; R0 = R6 = cachedUIImageObject

BLX.W    _objc_msgSend ; [cachedUIImageObject _setCached:YES]

loc_17C46:

MOV      R0, R11 ; lock

BLX.W    _OSSpinLockUnlock ; 释放锁

CMP      R6, #0  ; check if cachedUIImageObject is nil

BNE      loc_17D1C ; if not nil, goto the label

loc_17C50:

MOVW     R3, #(:lower16:(_GetImageAtPath+1 - 0x17C60))

MOV      R0, R4  ; R0 = R4 = imageFileName

MOVT.W   R3, #(:upper16:(_GetImageAtPath+1 - 0x17C60))

LDR      R2, [SP,#0x1C+var_1C] ; R2 = isRetina

ADD      R3, PC ; _GetImageAtPath ; R3 = _GetImageAtPath

MOV      R1, R10 ; R1 = R10 = mainBundle

BL    __UIImageCallFunctionForAppropriatePath ; arg_0:imageFileName, arg_1 = mainBundle, arg_2 = isRetina, arg_3 = _GetImageAtPath

MOV      R6, R0  ; R6 = R0 = UIImageObject

CMP      R6, #0  ; check if UIImageObject is nil

BEQ      loc_17D1C ; if failed, goto label

MOV      R0, R11 ; lock

BLX.W    _OSSpinLockLock

LDR.W    R0, [R8,#0x14] ; R0 = pointer to imageCacheMap

CBNZ     R0, loc_17CAE ; R1 = R5 = imageCacheName

MOVW     R0, #(:lower16:(_kCFTypeDictionaryKeyCallBacks_ptr - 0x17C86))

MOVS     R1, #0  ; R1 = capacity = 0

MOVT.W R0, #(:upper16:(_kCFTypeDictionaryKeyCallBacks_ptr - 0x17C86))

MOVS     R3, #0  ; R3 = valueCallBacks = 0

ADD      R0, PC ; _kCFTypeDictionaryKeyCallBacks_ptr

LDR      R2, [R0] ; _kCFTypeDictionaryKeyCallBacks

MOVS     R0, #0  ; R0 = allocator = NULL

BLX.W    _CFDictionaryCreateMutable ; R0 = cachedImageMap

MOVW     R1, #(:lower16:(_kCFTypeDictionaryValueCallBacks_ptr - 0x17C9E))

MOVS     R2, #0  ; R2 = keyCallBacks = NULL

MOVT.W          R1, #(:upper16:(_kCFTypeDictionaryValueCallBacks_ptr - 0x17C9E))

STR.W   R0, [R8,#0x14]

ADD      R1, PC ; _kCFTypeDictionaryValueCallBacks_ptr

MOVS     R0, #0  ; R0 = allocator = NULL

LDR      R3, [R1] ; _kCFTypeDictionaryValueCallBacks

MOVS     R1, #0  ; R1 = capacity = 0

BLX.W    _CFDictionaryCreateMutable

STR.W    R0, [R8,#0x18]

LDR.W    R0, [R8,#0x14]

loc_17CAE:

MOV      R1, R5  ; R1 = R5 = imageCacheName

BLX.W    _CFDictionaryContainsKey

CBNZ     R0, loc_17CF8 ; if has cached, goto the label

MOVW     R0, #(:lower16:(selRef__setNamed_ - 0x17CC4))

MOVS     R2, #1  ; R2 = YES

MOVT.W   R0, #(:upper16:(selRef__setNamed_ - 0x17CC4))

ADD      R0, PC ; selRef__setNamed_

LDR      R1, [R0] ; "_setNamed:"

MOV      R0, R6  ; R0 = R6 = UIImageObject

BLX.W    _objc_msgSend ; [UIImageObject _setNamed:YES]

MOVW     R0, #(:lower16:(selRef__setCached_ - 0x17CD8))

MOVS     R2, #1

MOVT.W   R0, #(:upper16:(selRef__setCached_ - 0x17CD8))

ADD      R0, PC ; selRef__setCached_

LDR      R1, [R0] ; "_setCached:"

MOV      R0, R6

BLX.W   _objc_msgSend ; [UIImageObject _setCached:YES]

LDR.W    R0, [R8,#0x14] ; R0 = cachedImageMap

MOV      R1, R5  ; R1 = R5 = imageCacheName

MOV      R2, R6  ; R2 = R6 = UIImageObject

BLX.W   _CFDictionarySetValue ; arg_0:cachedImageMap, arg_1 = imageCacheName, arg_2 = imageObject

LDR.W    R0, [R8,#0x18]

MOV      R1, R6  ; R1 = R6 = UIImageObject

MOV      R2, R5  ; R2 = R5 = imageCacheName

BLX.W  _CFDictionarySetValue ; arg_0: dictionary, arg_1: imageObject, arg_2 = imageCacheName

B        loc_17D16

loc_17CF8:

MOV     R0, #(selRef_release - 0x17D04) ; selRef_release

ADD     R0, PC ; selRef_release

LDR     R1, [R0] ; "release"

MOV     R0, R6  ; R0 = R6 = UIImageObject

BLX.W  _objc_msgSend ; [UIImageObject release]

LDR.W  R0, [R8,#0x14] ; R0 = cachedImageMap

MOV    R1, R5  ; R1 = R5 = imageCacheName

BLX.W  _CFDictionaryGetValue

MOV    R6, R0  ; R6 = R0 = result UIImage instance

loc_17D16:

MOV    R0, R11 ; lock

BLX.W  _OSSpinLockUnlock ; release spin lock

loc_17D1C:

MOV    R0, R6  ; R0 = R6 = nil

ADD    SP, SP, #4

POP.W  {R8,R10,R11}

POP     {R4-R7,PC}

伪代码:

NSDictionary *gCachedImageMapNameToImage = nil;

NSDictionary *gCachedImageMapImageToName = nil;

_UIImageAtPath(NSString *imageFileName, NSBundle *mainBundle, BOOL isRetina) {

if ([imageFileName length] == 0)

returnnil;

if (gCachedImageMapNameToImage == nil) {

gCachedImageMapNameToImage = [[NSMutableDictionaryalloc] init];

gCachedImageMapImageToName = [[NSMutableDictionaryalloc] init];

}

NSString *imageCacheName = _UICacheNameForImageAtPath(imageFileName, mainBundle);

UIImage *cachedImage = [gCachedImageMapNameToImageobjectForKey:imageCacheName];

if (cachedImage == nil) {

cachedImage = _UIImageCallFunctionForAppropriatePath(imageFileName, mainBundle, isRetina, _UIImageAtPath);

if (cachedImage == nil) {

returnnil;

} else {

[gCachedImageMapNameToImagesetObject:cachedImage forKey:imageCacheName];

[gCachedImageMapImageToNamesetObject:imageCacheName forKey:cachedImage];

[cachedImage _setNamed:YES];

[cachedImage _setCached:YES];

}

} else {

if (![cachedImage _isCached]) {

[cachedImage _setCached:YES];

}

}

return cachedImage;

}

[原]逆向iOS SDK -- _UIImageAtPath 的实现(SDK 6.1)的更多相关文章

  1. [原]逆向iOS SDK -- _UIImageAtPath 的实现(SDK 5.1)

    注释过的反汇编代码:http://pan.baidu.com/share/link?shareid=3491166579&uk=537224442 伪代码(不精确,仅供参考): NSStrin ...

  2. [原]逆向iOS SDK -- “添加本地通知”的流程分析

    观点: 代码面前没有秘密 添加通知的 Demo 代码 - (void)scheduleOneLocalNotification { [[UIApplication sharedApplication] ...

  3. [原]逆向iOS SDK -- +[UIImage imageNamed:] 的实现

    汇编代码: ; Dump of assembler code for function +[UIImage imageNamed:] ; R0 = UIImage, R1 = "imageN ...

  4. [Office][C#] NPOI、OpenXML SDK、OpenOffice.org SDK 写入资料到 EXCEL 档案[转]

    原文地址:http://www.dotblogs.com.tw/chou/archive/2010/04/29/14912.aspx 一.簡介 要將資料寫入 EXCEL 檔案有許多的方法,但假如電腦不 ...

  5. Android SDK Tools和Android SDK Platform-tools

    SDK Platform 可以理解为版本,因此有 SDK Platform 7,SDK Platform 8等等Android SDK Tools 是各个版本都可通用的工具文件夹,里面有draw9pa ...

  6. 阿里云SDK手册之java SDK

    进行阿里云sdk开发的前提是已经购买阿里云的相关服务才能调用阿里的相关接口进行开发.最近公司在做云管控的项目,于是进行下摘录总结. 一. 环境准备 阿里云针对不同的开发语言提供不同的sdk,由于项目用 ...

  7. 打开SDK Manager检查Android SDK下载和更新失败的解决方法

    [故障描述] 打开SDK Manager检查Android  SDK状况,出现以下情况: Failed to fetch URL https://dl-ssl.google.com/android/r ...

  8. “AIR SDK 0.0: AIR SDK location “...\devsdks\AIRSDK\Win” does not exist.”问题解决~

    原文同步至:http://www.waylau.com/air-sdk-0-0-air-sdk-location-does-not-exist-address/ 导入AS3项目时提示“AIR SDK ...

  9. Android sdk platform,sdk tools,sdk Build tools,sdk platform tools 的关系

    1. sdk platform 简单理解为系统版本 最新级别: 28:Android 9 27:Android 8.1 26:Android 8.0 25:Android 7.1 24:Android ...

随机推荐

  1. 如何让虚拟机识别插入的USB闪存驱动器

    首先,打开虚拟机,再就是工具栏 有一台虚拟机 -> 移动设备  -> usb ->欧克. 版权声明:本文博主原创文章,博客,未经同意不得转载.

  2. android进度条

    android进度条 1.达到的效果 2.布局代码 先写一个my_browser.xml文件 存放WebView <?xml version="1.0" encoding=& ...

  3. C#操作Xml:使用XmlReader读Xml

    XmlDocument和XElement在读取Xml时要将整个Xml文档放到内存中去操作,这样做操作简单,但是很费内存和IO(可能是磁盘IO或者网络IO):而在有些场景下我们必须考虑尽可能节省内存和I ...

  4. oracle_分区表的新增、修改、删除、合并。普通表转分区表方法

    一. 分区表理论知识Oracle提供了分区技术以支持VLDB(Very Large DataBase).分区表通过对分区列的判断,把分区列不同的记录,放到不同的分区中.分区完全对应用透明. Oracl ...

  5. ios MKNetworkKit 的使用

    常用框架比如:AFNetworking,ASIHttpRequest,SDWebImage,MKNetWorKit等. iOS5已出来这么久了,而ASIHttpRequest的作者已经申明不更新了,在 ...

  6. 小言HTTP Authentication

    什么是Authentication? 首先解释两个长的非常像.easy混淆的单词,Authentication(鉴定.认证)和Authorization(授权). Authentication就是要证 ...

  7. 安装Codeception框架

    安装Codeception框架 打开终端,进入项目根目录: composer require "codeception/codeception:*" 安装完成,在vendor目录会 ...

  8. uva 1560 - Extended Lights Out(枚举 | 高斯消元)

    题目链接:uva 1560 - Extended Lights Out 题目大意:给定一个5∗6的矩阵,每一个位置上有一个灯和开关,初始矩阵表示灯的亮暗情况,假设按了这个位置的开关,将会导致周围包含自 ...

  9. 机器学习学习-Types of learning

    Types of learning 基于个人理解.于我们在面对一个详细的问题时.可以依据要达到的目标选择合适的机器学习算法来得到想要的结果.比方,推断一封电子邮件是否是垃圾邮件,就要使用分类(clas ...

  10. C语言内存对齐(2)

    前两天参加了360测试实习生的笔试,碰到了一个有关c语言内存对齐的题目,回来后实现了一下,下面是代码: #include <stdio.h> #include <stdlib.h&g ...