Is the a good way to find server side of mach_msg?

Question

I am disassembling a lot of iOS operation system code now (frameworks, system daemons). One of the common methods to do a system call is usage of mach_msg.

So, I can see on the client side, how mach_msg is constructed. Quite often I know a system daemon, which will handle this call. However, I am not sure how to find call handler in this daemon disassembled code.

Is there a good rule of thumb, how to find a handler?

score 1 · Accepted Answer · answered Sep 11 '12 at 21:51

1

I found following (at least in one deamon)

a) mach_msg_server_once method is called and first parameter to it is callback method

b) Usually this callback method checks for msgh_id and looks up in dispatch table addresses of methods to dispatch call to.

answered Sep 11 '12 at 21:51

Victor Ronin

22,758
18
92
184

Is the a good way to find server side of mach_msg?

1 Answers1