Created
August 27, 2017 05:29
-
-
Save tejasmanohar/a97a4688236930f1e6730b52a6dab96e to your computer and use it in GitHub Desktop.
Hopper's disassembly of SkyLight.framework's SLSGetActiveSpace function
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| _SLSGetActiveSpace: | |
| 0006134c push ebp | |
| 0006134d mov ebp, esp | |
| 0006134f push edi | |
| 00061350 push esi | |
| 00061351 sub esp, 0x40 | |
| 00061354 call __pic | |
| __pic: | |
| 00061359 pop edi ; CODE XREF=_SLSGetActiveSpace+8 | |
| 0006135a mov ecx, dword [ebp+arg_0] | |
| 0006135d call _CGSGetConnectionPortById | |
| 00061362 mov dword [ebp+var_40], 0x1513 | |
| 00061369 mov dword [ebp+var_38], eax | |
| 0006136c call imp___symbol_stub__mig_get_reply_port | |
| 00061371 mov dword [ebp+var_34], eax | |
| 00061374 mov dword [ebp+var_2C], 0x7395 | |
| 0006137b xor esi, esi | |
| 0006137d mov dword [ebp+var_30], esi | |
| 00061380 cmp dword [edi-0x61359+_voucher_mach_msg_set_7c178], esi ; _voucher_mach_msg_set_7c178 | |
| 00061386 je loc_6139a | |
| 00061388 sub esp, 0xc | |
| 0006138b lea eax, dword [ebp+var_40] | |
| 0006138e push eax | |
| 0006138f call imp___symbol_stub__voucher_mach_msg_set | |
| 00061394 add esp, 0x10 | |
| 00061397 mov eax, dword [ebp+var_34] | |
| loc_6139a: | |
| 0006139a sub esp, 0x4 ; CODE XREF=_SLSGetActiveSpace+58 | |
| 0006139d lea ecx, dword [ebp+var_40] | |
| 000613a0 push esi ; argument "notify" for method imp___symbol_stub__mach_msg | |
| 000613a1 push esi ; argument "timeout" for method imp___symbol_stub__mach_msg | |
| 000613a2 push eax ; argument "rcv_name" for method imp___symbol_stub__mach_msg | |
| 000613a3 push 0x34 ; argument "rcv_size" for method imp___symbol_stub__mach_msg | |
| 000613a5 push 0x18 ; argument "send_size" for method imp___symbol_stub__mach_msg | |
| 000613a7 push 0x3 ; argument "option" for method imp___symbol_stub__mach_msg | |
| 000613a9 push ecx ; argument "msg" for method imp___symbol_stub__mach_msg | |
| 000613aa call imp___symbol_stub__mach_msg | |
| 000613af add esp, 0x20 | |
| 000613b2 lea ecx, dword [eax-0x10000002] | |
| 000613b8 cmp ecx, 0xe | |
| 000613bb ja loc_613d4 | |
| 000613bd mov edx, 0x4003 | |
| 000613c2 bt edx, ecx | |
| 000613c5 jae loc_613d4 | |
| 000613c7 sub esp, 0xc | |
| 000613ca push dword [ebp+var_34] ; argument "reply_port" for method imp___symbol_stub__mig_put_reply_port | |
| 000613cd call imp___symbol_stub__mig_put_reply_port | |
| 000613d2 jmp loc_6141c | |
| loc_613d4: | |
| 000613d4 test eax, eax ; CODE XREF=_SLSGetActiveSpace+111, _SLSGetActiveSpace+121 | |
| 000613d6 jne loc_61411 | |
| 000613d8 xor eax, eax | |
| 000613da cmp dword [ebp+var_2C], 0x73f9 | |
| 000613e1 jne loc_61421 | |
| 000613e3 mov ecx, dword [ebp+var_40] | |
| 000613e6 test ecx, ecx | |
| 000613e8 mov edx, 0x0 | |
| 000613ed js loc_61423 | |
| 000613ef xor eax, eax | |
| 000613f1 cmp dword [ebp+var_3C], 0x2c | |
| 000613f5 mov edx, 0x0 | |
| 000613fa jne loc_61423 | |
| 000613fc xor eax, eax | |
| 000613fe cmp dword [ebp+var_20], 0x0 | |
| 00061402 mov edx, 0x0 | |
| 00061407 jne loc_61423 | |
| 00061409 mov eax, dword [ebp+var_1C] | |
| 0006140c mov edx, dword [ebp+var_18] | |
| 0006140f jmp loc_61423 | |
| loc_61411: | |
| 00061411 sub esp, 0xc ; CODE XREF=_SLSGetActiveSpace+138 | |
| 00061414 push dword [ebp+var_34] ; argument "reply_port" for method imp___symbol_stub__mig_dealloc_reply_port | |
| 00061417 call imp___symbol_stub__mig_dealloc_reply_port | |
| loc_6141c: | |
| 0006141c add esp, 0x10 ; CODE XREF=_SLSGetActiveSpace+134 | |
| 0006141f xor eax, eax | |
| loc_61421: | |
| 00061421 xor edx, edx ; CODE XREF=_SLSGetActiveSpace+149 | |
| loc_61423: | |
| 00061423 add esp, 0x40 ; CODE XREF=_SLSGetActiveSpace+161, _SLSGetActiveSpace+174, _SLSGetActiveSpace+187, _SLSGetActiveSpace+195 | |
| 00061426 pop esi | |
| 00061427 pop edi | |
| 00061428 pop ebp | |
| 00061429 ret |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment