0

I can't figure out the prototype for this simple function:

In stack: stack screenshot

Function call:

function call screenshot

That's what I got so far, and it causes an error.

//No idea
void CameraDeviceCreate(int one,int two,int* three);

There are three registers used (R0,R1,R2) so there should be three arguments. Third one refers to a stack variable (I still don't get how that works). #0x28 (var_28) is only mentioned in the ADD call, not sure what it could be. Where did I make a mistake?

If I missed some info out tell me and I'll add it. This is from Camera.framework by the way.

Kristina
  • 15,859
  • 29
  • 111
  • 181
  • This is WAY too little information for reverse engineering. I would think that Apple is likely to reject an app that links to a private interface. – Potatoswatter Aug 12 '10 at 23:50
  • What do you mean by "it causes an error"? Do you have any information about what's in R4 and R5 when `CameraDeviceCreate()` is called? Does R4 have something to do with `var_28`? It appears that R4 might be a pointer to a struct, and what's being passed to the function is a pointer to one of the struct's fields. – Michael Burr Aug 12 '10 at 23:53
  • @Potatoswatter: never mind AppStore. @Michael Burr No I don't, and I can't attach a debugger to that application because gdb crashes. Besides I don't know how to use GDB beyond basic debugging. – Kristina Aug 13 '10 at 00:33

1 Answers1

0

Why do you think you have it wrong?

Note, there is no guarantee that the third parameter is 'int*' - you need to look at what is in R4 at that point - I would guess its actually some sort of structure being pointed at, rather than an int.

Jeff
  • 334
  • 1
  • 1