Difference between revisions of "Talk:Research: Pwnage Patches"

From The iPhone Wiki
Jump to: navigation, search
(New page: What is more important, is the code before 1800587C. Compilers translate actions like :if (condition is good) ::then into conditional jumps. What you can see with the MOV and REG is mo...)
 
Line 6: Line 6:
 
::then
 
::then
   
into conditional jumps. What you can see with the MOV and REG is most probably the result of a failed condition (-1). Afterwards it depends on the compiler, how it further treats the result.
+
into conditional jumps. What you can see with the MOV and REG is most probably the result of a failed condition (-1) (or failed function result). Afterwards it depends on the compiler, how it further treats the result.
   
 
Maybe the original pseudo code is as follows:
 
Maybe the original pseudo code is as follows:

Revision as of 21:18, 2 August 2008

What is more important, is the code before 1800587C.

Compilers translate actions like

if (condition is good)
then

into conditional jumps. What you can see with the MOV and REG is most probably the result of a failed condition (-1) (or failed function result). Afterwards it depends on the compiler, how it further treats the result.

Maybe the original pseudo code is as follows:

sig_check_result = do_check(important args);
...
if (sig_check_result == 0)
    everything goes fine ...
...
a.s.o

So the question is, why it goes to the branch where R0 is set to -1 (patch 0) and what conditional branches lead to this code position? And the even more important question is, what is the underlying pseudo code?