Skip to content

Latest commit

 

History

History
71 lines (52 loc) · 2.98 KB

README.md

File metadata and controls

71 lines (52 loc) · 2.98 KB

Apple Blocks Plugin

Author: Daniel Roethlisberger

Annotation of Apple libclosure blocks.

Description

Type annotation of stack and global blocks, block descriptors, variables closed over and related function signatures in Binary Ninja. Blocks are an implementation of closures often found in C, C++, ObjC and ObjC++ code for Apple platforms. Blocks are not the same as C++ lambdas.

Screenshot comparing before and after annotation

Commands:

  • Annotate all blocks
  • Annotate all global blocks
  • Annotate all stack blocks
  • Annotate global block here
  • Annotate stack block here
  • Annotate stack byref here
  • Remove plugin comment here (deprecated)

Features:

  • Find and annotate global and stack blocks
  • Annotate block imported variables based on inline or out-of-line generic helper info or extended layout
  • Annotate block invoke function type based on encoded block ObjC type signature
  • Annotate block descriptors, copy/dispose functions, generic helper info and out-of-line extended layout bytecode
  • Annotate stack byrefs (__block variables) based on non-extended layout or inline or out-of-line extended layout, including keep and destroy functions
  • Define per-block and per-byref named structs to allow for manual fixups
  • Define structs for fully manual annotation: Block_literal, Block_descriptor_1, Block_descriptor_2, Block_descriptor_3, Block_byref_1, Block_byref_2, Block_byref_3.

Known limitations:

  • Automatic discovery of blocks and byrefs on the stack is unreliable by nature and depends on Binary Ninja's ability to lift into clean HLIL
  • No support for "small descriptors"
  • No support for 32-bit architectures
  • No support for "old GC layout"
  • No support for older block layout from before the introduction of block descriptors
  • Byrefs passed as function arguments are not automatically discovered

References

Blocks language docs:

Blocks implementation details:

Objective-C Type Encodings:

License

This plugin is released under an MIT license.